Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/AwN9vZ4uiFJtnTL1TFm_FU3OkTY.roa
File: AwN9vZ4uiFJtnTL1TFm_FU3OkTY.roa (raw, json)
Hash identifier: hp04SKEwi9rgDxKN4wVqzeLQZcsOGGLhHACU9kyDo5s=
Subject key identifier: 03:03:7D:BD:9E:2E:88:52:6D:9D:32:F5:4C:59:BF:15:4D:CE:91:36
Certificate issuer: /CN=e5de0de73e73874bbc66738805d373cab833b7a5
Certificate serial: 01933F2F7B45C072102FB68C204A51DDDE55
Authority key identifier: E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/AwN9vZ4uiFJtnTL1TFm_FU3OkTY.roa
Signing time: Mon 18 Nov 2024 12:11:36 +0000
ROA not before: Mon 18 Nov 2024 12:11:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.137.156.0/24 maxlen: 24
2a10:a100::/48 maxlen: 48
2a10:a100:1::/48 maxlen: 48
2a10:a100:2::/48 maxlen: 48
2a10:a100:3::/48 maxlen: 48
2a10:a100:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3f:2f:7b:45:c0:72:10:2f:b6:8c:20:4a:51:dd:de:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5de0de73e73874bbc66738805d373cab833b7a5
Validity
Not Before: Nov 18 12:11:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03037dbd9e2e88526d9d32f54c59bf154dce9136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:84:bd:84:8c:37:0d:e8:fa:fa:fd:a7:9a:
eb:33:ce:41:ab:43:ab:5e:da:a2:73:59:ca:42:15:
c5:72:1a:5b:84:39:6a:e5:e2:91:28:1b:9f:a1:32:
24:14:58:a2:93:e9:7b:42:57:fa:a3:db:1c:56:95:
d3:14:8f:d8:d8:b2:44:69:0f:ec:a3:69:34:29:79:
04:19:6d:2d:1a:72:fd:e1:e5:ed:11:15:4e:02:aa:
27:90:93:cb:ab:16:50:fb:68:13:9e:57:79:5d:7b:
c9:60:87:ef:18:54:94:38:4f:62:6f:78:39:3b:51:
5c:92:6d:58:a6:d9:b4:7e:54:aa:39:01:a4:6e:a3:
3e:19:73:29:46:c0:18:6c:cd:14:09:12:83:ba:df:
4a:9a:94:0c:d7:26:dd:b1:0e:31:57:de:1b:03:d9:
51:07:07:84:5c:f6:59:de:51:27:a8:ae:bb:be:bc:
82:a2:5a:07:02:11:a4:95:74:62:33:89:ab:1c:21:
27:1b:85:0f:b7:53:8b:80:2d:14:a2:39:e6:df:13:
2f:81:0d:2b:0b:ed:05:e9:a5:2f:7c:4c:42:22:8d:
4c:d1:ee:d3:70:89:a2:62:da:7d:b3:dc:d3:02:8c:
a8:ac:43:bb:e0:b8:4f:6b:6d:2c:a7:d9:1e:ea:88:
6c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:03:7D:BD:9E:2E:88:52:6D:9D:32:F5:4C:59:BF:15:4D:CE:91:36
X509v3 Authority Key Identifier:
keyid:E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/AwN9vZ4uiFJtnTL1TFm_FU3OkTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.156.0/24
IPv6:
2a10:a100::-2a10:a100:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b2:0d:50:eb:91:c4:89:f9:51:57:0e:1b:fa:9b:5c:82:d8:9f:
a3:99:9d:1b:7d:89:f8:82:b5:86:72:33:bc:c3:1d:c1:e2:75:
f9:b4:cb:be:98:ed:94:3d:eb:cb:c9:4a:01:c1:29:bb:fc:44:
db:88:52:28:3b:24:82:d0:77:a6:f6:7d:1b:1b:26:21:39:93:
fb:eb:c9:86:71:14:0c:46:6e:d3:51:b9:24:51:43:53:ae:97:
30:48:d7:0d:74:59:90:a0:42:33:a3:1c:0c:e7:6d:09:a2:b6:
ed:c5:3f:27:c1:31:38:9f:7e:2e:a3:97:ab:ea:84:33:50:84:
53:47:52:bb:e6:70:bf:e0:e3:9d:3a:36:fc:4c:34:88:cc:cf:
60:1d:de:01:4d:f3:47:d4:26:1f:61:c4:09:4a:88:45:12:54:
db:47:80:e5:b7:5a:0c:f7:01:1b:cf:36:f3:85:59:5c:c7:84:
18:50:57:68:0c:94:f7:20:0a:1c:ef:23:d9:dd:a8:e6:3b:89:
d7:4e:c9:85:39:a5:74:38:ee:46:da:86:b5:bd:1e:4e:03:65:
bf:d2:3f:5e:57:74:cb:22:12:7e:46:ca:d3:12:b2:51:67:c2:
9a:23:71:4e:f8:03:09:01:e9:4e:6a:ca:fb:f0:79:81:84:8a:
42:36:d9:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZM/L3tFwHIQL7aMIEpR3d5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZGUwZGU3M2U3Mzg3NGJiYzY2NzM4ODA1ZDM3M2NhYjgz
M2I3YTUwHhcNMjQxMTE4MTIxMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzAzN2RiZDllMmU4ODUyNmQ5ZDMyZjU0YzU5YmYxNTRkY2U5MTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/WEvYSMNw3o+vr9p5rrM85Bq0Or
Xtqic1nKQhXFchpbhDlq5eKRKBufoTIkFFiik+l7Qlf6o9scVpXTFI/Y2LJEaQ/s
o2k0KXkEGW0tGnL94eXtERVOAqonkJPLqxZQ+2gTnld5XXvJYIfvGFSUOE9ib3g5
O1Fckm1Yptm0flSqOQGkbqM+GXMpRsAYbM0UCRKDut9KmpQM1ybdsQ4xV94bA9lR
BweEXPZZ3lEnqK67vryColoHAhGklXRiM4mrHCEnG4UPt1OLgC0Uojnm3xMvgQ0r
C+0F6aUvfExCIo1M0e7TcImiYtp9s9zTAoyorEO74LhPa20sp9ke6ohsWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMDfb2eLohSbZ0y9UxZvxVNzpE2MB8GA1UdIwQY
MBaAFOXeDec+c4dLvGZziAXTc8q4M7elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMt
MTA1MzRjNjdiYmI4LzEvQXdOOXZaNHVpRkp0blRMMVRGbV9GVTNPa1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMtMTA1MzRjNjdiYmI4
LzEvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAuYmcMBcE
AgACMBEwDwMEACoQoQMHACoQoQAABDANBgkqhkiG9w0BAQsFAAOCAQEAsg1Q65HE
iflRVw4b+ptcgtifo5mdG32J+IK1hnIzvMMdweJ1+bTLvpjtlD3ry8lKAcEpu/xE
24hSKDskgtB3pvZ9GxsmITmT++vJhnEUDEZu01G5JFFDU66XMEjXDXRZkKBCM6Mc
DOdtCaK27cU/J8ExOJ9+LqOXq+qEM1CEU0dSu+Zwv+DjnTo2/Ew0iMzPYB3eAU3z
R9QmH2HECUqIRRJU20eA5bdaDPcBG88284VZXMeEGFBXaAyU9yAKHO8j2d2o5juJ
107JhTmldDjuRtqGtb0eTgNlv9I/Xld0yyISfkbK0xKyUWfCmiNxTvgDCQHpTmrK
+/B5gYSKQjbZug==
-----END CERTIFICATE-----
Generated at Tue Nov 19 15:05:54 2024 by rpki-client on console-fra.rpki-client.org