Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/o1lbBm3MaAnjkJylHKN7zphaRj4.roa
File: o1lbBm3MaAnjkJylHKN7zphaRj4.roa (raw, json)
Hash identifier: JljTw9UpaXA1kZQaAWpW16yC2WS7JMpxpQpB0cxBQtI=
Subject key identifier: A3:59:5B:06:6D:CC:68:09:E3:90:9C:A5:1C:A3:7B:CE:98:5A:46:3E
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018A8492D651BC47815DA9FE3375ACBA1D85
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/o1lbBm3MaAnjkJylHKN7zphaRj4.roa
Signing time: Mon 11 Sep 2023 14:08:50 +0000
ROA not before: Mon 11 Sep 2023 14:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28753
IP address blocks: 185.172.130.0/24 maxlen: 24
185.172.131.0/24 maxlen: 24
185.94.166.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
45.138.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:92:d6:51:bc:47:81:5d:a9:fe:33:75:ac:ba:1d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 11 14:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3595b066dcc6809e3909ca51ca37bce985a463e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:69:c3:df:32:3e:80:c4:5a:02:ed:bc:9d:b1:
d3:18:f8:99:0e:1b:3e:28:ab:4b:71:4f:5d:07:70:
ac:e3:c4:2e:dc:e2:21:2d:6b:35:d4:d6:08:80:59:
19:5a:6b:f8:15:bd:28:7e:75:3a:40:8b:48:74:14:
f4:a9:1a:5b:b5:f4:a8:57:a0:ea:98:ef:74:6f:d8:
7d:b9:0e:82:e6:31:d5:a4:33:99:24:53:b8:f3:dd:
85:38:2e:3b:01:cd:71:51:59:bd:6a:29:14:89:b5:
0d:94:4c:83:5c:c3:56:32:d2:31:f2:10:19:13:0b:
df:a0:be:82:22:96:92:f1:f2:a0:24:eb:96:e0:b3:
4a:60:65:de:6e:e2:63:cf:6c:9b:b1:cc:e5:4e:63:
a9:5c:4a:1f:7e:5a:b2:4f:90:7d:6c:fc:b1:d4:f7:
5f:bb:9c:47:d3:b4:47:27:4b:5d:08:75:58:ee:77:
4e:5b:bb:01:41:05:e3:87:c6:97:28:98:e6:d2:90:
13:9d:ff:0f:bc:3e:e0:cb:47:e2:50:18:36:4c:41:
3b:78:82:65:f9:d8:ce:c8:b9:13:80:37:d8:f5:37:
65:9f:76:62:96:c3:6d:d8:5d:3f:de:ad:ae:a6:5e:
64:bb:58:b0:6c:12:ab:d9:76:82:89:f2:21:3f:3c:
09:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:59:5B:06:6D:CC:68:09:E3:90:9C:A5:1C:A3:7B:CE:98:5A:46:3E
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/o1lbBm3MaAnjkJylHKN7zphaRj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.72.0/24
185.94.166.0/24
185.125.51.0/24
185.172.130.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:81:5d:52:27:bd:10:49:48:d2:07:94:4a:2d:92:47:cc:ae:
ff:e2:e8:d1:66:23:68:99:88:cc:6a:ab:f8:eb:a3:a5:60:e6:
8d:8a:72:ff:92:c4:c7:89:30:8b:f6:ec:a2:38:84:22:21:db:
7c:d5:f1:8a:8a:70:f6:48:79:ab:22:1c:85:ce:44:49:44:55:
ea:e0:bd:55:f0:91:fb:18:67:fd:17:41:1e:eb:16:64:12:35:
4c:fa:f9:27:49:f4:ea:7d:51:f8:35:1f:60:d7:05:8a:d6:da:
a8:25:90:9d:ba:cc:0d:56:1b:c0:c2:16:64:4e:a9:e1:5d:23:
9d:2d:bd:d7:aa:5a:18:45:97:a5:9c:a9:52:b6:b6:29:87:ab:
d7:60:5c:ba:c0:d5:4e:8f:e2:8b:59:13:f4:17:e0:32:0f:bf:
10:1a:b3:a3:d6:99:8d:cf:e4:c6:b9:e1:27:58:37:ce:ae:cb:
a5:6f:39:24:a2:eb:03:d3:78:87:3d:7a:56:48:b9:11:90:04:
bf:53:33:e6:fb:4a:b7:46:f7:f3:ba:23:fb:bf:5f:6d:0f:e5:
f2:d5:7c:ba:ad:b9:d7:aa:ee:85:fd:fe:73:9e:ec:97:9f:05:
8d:4a:5a:1b:fc:22:1a:5e:6c:20:f6:4a:04:44:9b:d3:2e:4f:
87:14:46:24
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYqEktZRvEeBXan+M3Wsuh2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTExMTQwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU5NWIwNjZkY2M2ODA5ZTM5MDljYTUxY2EzN2JjZTk4NWE0NjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmnD3zI+gMRaAu28nbHTGPiZDhs+
KKtLcU9dB3Cs48Qu3OIhLWs11NYIgFkZWmv4Fb0ofnU6QItIdBT0qRpbtfSoV6Dq
mO90b9h9uQ6C5jHVpDOZJFO4892FOC47Ac1xUVm9aikUibUNlEyDXMNWMtIx8hAZ
EwvfoL6CIpaS8fKgJOuW4LNKYGXebuJjz2ybsczlTmOpXEofflqyT5B9bPyx1Pdf
u5xH07RHJ0tdCHVY7ndOW7sBQQXjh8aXKJjm0pATnf8PvD7gy0fiUBg2TEE7eIJl
+djOyLkTgDfY9Tdln3ZilsNt2F0/3q2upl5ku1iwbBKr2XaCifIhPzwJRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKNZWwZtzGgJ45CcpRyje86YWkY+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbzFsYkJtM01hQW5qa0p5bEhLTjd6cGhhUmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYpIAwQA
uV6mAwQAuX0zAwQBuayCMA0GCSqGSIb3DQEBCwUAA4IBAQCugV1SJ70QSUjSB5RK
LZJHzK7/4ujRZiNomYjMaqv466OlYOaNinL/ksTHiTCL9uyiOIQiIdt81fGKinD2
SHmrIhyFzkRJRFXq4L1V8JH7GGf9F0Ee6xZkEjVM+vknSfTqfVH4NR9g1wWK1tqo
JZCduswNVhvAwhZkTqnhXSOdLb3XqloYRZelnKlStrYph6vXYFy6wNVOj+KLWRP0
F+AyD78QGrOj1pmNz+TGueEnWDfOrsulbzkkousD03iHPXpWSLkRkAS/UzPm+0q3
RvfzuiP7v19tD+Xy1Xy6rbnXqu6F/f5znuyXnwWNSlob/CIaXmwg9koERJvTLk+H
FEYk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org