Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/cC6lxdM34yBgiy1wDXyo_GeHLBg.roa
File: cC6lxdM34yBgiy1wDXyo_GeHLBg.roa (raw, json)
Hash identifier: LLHEUIQiOm/RhZ0OAlRQSdFeZzFTomr2PnD89SQ8xIo=
Subject key identifier: 70:2E:A5:C5:D3:37:E3:20:60:8B:2D:70:0D:7C:A8:FC:67:87:2C:18
Certificate issuer: /CN=499f03e48ed62a96840eb2f2d79c3ec21a27f1ce
Certificate serial: 018573717EB18E1F17CB76C8C7D41B52C1BA
Authority key identifier: 49:9F:03:E4:8E:D6:2A:96:84:0E:B2:F2:D7:9C:3E:C2:1A:27:F1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/cC6lxdM34yBgiy1wDXyo_GeHLBg.roa
Signing time: Mon 02 Jan 2023 17:04:55 +0000
ROA not before: Mon 02 Jan 2023 17:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15930
IP address blocks: 185.24.180.0/22 maxlen: 22
185.24.180.0/24 maxlen: 24
89.18.128.0/21 maxlen: 21
89.18.128.0/19 maxlen: 19
89.18.136.0/21 maxlen: 21
89.18.143.0/24 maxlen: 24
89.18.144.0/21 maxlen: 21
89.18.152.0/21 maxlen: 21
89.18.159.0/24 maxlen: 24
89.18.156.0/24 maxlen: 24
2a00:65a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:7e:b1:8e:1f:17:cb:76:c8:c7:d4:1b:52:c1:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=499f03e48ed62a96840eb2f2d79c3ec21a27f1ce
Validity
Not Before: Jan 2 17:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=702ea5c5d337e320608b2d700d7ca8fc67872c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ea:e1:52:86:b0:84:f4:83:20:00:43:52:cf:
9d:ee:de:92:70:f2:3b:1f:04:57:da:60:44:89:7b:
52:ae:d1:08:f0:66:e6:e8:50:fd:1b:aa:38:5b:2e:
a7:ea:88:b5:05:88:23:ed:4d:2e:43:38:fd:a5:3d:
26:02:39:12:d1:cb:fd:b0:3b:3b:b7:26:0b:da:0c:
57:2a:38:90:f8:c4:4c:c9:af:29:a7:8f:18:02:27:
69:c0:7d:f5:f3:15:fb:9c:26:37:8d:a5:9e:fe:f5:
89:d1:fa:eb:13:c5:5c:54:2d:40:fe:57:c0:09:12:
a1:88:02:43:05:97:b8:cb:2f:1a:2c:a4:71:04:d9:
bf:d2:59:c7:01:6c:84:75:c1:a8:75:8b:11:95:05:
70:5d:7c:43:80:16:cc:44:44:25:f4:39:8c:f1:aa:
f9:8d:8d:96:a3:b2:6d:8c:7e:ee:ae:cc:ff:a0:bb:
65:53:8b:b9:dc:49:e1:70:a2:04:04:f3:85:ac:95:
ba:12:e7:67:f6:82:69:fb:04:ec:18:7a:85:bf:55:
69:89:3d:f1:d1:46:a8:6d:1c:0f:18:17:0f:2b:b0:
e8:a9:ec:c4:48:37:48:c6:cf:fc:90:e5:76:9c:3d:
84:6c:ba:27:79:6b:f0:e1:33:b1:e3:20:7f:f3:be:
4d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2E:A5:C5:D3:37:E3:20:60:8B:2D:70:0D:7C:A8:FC:67:87:2C:18
X509v3 Authority Key Identifier:
keyid:49:9F:03:E4:8E:D6:2A:96:84:0E:B2:F2:D7:9C:3E:C2:1A:27:F1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/cC6lxdM34yBgiy1wDXyo_GeHLBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/SZ8D5I7WKpaEDrLy15w-whon8c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.128.0/19
185.24.180.0/22
IPv6:
2a00:65a0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:86:17:ae:88:ef:c1:e5:d9:d9:fe:b5:2a:75:7d:57:bc:43:
f8:b2:20:13:d3:81:e1:e4:33:95:9c:88:c1:dc:5b:fb:e6:c4:
2a:e6:ad:f2:f5:57:8e:95:5f:f6:16:8e:aa:b0:fe:73:16:50:
9b:ae:a9:95:b5:cc:ad:39:a8:d4:77:cf:0c:7f:e2:a1:66:50:
f5:ab:7f:8b:b6:42:f8:36:a8:bf:40:ff:a7:bf:99:28:1d:1b:
59:e1:26:0b:78:eb:4c:25:73:2f:52:74:3c:31:d8:ba:c2:c9:
a9:78:90:71:81:a3:43:3b:4b:c9:0c:67:95:d6:ac:36:98:2e:
f4:00:0d:a5:7e:0d:fa:14:d0:08:b4:f1:b2:e3:70:0d:4c:29:
9f:ba:51:49:d3:e2:de:0c:0d:6a:e8:b8:60:0c:6b:d3:80:f2:
a1:ab:04:0f:c2:e8:5d:2b:c0:1c:35:95:87:5f:a5:3d:28:e8:
1f:d0:0d:3f:e8:9a:c1:f5:e0:cc:56:7b:8a:c3:03:f2:df:62:
7e:23:64:d1:c7:b8:8e:e7:b0:68:1e:28:27:35:5b:ad:6f:65:
a9:bf:fd:1c:ec:d4:55:6c:3a:fa:58:5b:a4:27:6c:10:23:f0:
9e:2e:93:fb:1f:9e:f6:63:46:9d:db:dd:be:71:5d:99:ae:d4:
73:a7:8e:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzcX6xjh8Xy3bIx9QbUsG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OWYwM2U0OGVkNjJhOTY4NDBlYjJmMmQ3OWMzZWMyMWEy
N2YxY2UwHhcNMjMwMTAyMTcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDJlYTVjNWQzMzdlMzIwNjA4YjJkNzAwZDdjYThmYzY3ODcyYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArerhUoawhPSDIABDUs+d7t6ScPI7
HwRX2mBEiXtSrtEI8Gbm6FD9G6o4Wy6n6oi1BYgj7U0uQzj9pT0mAjkS0cv9sDs7
tyYL2gxXKjiQ+MRMya8pp48YAidpwH318xX7nCY3jaWe/vWJ0frrE8VcVC1A/lfA
CRKhiAJDBZe4yy8aLKRxBNm/0lnHAWyEdcGodYsRlQVwXXxDgBbMREQl9DmM8ar5
jY2Wo7JtjH7ursz/oLtlU4u53EnhcKIEBPOFrJW6Eudn9oJp+wTsGHqFv1VpiT3x
0UaobRwPGBcPK7DoqezESDdIxs/8kOV2nD2EbLoneWvw4TOx4yB/875N0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHAupcXTN+MgYIstcA18qPxnhywYMB8GA1UdIwQY
MBaAFEmfA+SO1iqWhA6y8tecPsIaJ/HOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1o4RDVJN1dLcGFFRHJMeTE1dy13aG9uOGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9hYzA5NTAtMjI3My00ZWUxLWE4MzAt
NDIyZTZkM2ZlOTNlLzEvY0M2bHhkTTM0eUJnaXkxd0RYeW9fR2VITEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9hYzA5NTAtMjI3My00ZWUxLWE4MzAtNDIyZTZkM2ZlOTNl
LzEvU1o4RDVJN1dLcGFFRHJMeTE1dy13aG9uOGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWRKAAwQC
uRi0MA0EAgACMAcDBQAqAGWgMA0GCSqGSIb3DQEBCwUAA4IBAQC9hheuiO/B5dnZ
/rUqdX1XvEP4siAT04Hh5DOVnIjB3Fv75sQq5q3y9VeOlV/2Fo6qsP5zFlCbrqmV
tcytOajUd88Mf+KhZlD1q3+LtkL4Nqi/QP+nv5koHRtZ4SYLeOtMJXMvUnQ8Mdi6
wsmpeJBxgaNDO0vJDGeV1qw2mC70AA2lfg36FNAItPGy43ANTCmfulFJ0+LeDA1q
6LhgDGvTgPKhqwQPwuhdK8AcNZWHX6U9KOgf0A0/6JrB9eDMVnuKwwPy32J+I2TR
x7iO57BoHignNVutb2Wpv/0c7NRVbDr6WFukJ2wQI/CeLpP7H572Y0ad292+cV2Z
rtRzp46s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:03 2024 by rpki-client on console-fra.rpki-client.org