Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/FD-sLHmcdGOhmwAKpoRNWsXekwg.roa
File: FD-sLHmcdGOhmwAKpoRNWsXekwg.roa (raw, json)
Hash identifier: OvwsYxV8kobbuK5Ep0eh78ZrrocBOaCw7/o9dZr07/o=
Subject key identifier: 14:3F:AC:2C:79:9C:74:63:A1:9B:00:0A:A6:84:4D:5A:C5:DE:93:08
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 018E5648086C0EE3E9C259D6ADB396072C98
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/FD-sLHmcdGOhmwAKpoRNWsXekwg.roa
Signing time: Tue 19 Mar 2024 10:35:45 +0000
ROA not before: Tue 19 Mar 2024 10:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3188
IP address blocks: 5.2.80.0/24 maxlen: 24
5.2.81.0/24 maxlen: 24
5.2.82.0/24 maxlen: 24
5.2.83.0/24 maxlen: 24
5.2.84.0/24 maxlen: 24
5.2.85.0/24 maxlen: 24
5.2.86.0/24 maxlen: 24
5.2.87.0/24 maxlen: 24
185.8.32.0/24 maxlen: 24
185.8.33.0/24 maxlen: 24
185.8.34.0/24 maxlen: 24
185.8.35.0/24 maxlen: 24
185.8.128.0/24 maxlen: 24
185.8.129.0/24 maxlen: 24
185.8.130.0/24 maxlen: 24
185.8.131.0/24 maxlen: 24
185.150.128.0/24 maxlen: 24
185.150.129.0/24 maxlen: 24
185.150.131.0/24 maxlen: 24
2a02:d9c0::/29 maxlen: 29
2a04:b600::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 30 May 2024 12:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:48:08:6c:0e:e3:e9:c2:59:d6:ad:b3:96:07:2c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: Mar 19 10:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=143fac2c799c7463a19b000aa6844d5ac5de9308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:90:c2:46:8a:22:99:db:b9:8d:59:5d:df:
27:a1:d0:9e:c9:0a:c2:3d:02:5b:54:19:92:86:e5:
3a:19:7e:90:ba:fe:92:90:ca:31:57:24:f2:a3:47:
23:21:76:a0:72:da:91:ce:33:e5:9f:ef:f4:52:8e:
2f:c7:e8:58:6e:e2:1b:16:ec:da:c1:bb:97:2e:ce:
03:0c:97:24:7b:24:35:19:bf:58:3a:3d:33:8a:7e:
8f:c7:a4:c6:16:30:df:8e:6d:66:81:17:14:e8:40:
88:59:ec:cf:fb:99:9f:45:c2:00:34:db:d2:f0:9b:
42:ec:07:98:0e:be:56:78:47:ec:c4:ae:76:ed:92:
43:d8:e0:50:4c:65:e5:ff:62:c7:82:50:7f:bb:ca:
d2:fa:04:7a:ef:f4:d1:79:8f:ea:28:78:26:96:53:
fd:90:bb:4c:c5:54:d0:ee:b4:de:94:47:d5:26:14:
99:77:e6:6f:69:dc:51:19:7a:4c:b6:87:2a:9a:54:
d7:84:52:63:c9:06:44:b0:b0:9c:b8:c9:98:46:41:
06:af:87:2d:7a:e8:69:0e:2d:6a:00:9d:a0:40:65:
25:54:ec:38:2b:7e:f6:37:1d:44:24:8d:1a:cd:fe:
bb:a4:d2:cb:5a:82:cc:7b:a2:c4:f5:6c:02:2b:90:
a4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3F:AC:2C:79:9C:74:63:A1:9B:00:0A:A6:84:4D:5A:C5:DE:93:08
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/FD-sLHmcdGOhmwAKpoRNWsXekwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.80.0/21
185.8.32.0/22
185.8.128.0/22
185.150.128.0/23
185.150.131.0/24
IPv6:
2a02:d9c0::/29
2a04:b600::/29
Signature Algorithm: sha256WithRSAEncryption
49:2d:1b:19:87:ea:01:db:12:8c:7c:ea:6a:19:60:bf:46:08:
7e:50:e2:43:b7:cb:48:4b:12:2b:70:2e:76:60:9f:4f:1c:7c:
85:b7:37:e2:33:0b:c7:5b:27:75:c8:4a:79:06:6f:30:84:46:
1b:0e:15:5f:44:7f:56:f8:44:24:ae:2e:2d:8a:cc:a7:66:bf:
9d:66:97:02:39:63:76:f6:e8:37:70:b2:0e:20:83:36:b5:6f:
45:d3:0c:2a:b4:ee:22:a1:71:ab:52:92:e9:1e:41:bf:1e:a6:
b5:1e:97:ca:6d:34:d9:18:4f:c8:e3:52:85:b6:b8:5a:6d:10:
c0:1a:a0:01:53:22:e5:86:f6:be:37:2d:f9:bf:ec:6e:11:d7:
af:64:ef:0f:42:d1:8d:30:39:3e:1f:97:ed:5b:37:0f:74:6f:
f0:b8:78:f3:43:c4:30:e9:ce:9e:00:cd:6e:8a:12:8b:ae:f5:
15:77:ec:b1:66:11:4e:e7:e4:26:59:f9:ed:5b:fa:a4:fe:f2:
f1:03:83:a3:09:35:7b:62:be:1d:21:28:d3:b0:98:f0:83:d9:
db:e9:26:53:ac:1f:f1:a3:0b:5f:6f:0c:e5:5e:9a:83:51:bb:
15:ae:cb:06:82:11:ad:93:f6:d0:80:2b:06:6e:f6:d7:b4:03:
98:4d:d4:67
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY5WSAhsDuPpwlnWrbOWByyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjQwMzE5MTAzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNmYWMyYzc5OWM3NDYzYTE5YjAwMGFhNjg0NGQ1YWM1ZGU5MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwCQwkaKIpnbuY1ZXd8nodCeyQrC
PQJbVBmShuU6GX6Quv6SkMoxVyTyo0cjIXagctqRzjPln+/0Uo4vx+hYbuIbFuza
wbuXLs4DDJckeyQ1Gb9YOj0zin6Px6TGFjDfjm1mgRcU6ECIWezP+5mfRcIANNvS
8JtC7AeYDr5WeEfsxK527ZJD2OBQTGXl/2LHglB/u8rS+gR67/TReY/qKHgmllP9
kLtMxVTQ7rTelEfVJhSZd+ZvadxRGXpMtocqmlTXhFJjyQZEsLCcuMmYRkEGr4ct
euhpDi1qAJ2gQGUlVOw4K372Nx1EJI0azf67pNLLWoLMe6LE9WwCK5CkAQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBQ/rCx5nHRjoZsACqaETVrF3pMIMB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEvRkQtc0xIbWNkR09obXdBS3BvUk5Xc1hla3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDBQJQAwQC
uQggAwQCuQiAAwQBuZaAAwQAuZaDMBQEAgACMA4DBQMqAtnAAwUDKgS2ADANBgkq
hkiG9w0BAQsFAAOCAQEASS0bGYfqAdsSjHzqahlgv0YIflDiQ7fLSEsSK3AudmCf
Txx8hbc34jMLx1sndchKeQZvMIRGGw4VX0R/VvhEJK4uLYrMp2a/nWaXAjljdvbo
N3CyDiCDNrVvRdMMKrTuIqFxq1KS6R5Bvx6mtR6Xym002RhPyONShba4Wm0QwBqg
AVMi5Yb2vjct+b/sbhHXr2TvD0LRjTA5Ph+X7Vs3D3Rv8Lh480PEMOnOngDNbooS
i671FXfssWYRTufkJln57Vv6pP7y8QODowk1e2K+HSEo07CY8IPZ2+kmU6wf8aML
X28M5V6ag1G7Fa7LBoIRrZP20IArBm7217QDmE3UZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:58 2024 by rpki-client on console-ams.rpki-client.org