Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/lJYoeJpUjyLAh-U0jgXP7QKIeU4.roa
File: lJYoeJpUjyLAh-U0jgXP7QKIeU4.roa (raw, json)
Hash identifier: e8HMbm4K6WYrDDBvwNN218WgfLu0K2vXEa/BGtGhR0w=
Subject key identifier: 94:96:28:78:9A:54:8F:22:C0:87:E5:34:8E:05:CF:ED:02:88:79:4E
Certificate issuer: /CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Certificate serial: 018CC5012D90929123B369BFB5ECFB5714B5
Authority key identifier: 5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/lJYoeJpUjyLAh-U0jgXP7QKIeU4.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.173.8.0/22 maxlen: 24
5.133.40.0/21 maxlen: 24
2a04:ed00::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Oct 2024 09:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2d:90:92:91:23:b3:69:bf:b5:ec:fb:57:14:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=949628789a548f22c087e5348e05cfed0288794e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5e:5f:d3:60:3e:09:72:09:dd:8a:f7:fe:17:
0c:64:56:0e:f2:a8:0c:74:a3:2f:ef:c7:2d:77:7b:
74:09:e7:69:bc:74:2d:64:37:93:8b:52:f8:7d:18:
98:38:bd:14:26:86:19:b5:80:5a:17:53:d6:64:21:
9d:b1:1a:0c:ac:2e:69:ca:42:ff:85:39:76:d9:ec:
ca:3b:d3:c1:6b:ed:05:c2:f2:4e:eb:3e:ac:8f:5a:
46:3a:d5:a7:22:66:db:94:fe:67:5f:9a:9b:82:93:
19:02:b6:da:b5:30:6d:ba:cd:04:d0:e1:f7:bc:dd:
47:8e:18:67:91:66:6c:46:6d:74:84:6b:2c:4e:e3:
80:32:e9:41:6c:35:71:9a:2b:a3:18:79:d0:86:6b:
83:ef:f1:1a:27:a1:24:b0:a0:d0:1a:bc:2b:15:51:
4a:8a:cf:5e:ef:c6:2d:d9:99:67:34:aa:59:2c:ee:
b9:74:41:67:bd:04:24:b5:95:08:8d:4c:cf:f1:c7:
98:6d:90:4f:ce:0d:2e:a5:0a:d7:ad:5d:63:2e:6a:
7a:c7:9c:8f:93:05:06:52:c0:2f:17:1d:f2:b5:85:
d5:35:e8:11:21:29:11:82:87:ed:72:3d:cd:11:57:
82:4c:a0:f3:04:b5:33:7c:38:57:1e:b0:26:b0:02:
42:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:96:28:78:9A:54:8F:22:C0:87:E5:34:8E:05:CF:ED:02:88:79:4E
X509v3 Authority Key Identifier:
keyid:5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/lJYoeJpUjyLAh-U0jgXP7QKIeU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.40.0/21
185.173.8.0/22
IPv6:
2a04:ed00::/29
Signature Algorithm: sha256WithRSAEncryption
88:5a:14:4f:31:a8:e0:cf:f6:16:de:7c:18:7a:50:06:56:25:
b8:6e:27:e3:43:c3:29:0d:97:7e:b1:e3:1e:a8:da:f2:fa:c7:
cb:4a:a8:18:7f:3c:23:4a:25:db:8f:3d:ab:d2:71:3c:c4:14:
23:23:d6:fa:85:70:09:0a:e9:28:59:f3:fe:a1:d8:5a:47:83:
a1:ac:55:40:8e:91:30:09:58:6a:70:be:2d:fc:70:a8:60:2b:
69:60:3a:f5:d4:60:84:24:d9:5d:2b:db:83:29:f4:ee:cb:a5:
4b:db:cb:22:cb:0f:0b:7a:26:68:3c:32:0e:99:11:31:31:70:
1c:21:a5:39:b9:e6:89:e5:a4:58:8a:be:4c:d7:94:07:77:8d:
9e:78:c0:33:63:34:3f:dc:ee:1f:0b:64:19:67:a1:24:d2:75:
98:7a:26:93:c6:f1:4a:d3:29:be:89:61:5d:f9:e5:ad:36:6c:
8f:67:23:db:92:1f:47:ae:88:13:ca:7e:dd:01:c1:d2:50:e6:
b8:97:8f:50:24:07:09:00:6e:29:82:13:59:b8:48:00:ee:41:
e7:62:0c:91:7a:ee:32:2a:38:12:ed:9b:94:09:6f:ad:5b:34:
83:90:17:63:e9:b2:22:a3:42:54:80:7a:33:91:de:ff:10:a3:
b4:fc:e6:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAS2QkpEjs2m/tez7VxS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNTdjOGY4ZDllZTVlMmNlNzA0M2UxZWMyNmJiMTY5M2Y3
ZjEyMWYwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk2Mjg3ODlhNTQ4ZjIyYzA4N2U1MzQ4ZTA1Y2ZlZDAyODg3OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4l5f02A+CXIJ3Yr3/hcMZFYO8qgM
dKMv78ctd3t0CedpvHQtZDeTi1L4fRiYOL0UJoYZtYBaF1PWZCGdsRoMrC5pykL/
hTl22ezKO9PBa+0FwvJO6z6sj1pGOtWnImbblP5nX5qbgpMZArbatTBtus0E0OH3
vN1HjhhnkWZsRm10hGssTuOAMulBbDVxmiujGHnQhmuD7/EaJ6EksKDQGrwrFVFK
is9e78Yt2ZlnNKpZLO65dEFnvQQktZUIjUzP8ceYbZBPzg0upQrXrV1jLmp6x5yP
kwUGUsAvFx3ytYXVNegRISkRgoftcj3NEVeCTKDzBLUzfDhXHrAmsAJCFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJSWKHiaVI8iwIflNI4Fz+0CiHlOMB8GA1UdIwQY
MBaAFFxXyPjZ7l4s5wQ+HsJrsWk/fxIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQt
MWY2YjJkMTRmNGY5LzEvbEpZb2VKcFVqeUxBaC1VMGpnWFA3UUtJZVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQtMWY2YjJkMTRmNGY5
LzEvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBYUoAwQC
ua0IMA0EAgACMAcDBQMqBO0AMA0GCSqGSIb3DQEBCwUAA4IBAQCIWhRPMajgz/YW
3nwYelAGViW4bifjQ8MpDZd+seMeqNry+sfLSqgYfzwjSiXbjz2r0nE8xBQjI9b6
hXAJCukoWfP+odhaR4OhrFVAjpEwCVhqcL4t/HCoYCtpYDr11GCEJNldK9uDKfTu
y6VL28siyw8LeiZoPDIOmRExMXAcIaU5ueaJ5aRYir5M15QHd42eeMAzYzQ/3O4f
C2QZZ6Ek0nWYeiaTxvFK0ym+iWFd+eWtNmyPZyPbkh9HrogTyn7dAcHSUOa4l49Q
JAcJAG4pghNZuEgA7kHnYgyReu4yKjgS7ZuUCW+tWzSDkBdj6bIio0JUgHozkd7/
EKO0/OYF
-----END CERTIFICATE-----
Generated at Thu Oct 10 12:45:07 2024 by rpki-client on console-fra.rpki-client.org