Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/1Le31yG9p5H-cBkmbrDNmWBSkWc.roa
File: 1Le31yG9p5H-cBkmbrDNmWBSkWc.roa (raw, json)
Hash identifier: k8NSZyfVH/wgyqwvv46nPTn0e6XsIgzpwXXbBkqKMyY=
Subject key identifier: D4:B7:B7:D7:21:BD:A7:91:FE:70:19:26:6E:B0:CD:99:60:52:91:67
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 0191FFD6BC9C0CAE4E5331E007EC0A79548C
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/1Le31yG9p5H-cBkmbrDNmWBSkWc.roa
Signing time: Tue 17 Sep 2024 11:55:48 +0000
ROA not before: Tue 17 Sep 2024 11:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
93.174.0.0/21 maxlen: 24
185.15.76.0/22 maxlen: 22
185.80.4.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 18 Sep 2024 12:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:d6:bc:9c:0c:ae:4e:53:31:e0:07:ec:0a:79:54:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Sep 17 11:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4b7b7d721bda791fe7019266eb0cd9960529167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7a:6d:67:83:2d:68:20:d7:e2:cc:0b:5b:45:
b8:44:6e:02:b0:08:7b:37:dc:fd:d5:1a:c2:a4:d9:
ca:3f:ce:f6:1e:77:32:1c:0f:ff:b8:78:1b:32:6b:
8c:cd:8c:c2:b7:95:ca:f7:af:8f:cc:12:46:fe:80:
5d:40:15:e7:14:5a:9f:b7:3b:4c:c7:9a:56:67:a6:
bd:04:86:7f:ed:a7:3d:0a:d8:59:63:9f:a5:b9:26:
73:a0:4d:b6:aa:49:aa:23:d1:09:b7:36:78:90:22:
75:0a:16:96:2f:54:fa:0a:34:88:87:b9:22:88:57:
40:ad:98:d9:0d:7c:6f:54:ce:1a:c7:b6:28:22:2a:
45:a1:36:0f:73:7a:90:e6:e3:13:ef:d8:10:dc:e8:
7d:58:e7:21:4a:34:db:b6:28:4a:c1:46:c9:80:8a:
71:0a:05:67:7c:69:d2:14:d2:ce:94:79:9e:9a:0f:
a8:8b:fe:db:64:01:ad:f4:e4:fb:f6:ba:9c:76:0e:
9f:c3:49:1d:ad:b3:af:1e:ba:f7:d0:b5:03:d9:b5:
95:4c:74:91:4a:cf:41:ee:17:15:4d:0d:08:84:e5:
01:50:fa:16:28:59:76:b0:b3:fc:61:e4:e4:5e:ac:
7d:b9:8c:b7:b9:1c:17:b1:19:f6:d2:db:95:f3:33:
fe:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B7:B7:D7:21:BD:A7:91:FE:70:19:26:6E:B0:CD:99:60:52:91:67
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/1Le31yG9p5H-cBkmbrDNmWBSkWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
8e:ad:50:7b:e8:92:de:fa:c1:16:e4:3f:85:73:78:96:eb:c0:
82:3a:ba:c0:79:73:5f:76:d3:b1:30:41:ad:e9:00:43:71:2d:
f6:57:71:15:82:0e:17:85:d5:2d:ea:3e:d4:29:df:a9:a6:33:
a1:b7:8a:a4:16:7c:45:1f:91:a3:a6:eb:e4:1d:fa:ed:21:7f:
c4:c9:d9:e9:99:1a:a7:46:ac:18:b5:15:05:a9:d3:72:2d:f2:
cc:8f:e2:9d:2a:51:66:c8:55:45:54:cb:3d:13:8a:ae:17:03:
23:b5:6e:15:e3:c3:c5:f7:62:c1:cd:4c:2a:61:e7:88:aa:8b:
9f:5d:3f:88:1b:25:74:f2:81:52:d7:96:30:b7:f1:a8:12:22:
fa:b8:42:c6:f6:0a:61:6e:77:0f:f3:1a:51:c6:5b:68:2a:04:
f8:32:49:18:26:bb:31:73:98:d2:54:43:a7:3d:99:7d:c2:66:
77:59:fe:28:cd:47:9b:55:61:61:3b:c3:48:6a:91:8d:f5:e3:
9c:d9:8c:a1:c8:f6:e6:94:5b:42:1b:7d:53:f2:90:84:77:c9:
b0:35:92:08:28:10:75:af:a8:8c:f0:8a:0d:db:7c:9a:89:03:
cb:05:a2:9e:ff:0e:76:34:50:df:a8:40:da:f6:f9:86:39:2f:
b1:df:33:b2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZH/1rycDK5OUzHgB+wKeVSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQwOTE3MTE1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI3YjdkNzIxYmRhNzkxZmU3MDE5MjY2ZWIwY2Q5OTYwNTI5MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23ptZ4MtaCDX4swLW0W4RG4CsAh7
N9z91RrCpNnKP872HncyHA//uHgbMmuMzYzCt5XK96+PzBJG/oBdQBXnFFqftztM
x5pWZ6a9BIZ/7ac9CthZY5+luSZzoE22qkmqI9EJtzZ4kCJ1ChaWL1T6CjSIh7ki
iFdArZjZDXxvVM4ax7YoIipFoTYPc3qQ5uMT79gQ3Oh9WOchSjTbtihKwUbJgIpx
CgVnfGnSFNLOlHmemg+oi/7bZAGt9OT79rqcdg6fw0kdrbOvHrr30LUD2bWVTHSR
Ss9B7hcVTQ0IhOUBUPoWKFl2sLP8YeTkXqx9uYy3uRwXsRn20tuV8zP+HQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNS3t9chvaeR/nAZJm6wzZlgUpFnMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvMUxlMzF5RzlwNUgtY0JrbWJyRE5tV0JTa1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQCOrVB76JLe+sEW5D+Fc3iW68CCOrrAeXNfdtOxMEGt6QBDcS32V3EVgg4XhdUt
6j7UKd+ppjOht4qkFnxFH5GjpuvkHfrtIX/EydnpmRqnRqwYtRUFqdNyLfLMj+Kd
KlFmyFVFVMs9E4quFwMjtW4V48PF92LBzUwqYeeIqoufXT+IGyV08oFS15Ywt/Go
EiL6uELG9gphbncP8xpRxltoKgT4MkkYJrsxc5jSVEOnPZl9wmZ3Wf4ozUebVWFh
O8NIapGN9eOc2YyhyPbmlFtCG31T8pCEd8mwNZIIKBB1r6iM8IoN23yaiQPLBaKe
/w52NFDfqEDa9vmGOS+x3zOy
-----END CERTIFICATE-----
Generated at Wed Sep 18 15:59:08 2024 by rpki-client on console-fra.rpki-client.org