Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/g5Z7-3kDhboRX_LUZaYD1KOpLuA.roa
File: g5Z7-3kDhboRX_LUZaYD1KOpLuA.roa (raw, json)
Hash identifier: UwYa5KefavEY/c8PprkroaKCVVTKWSCyKEwsnWSDRK0=
Subject key identifier: 83:96:7B:FB:79:03:85:BA:11:5F:F2:D4:65:A6:03:D4:A3:A9:2E:E0
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019350CA37ED028113501E0C453B3D8D41DA
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/g5Z7-3kDhboRX_LUZaYD1KOpLuA.roa
Signing time: Thu 21 Nov 2024 22:14:09 +0000
ROA not before: Thu 21 Nov 2024 22:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 185.236.9.0/24 maxlen: 24
193.38.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 16:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:ca:37:ed:02:81:13:50:1e:0c:45:3b:3d:8d:41:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Nov 21 22:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83967bfb790385ba115ff2d465a603d4a3a92ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:37:9d:6f:92:0b:40:46:46:36:e9:a6:4c:87:
5a:65:22:03:29:d7:db:a7:62:ee:88:11:52:e7:60:
59:ea:84:1b:dd:bf:fd:17:df:7f:31:df:35:3e:65:
63:95:b3:22:1d:ba:cb:4f:00:39:ea:fa:fe:17:10:
bc:4b:6a:3e:3b:62:e7:b2:93:ae:10:ce:d4:f8:de:
64:e1:14:e0:25:18:bf:cd:5c:36:69:c3:6c:2e:ec:
c2:55:8f:ff:f2:93:7c:60:bb:70:02:b2:35:4a:ae:
24:f9:f1:db:2b:6e:97:0e:28:0a:a2:76:a0:ce:c6:
a9:48:db:52:3b:68:8e:cb:35:d6:9c:eb:8d:85:5e:
a7:01:06:10:73:54:08:78:70:1b:a4:81:da:fe:30:
5b:59:ee:5e:c6:29:98:df:a9:5e:d9:54:9c:e0:80:
6e:42:c1:0a:ec:cd:d9:d3:4d:25:77:f8:8f:5b:71:
41:4b:ea:7f:d4:28:7f:f3:d0:75:2f:68:a2:87:8a:
f1:1c:4a:fe:eb:24:47:33:a5:e7:34:76:00:c9:56:
cc:53:86:f3:b5:98:8f:ae:a6:6e:86:51:01:d8:74:
19:5d:aa:58:89:26:13:07:fc:bb:fa:c2:0c:ad:4b:
ea:14:f3:b6:b2:b1:fe:3c:2d:37:9d:58:9a:99:30:
14:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:96:7B:FB:79:03:85:BA:11:5F:F2:D4:65:A6:03:D4:A3:A9:2E:E0
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/g5Z7-3kDhboRX_LUZaYD1KOpLuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.9.0/24
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
08:34:73:76:23:91:63:c0:ec:28:b6:26:e9:1c:29:f0:d4:c0:
d0:e9:87:19:be:d6:6c:db:03:75:74:c7:e9:7e:f8:4d:df:78:
a7:c4:e0:a0:e7:27:21:c2:cc:6a:0a:c5:95:18:75:c8:43:cc:
21:94:52:46:be:65:7f:15:65:08:78:8b:9c:3f:2f:75:93:bd:
16:81:13:ad:e0:c0:2e:28:22:c5:d1:35:e3:84:47:71:ba:6f:
d3:9b:15:fb:2b:e5:1f:a8:d0:ea:d0:3a:27:fd:35:72:3c:8e:
03:1b:e4:0e:e8:60:66:57:65:7c:77:ea:6d:fd:76:7b:15:34:
91:37:41:b7:0d:78:b8:d0:e5:7a:aa:cc:dd:07:70:8e:26:89:
6a:e4:2d:97:83:e8:45:25:18:6f:75:00:6f:8a:c4:23:9b:48:
1f:08:a5:8c:7f:dc:e0:a6:97:6e:c4:1f:e9:d3:86:cd:d0:32:
2e:88:c8:43:19:7a:4c:98:19:26:38:c6:61:79:dd:c5:2c:94:
21:ee:d5:60:7a:f2:b7:64:ee:ec:2d:f8:0c:af:c5:fe:fa:9c:
59:f7:b1:2c:db:44:8e:fa:06:ad:9b:49:83:af:75:22:ac:c7:
f9:b9:8d:ed:9f:cb:53:15:e5:81:7a:49:ce:fb:04:bb:4b:3d:
38:a8:7f:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNQyjftAoETUB4MRTs9jUHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMTIxMjIxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzk2N2JmYjc5MDM4NWJhMTE1ZmYyZDQ2NWE2MDNkNGEzYTkyZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Tedb5ILQEZGNummTIdaZSIDKdfb
p2LuiBFS52BZ6oQb3b/9F99/Md81PmVjlbMiHbrLTwA56vr+FxC8S2o+O2LnspOu
EM7U+N5k4RTgJRi/zVw2acNsLuzCVY//8pN8YLtwArI1Sq4k+fHbK26XDigKonag
zsapSNtSO2iOyzXWnOuNhV6nAQYQc1QIeHAbpIHa/jBbWe5eximY36le2VSc4IBu
QsEK7M3Z000ld/iPW3FBS+p/1Ch/89B1L2iih4rxHEr+6yRHM6XnNHYAyVbMU4bz
tZiPrqZuhlEB2HQZXapYiSYTB/y7+sIMrUvqFPO2srH+PC03nViamTAU1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIOWe/t5A4W6EV/y1GWmA9SjqS7gMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvZzVaNy0za0RoYm9SWF9MVVphWUQxS09wTHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuewJAwQA
wSb5MA0GCSqGSIb3DQEBCwUAA4IBAQAINHN2I5FjwOwotibpHCnw1MDQ6YcZvtZs
2wN1dMfpfvhN33inxOCg5ychwsxqCsWVGHXIQ8whlFJGvmV/FWUIeIucPy91k70W
gROt4MAuKCLF0TXjhEdxum/TmxX7K+UfqNDq0Don/TVyPI4DG+QO6GBmV2V8d+pt
/XZ7FTSRN0G3DXi40OV6qszdB3COJolq5C2Xg+hFJRhvdQBvisQjm0gfCKWMf9zg
ppduxB/p04bN0DIuiMhDGXpMmBkmOMZhed3FLJQh7tVgevK3ZO7sLfgMr8X++pxZ
97Es20SO+gatm0mDr3UirMf5uY3tn8tTFeWBeknO+wS7Sz04qH+0
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:57 2025 by rpki-client