Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/S39mrdXDL1obeQVCP3zCMisMw0M.roa
File: S39mrdXDL1obeQVCP3zCMisMw0M.roa (raw, json)
Hash identifier: FWnltYHQI1F6hyyYaQDrXU3WqC/OX0Obyvdgba6T3sc=
Subject key identifier: 4B:7F:66:AD:D5:C3:2F:5A:1B:79:05:42:3F:7C:C2:32:2B:0C:C3:43
Certificate issuer: /CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Certificate serial: 018902DA24F8990DC0D70505266A4EFF65D8
Authority key identifier: 3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/S39mrdXDL1obeQVCP3zCMisMw0M.roa
Signing time: Wed 28 Jun 2023 16:33:17 +0000
ROA not before: Wed 28 Jun 2023 16:33:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.150.172.0/22 maxlen: 24
5.100.144.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:da:24:f8:99:0d:c0:d7:05:05:26:6a:4e:ff:65:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Validity
Not Before: Jun 28 16:33:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b7f66add5c32f5a1b7905423f7cc2322b0cc343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:f5:d2:8a:aa:fa:5a:c0:8a:cc:46:b2:42:
7e:b8:38:3e:51:26:c5:19:4e:e2:25:a1:8f:64:af:
02:f3:f8:2c:93:f5:fa:4d:57:c7:07:30:df:e7:29:
89:3e:cc:d2:60:f2:d9:83:b6:c3:b3:d6:a7:e6:ac:
72:79:88:0d:a2:09:21:92:8a:14:ed:69:72:1c:44:
79:4b:a2:20:e1:f4:66:c9:3c:a2:9e:df:ca:f3:4d:
51:81:9b:cd:05:3c:e7:ef:78:e6:53:65:37:fb:1a:
86:15:b6:ec:aa:54:16:14:b3:ef:a2:f8:52:1c:56:
9f:14:92:bf:75:95:15:a3:99:d5:6b:f6:82:1f:b5:
c4:14:0a:9f:de:dd:ec:17:dd:58:f9:5c:e7:de:20:
57:57:ff:b0:5a:f5:85:97:aa:5e:fe:ed:63:12:60:
0f:aa:61:0f:4a:50:5d:90:db:c4:52:f8:33:01:bc:
9a:78:29:f9:e8:3f:96:10:5f:6b:70:be:af:78:f0:
21:06:96:ca:ea:73:3d:c9:c0:53:49:83:67:20:0a:
f0:22:37:a1:e7:b0:87:0a:78:cc:5b:13:da:25:5c:
8d:5c:83:07:33:d2:55:64:0c:67:1a:5c:6b:5c:f4:
38:15:ab:76:03:6f:8f:1b:ad:fa:b9:8e:9e:17:b9:
de:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7F:66:AD:D5:C3:2F:5A:1B:79:05:42:3F:7C:C2:32:2B:0C:C3:43
X509v3 Authority Key Identifier:
keyid:3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/S39mrdXDL1obeQVCP3zCMisMw0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.144.0/21
185.150.172.0/22
Signature Algorithm: sha256WithRSAEncryption
e2:f3:1d:c2:21:90:5c:5e:eb:83:31:0e:2d:74:73:48:c6:96:
65:80:60:ad:4a:72:39:60:3e:f0:3b:c2:96:c7:11:8a:ca:96:
1c:c7:57:2e:e4:a2:ee:43:69:fb:5f:2e:bf:f6:15:a4:1c:b7:
58:67:93:6e:b4:72:e2:8d:e4:26:85:57:dc:f0:89:54:04:1b:
79:62:d7:69:90:27:1a:0e:ab:6a:06:37:b6:b5:0b:1c:f9:bc:
0d:08:90:05:d7:aa:3d:76:17:8e:d5:56:77:a4:04:92:a4:49:
e2:5b:fa:ef:eb:ae:56:4e:83:b6:6c:ef:9a:05:2c:4d:da:e0:
f7:17:3a:2a:09:27:78:5d:28:00:f9:30:76:0e:3e:42:77:43:
44:66:e6:7b:55:87:b8:ad:c2:91:97:53:82:bf:e1:7d:a6:b5:
3c:dd:9b:de:82:11:57:9c:f1:7b:a7:a9:80:23:4e:34:38:08:
57:50:6a:89:c7:1a:b6:39:c9:e9:62:28:8b:6a:f9:01:85:d7:
9c:08:da:a0:1f:4c:e1:cc:d8:8c:18:dc:b0:8c:fc:65:20:23:
63:e2:0d:d9:4a:8b:f1:5e:a7:da:45:34:1c:05:05:c5:3c:99:
7d:51:8e:4e:63:77:58:8d:61:77:89:92:83:f5:9e:95:ca:23:
52:e0:a7:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkC2iT4mQ3A1wUFJmpO/2XYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNTY4YzU5ZDdhODMxOTljM2E3OWVhMGU4Mzc1Yjk0NmVk
ODg0ZTIwHhcNMjMwNjI4MTYzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdmNjZhZGQ1YzMyZjVhMWI3OTA1NDIzZjdjYzIzMjJiMGNjMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNT10oqq+lrAisxGskJ+uDg+USbF
GU7iJaGPZK8C8/gsk/X6TVfHBzDf5ymJPszSYPLZg7bDs9an5qxyeYgNogkhkooU
7WlyHER5S6Ig4fRmyTyint/K801RgZvNBTzn73jmU2U3+xqGFbbsqlQWFLPvovhS
HFafFJK/dZUVo5nVa/aCH7XEFAqf3t3sF91Y+Vzn3iBXV/+wWvWFl6pe/u1jEmAP
qmEPSlBdkNvEUvgzAbyaeCn56D+WEF9rcL6vePAhBpbK6nM9ycBTSYNnIArwIjeh
57CHCnjMWxPaJVyNXIMHM9JVZAxnGlxrXPQ4Fat2A2+PG636uY6eF7neSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEt/Zq3Vwy9aG3kFQj98wjIrDMNDMB8GA1UdIwQY
MBaAFDxWjFnXqDGZw6eeoOg3W5Ru2ITiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQt
NWUzN2U3ZjNmMTVkLzEvUzM5bXJkWERMMW9iZVFWQ1AzekNNaXNNdzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82ZjM2YzItZDA1Yy00NDI1LWE5ZTQtNWUzN2U3ZjNmMTVk
LzEvUEZhTVdkZW9NWm5EcDU2ZzZEZGJsRzdZaE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBWSQAwQC
uZasMA0GCSqGSIb3DQEBCwUAA4IBAQDi8x3CIZBcXuuDMQ4tdHNIxpZlgGCtSnI5
YD7wO8KWxxGKypYcx1cu5KLuQ2n7Xy6/9hWkHLdYZ5NutHLijeQmhVfc8IlUBBt5
YtdpkCcaDqtqBje2tQsc+bwNCJAF16o9dheO1VZ3pASSpEniW/rv665WToO2bO+a
BSxN2uD3FzoqCSd4XSgA+TB2Dj5Cd0NEZuZ7VYe4rcKRl1OCv+F9prU83ZveghFX
nPF7p6mAI040OAhXUGqJxxq2OcnpYiiLavkBhdecCNqgH0zhzNiMGNywjPxlICNj
4g3ZSovxXqfaRTQcBQXFPJl9UY5OY3dYjWF3iZKD9Z6VyiNS4Kcp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:16 2024 by rpki-client on console-ams.rpki-client.org