Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/lHPaxJ22f_iTmnDkiHJPn69daOI.roa
File: lHPaxJ22f_iTmnDkiHJPn69daOI.roa (raw, json)
Hash identifier: nVD6WmkItGapw6LNA1UKLtvPvKXyRs/04QHQ+5fO4vM=
Subject key identifier: 94:73:DA:C4:9D:B6:7F:F8:93:9A:70:E4:88:72:4F:9F:AF:5D:68:E2
Certificate issuer: /CN=04feaefea82b6103dc2b8971e9bdda01669a1357
Certificate serial: 01856D13CAFA0788EED75193EAA63E2C72E6
Authority key identifier: 04:FE:AE:FE:A8:2B:61:03:DC:2B:89:71:E9:BD:DA:01:66:9A:13:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BP6u_qgrYQPcK4lx6b3aAWaaE1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/lHPaxJ22f_iTmnDkiHJPn69daOI.roa
Signing time: Sun 01 Jan 2023 11:24:51 +0000
ROA not before: Sun 01 Jan 2023 11:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198792
IP address blocks: 5.39.224.0/21 maxlen: 21
2a00:fb40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:ca:fa:07:88:ee:d7:51:93:ea:a6:3e:2c:72:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04feaefea82b6103dc2b8971e9bdda01669a1357
Validity
Not Before: Jan 1 11:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9473dac49db67ff8939a70e488724f9faf5d68e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:02:4d:61:2c:c0:87:41:7a:48:2a:fd:22:
46:cc:d3:b4:01:6a:b8:fb:9d:4c:5c:27:74:e3:93:
59:89:64:c0:ea:1b:dd:74:06:52:0a:ac:85:f2:5a:
2d:eb:38:07:70:00:f5:fa:cf:39:f6:c9:0e:f8:ff:
6a:67:43:15:bb:67:a4:ee:28:c3:82:d2:f8:42:da:
14:b6:3d:46:8f:76:83:c7:0f:d6:7a:13:36:2a:48:
5d:8a:73:1b:9b:01:2e:bb:92:23:fd:c4:0d:0c:e6:
2e:a1:ed:30:e9:52:96:88:8b:ca:ef:86:67:c7:89:
e6:22:1e:09:a7:55:0f:c4:8a:69:9a:c8:c4:39:bf:
6f:0c:ff:3a:1d:d4:f8:63:93:9c:b7:2c:8d:db:d4:
ee:80:80:d1:bd:4b:fb:49:6e:1e:16:3a:6a:6f:2b:
e9:ed:77:5c:6d:40:f0:b3:e1:62:8a:f4:32:8c:75:
c8:d8:d6:9a:42:ec:4c:d9:9c:6e:71:5e:5e:f7:d7:
ae:0b:fe:a1:d6:3c:83:a7:0d:a7:7c:3d:1f:4a:d3:
63:78:8d:61:3a:fb:3b:30:d9:c7:1a:65:d9:2c:eb:
5b:21:c7:07:e5:46:4a:90:46:0f:e5:96:11:b6:ff:
62:19:e6:61:82:7a:c1:f2:72:05:49:b4:ea:dc:ce:
27:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:73:DA:C4:9D:B6:7F:F8:93:9A:70:E4:88:72:4F:9F:AF:5D:68:E2
X509v3 Authority Key Identifier:
keyid:04:FE:AE:FE:A8:2B:61:03:DC:2B:89:71:E9:BD:DA:01:66:9A:13:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BP6u_qgrYQPcK4lx6b3aAWaaE1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/lHPaxJ22f_iTmnDkiHJPn69daOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3f9529-7172-43f8-895d-8eeb089b5caf/1/BP6u_qgrYQPcK4lx6b3aAWaaE1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.224.0/21
IPv6:
2a00:fb40::/32
Signature Algorithm: sha256WithRSAEncryption
4c:66:93:c3:c8:0a:0f:83:39:e9:a1:08:0c:43:88:d3:1b:eb:
d1:14:8f:67:b3:54:61:d8:32:10:ea:be:e9:87:c1:ec:33:76:
b7:27:d6:7b:e0:6e:72:6e:4e:b3:5b:3f:e5:bc:67:65:ed:53:
f6:17:42:ec:4a:5b:73:1b:68:0e:cc:00:83:eb:b0:33:d3:03:
d9:26:ab:a1:45:4d:18:f3:56:2c:d6:3a:2e:7f:a4:f3:8f:16:
2f:26:4e:8f:b9:43:3e:71:dd:d9:e4:52:09:70:d9:99:3a:e7:
1d:4a:9c:0c:b2:92:cb:fe:ef:49:e9:e6:13:30:21:aa:87:8b:
03:46:31:6c:1b:af:41:76:2b:d5:d0:cd:66:48:37:d9:d6:c3:
44:fe:5a:94:51:04:72:92:13:4e:e5:0d:27:0f:ca:f4:85:69:
ae:70:c9:49:9c:85:58:a5:de:f3:46:6b:79:ed:00:55:4e:5f:
88:2f:90:a5:0a:f0:ca:f8:b2:58:20:24:d0:23:e8:9f:d4:40:
69:ad:90:49:6e:1a:3e:7a:95:80:06:11:f3:bc:ab:7e:cc:72:
4b:8e:14:70:59:95:ac:a8:1d:33:62:14:90:20:58:63:2d:09:
ce:75:f4:20:4e:4a:ad:2f:c7:d0:66:d2:67:c5:cf:e5:b5:5d:
08:85:e6:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtE8r6B4ju11GT6qY+LHLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZmVhZWZlYTgyYjYxMDNkYzJiODk3MWU5YmRkYTAxNjY5
YTEzNTcwHhcNMjMwMTAxMTEyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDczZGFjNDlkYjY3ZmY4OTM5YTcwZTQ4ODcyNGY5ZmFmNWQ2OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiUCTWEswIdBekgq/SJGzNO0AWq4
+51MXCd045NZiWTA6hvddAZSCqyF8lot6zgHcAD1+s859skO+P9qZ0MVu2ek7ijD
gtL4QtoUtj1Gj3aDxw/WehM2KkhdinMbmwEuu5Ij/cQNDOYuoe0w6VKWiIvK74Zn
x4nmIh4Jp1UPxIppmsjEOb9vDP86HdT4Y5OctyyN29TugIDRvUv7SW4eFjpqbyvp
7XdcbUDws+FiivQyjHXI2NaaQuxM2ZxucV5e99euC/6h1jyDpw2nfD0fStNjeI1h
Ovs7MNnHGmXZLOtbIccH5UZKkEYP5ZYRtv9iGeZhgnrB8nIFSbTq3M4n7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJRz2sSdtn/4k5pw5IhyT5+vXWjiMB8GA1UdIwQY
MBaAFAT+rv6oK2ED3CuJcem92gFmmhNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlA2dV9xZ3JZUVBjSzRseDZiM2FBV2FhRTFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8zZjk1MjktNzE3Mi00M2Y4LTg5NWQt
OGVlYjA4OWI1Y2FmLzEvbEhQYXhKMjJmX2lUbW5Ea2lISlBuNjlkYU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8zZjk1MjktNzE3Mi00M2Y4LTg5NWQtOGVlYjA4OWI1Y2Fm
LzEvQlA2dV9xZ3JZUVBjSzRseDZiM2FBV2FhRTFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSfgMA0E
AgACMAcDBQAqAPtAMA0GCSqGSIb3DQEBCwUAA4IBAQBMZpPDyAoPgznpoQgMQ4jT
G+vRFI9ns1Rh2DIQ6r7ph8HsM3a3J9Z74G5ybk6zWz/lvGdl7VP2F0LsSltzG2gO
zACD67Az0wPZJquhRU0Y81Ys1jouf6TzjxYvJk6PuUM+cd3Z5FIJcNmZOucdSpwM
spLL/u9J6eYTMCGqh4sDRjFsG69BdivV0M1mSDfZ1sNE/lqUUQRykhNO5Q0nD8r0
hWmucMlJnIVYpd7zRmt57QBVTl+IL5ClCvDK+LJYICTQI+if1EBprZBJbho+epWA
BhHzvKt+zHJLjhRwWZWsqB0zYhSQIFhjLQnOdfQgTkqtL8fQZtJnxc/ltV0IheZB
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:55 2024 by rpki-client on console-ams.rpki-client.org