Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/XXxzxh4F_OgbjifMdPq3C8GkDWk.roa
File: XXxzxh4F_OgbjifMdPq3C8GkDWk.roa (raw, json)
Hash identifier: S4Yoq6C9nI2nHq8feEJi1CojCKQPG5e8emBIjYFGASc=
Subject key identifier: 5D:7C:73:C6:1E:05:FC:E8:1B:8E:27:CC:74:FA:B7:0B:C1:A4:0D:69
Certificate issuer: /CN=ed5e838312e04aef9f9536e20cd41283a7b8b77b
Certificate serial: 01856CCAD35A2A8C9DF430C2532C0FD22E65
Authority key identifier: ED:5E:83:83:12:E0:4A:EF:9F:95:36:E2:0C:D4:12:83:A7:B8:B7:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7V6DgxLgSu-flTbiDNQSg6e4t3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/XXxzxh4F_OgbjifMdPq3C8GkDWk.roa
Signing time: Sun 01 Jan 2023 10:05:09 +0000
ROA not before: Sun 01 Jan 2023 10:05:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207179
IP address blocks: 185.140.224.0/23 maxlen: 23
185.140.226.0/23 maxlen: 23
2a07:2080::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:d3:5a:2a:8c:9d:f4:30:c2:53:2c:0f:d2:2e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5e838312e04aef9f9536e20cd41283a7b8b77b
Validity
Not Before: Jan 1 10:05:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d7c73c61e05fce81b8e27cc74fab70bc1a40d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bf:59:c9:65:e4:b5:a0:16:7f:44:7e:d5:9e:
de:bf:8c:2d:ae:14:69:14:8d:6f:18:77:1e:d6:8e:
a2:97:61:94:4f:c2:59:dd:fd:9e:22:9b:f4:fa:d7:
eb:ec:7e:5a:09:31:c1:c0:29:53:ba:f2:d7:93:7a:
d4:c5:66:aa:7c:3b:68:1e:7a:d1:c0:3e:ae:1b:6c:
11:56:5d:4b:bf:38:ec:f2:7b:cf:69:69:d9:4b:21:
a4:41:70:73:85:6b:ab:93:1e:c3:71:ea:f4:87:d4:
f1:e3:1c:62:89:f9:cf:b0:d9:8f:ad:bd:7c:99:5f:
72:28:5b:d8:15:ec:57:c8:6e:19:aa:2e:a2:85:04:
bb:2b:ea:40:c4:59:ff:f3:6b:a2:1d:cb:4e:ea:4c:
c5:0d:00:a6:66:b4:90:03:a4:45:06:ef:a5:f1:56:
94:a3:4f:a0:bd:13:0b:91:0e:cb:cf:b5:c4:bb:e0:
d5:75:91:19:ad:87:71:ba:b2:2b:e7:0b:50:d6:0b:
c7:46:84:f3:53:49:04:73:1e:61:26:df:8b:c7:77:
ce:94:22:45:0b:09:f3:39:63:a8:a6:67:82:5a:0d:
2e:f6:1b:31:ce:a0:82:fa:1d:93:d4:b3:29:67:db:
97:50:55:aa:08:f2:e1:47:95:79:d8:a6:aa:13:7e:
44:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7C:73:C6:1E:05:FC:E8:1B:8E:27:CC:74:FA:B7:0B:C1:A4:0D:69
X509v3 Authority Key Identifier:
keyid:ED:5E:83:83:12:E0:4A:EF:9F:95:36:E2:0C:D4:12:83:A7:B8:B7:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7V6DgxLgSu-flTbiDNQSg6e4t3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/XXxzxh4F_OgbjifMdPq3C8GkDWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bee5ac-99cc-41a7-a65f-edaca9d1361a/1/7V6DgxLgSu-flTbiDNQSg6e4t3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.224.0/22
IPv6:
2a07:2080::/29
Signature Algorithm: sha256WithRSAEncryption
5c:f4:85:ba:df:52:99:16:ad:2d:bf:4d:11:0f:fa:23:c0:6e:
36:7d:5f:af:26:b4:e9:ed:57:dc:9a:47:bf:1b:63:90:9b:dd:
13:d3:23:80:96:23:58:98:53:00:8b:f8:47:f8:71:cb:29:5d:
17:38:22:81:86:fe:66:f0:c6:eb:2c:82:50:c6:6a:d1:01:15:
4a:2f:1b:9a:27:6c:fc:d4:f7:06:02:9f:f7:69:32:60:19:d6:
a7:73:b8:86:4f:8a:f3:9a:cc:2c:1f:40:8c:0d:0f:b1:93:54:
9d:67:91:e6:79:d4:66:6a:82:1c:d1:96:dd:69:03:2d:6f:a4:
c2:43:99:43:f7:e7:3c:3d:e1:f7:44:c5:fa:1d:44:c1:da:94:
95:71:06:4c:37:1a:9e:9f:5e:78:8e:60:ce:86:c9:51:74:af:
57:88:95:60:6f:97:6b:0a:77:d0:f4:54:1e:27:a3:54:d2:f8:
fe:36:27:f6:81:15:75:2d:51:b3:24:1b:eb:5e:d1:f0:08:57:
73:bf:52:48:c7:13:1e:e7:91:92:19:f6:85:d6:a2:9b:0b:14:
c0:0f:f8:61:5c:2a:02:74:38:dd:69:bd:e4:ea:07:42:c8:bd:
28:47:11:a2:f9:17:c7:f9:3b:2b:7b:88:eb:0c:80:43:65:b3:
e4:05:56:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsytNaKoyd9DDCUywP0i5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNWU4MzgzMTJlMDRhZWY5Zjk1MzZlMjBjZDQxMjgzYTdi
OGI3N2IwHhcNMjMwMTAxMTAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDdjNzNjNjFlMDVmY2U4MWI4ZTI3Y2M3NGZhYjcwYmMxYTQwZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh79ZyWXktaAWf0R+1Z7ev4wtrhRp
FI1vGHce1o6il2GUT8JZ3f2eIpv0+tfr7H5aCTHBwClTuvLXk3rUxWaqfDtoHnrR
wD6uG2wRVl1Lvzjs8nvPaWnZSyGkQXBzhWurkx7Dcer0h9Tx4xxiifnPsNmPrb18
mV9yKFvYFexXyG4Zqi6ihQS7K+pAxFn/82uiHctO6kzFDQCmZrSQA6RFBu+l8VaU
o0+gvRMLkQ7Lz7XEu+DVdZEZrYdxurIr5wtQ1gvHRoTzU0kEcx5hJt+Lx3fOlCJF
CwnzOWOopmeCWg0u9hsxzqCC+h2T1LMpZ9uXUFWqCPLhR5V52KaqE35ESQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF18c8YeBfzoG44nzHT6twvBpA1pMB8GA1UdIwQY
MBaAFO1eg4MS4Ervn5U24gzUEoOnuLd7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1Y2RGd4TGdTdS1mbFRiaUROUVNnNmU0dDNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZWU1YWMtOTljYy00MWE3LWE2NWYt
ZWRhY2E5ZDEzNjFhLzEvWFh4enhoNEZfT2diamlmTWRQcTNDOEdrRFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZWU1YWMtOTljYy00MWE3LWE2NWYtZWRhY2E5ZDEzNjFh
LzEvN1Y2RGd4TGdTdS1mbFRiaUROUVNnNmU0dDNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYzgMA0E
AgACMAcDBQMqByCAMA0GCSqGSIb3DQEBCwUAA4IBAQBc9IW631KZFq0tv00RD/oj
wG42fV+vJrTp7Vfcmke/G2OQm90T0yOAliNYmFMAi/hH+HHLKV0XOCKBhv5m8Mbr
LIJQxmrRARVKLxuaJ2z81PcGAp/3aTJgGdanc7iGT4rzmswsH0CMDQ+xk1SdZ5Hm
edRmaoIc0ZbdaQMtb6TCQ5lD9+c8PeH3RMX6HUTB2pSVcQZMNxqen154jmDOhslR
dK9XiJVgb5drCnfQ9FQeJ6NU0vj+Nif2gRV1LVGzJBvrXtHwCFdzv1JIxxMe55GS
GfaF1qKbCxTAD/hhXCoCdDjdab3k6gdCyL0oRxGi+RfH+Tsre4jrDIBDZbPkBVZp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:44 2024 by rpki-client on console-fra.rpki-client.org