Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5H6mbR-SDK_-uy0vbPYc5_gw_wA.roa
File: 5H6mbR-SDK_-uy0vbPYc5_gw_wA.roa (raw, json)
Hash identifier: Tr3e9uGpigY6dVXNFQYiHS7ZF0lTMyHCp7z3IO8APZI=
Subject key identifier: E4:7E:A6:6D:1F:92:0C:AF:FE:BB:2D:2F:6C:F6:1C:E7:F8:30:FF:00
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BB9055AE587884E7E62AB64B0E028FFFA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5H6mbR-SDK_-uy0vbPYc5_gw_wA.roa
Signing time: Fri 10 Nov 2023 11:36:57 +0000
ROA not before: Fri 10 Nov 2023 11:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51089
IP address blocks: 185.218.4.0/22 maxlen: 24
185.218.6.0/24 maxlen: 24
185.218.7.0/24 maxlen: 24
185.218.6.0/23 maxlen: 23
31.25.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:05:5a:e5:87:88:4e:7e:62:ab:64:b0:e0:28:ff:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 10 11:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e47ea66d1f920caffebb2d2f6cf61ce7f830ff00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f5:9b:2a:a1:d1:d3:c8:c1:12:44:f6:15:7a:
c3:9e:9f:13:06:09:28:ef:5f:f4:8b:73:0c:f9:71:
ff:c1:2d:72:90:55:bf:36:ce:cf:47:5b:e0:20:c5:
9c:94:ff:99:90:e8:30:6f:f1:6e:bc:b2:8d:a2:a6:
ed:f4:8b:6d:4e:cd:09:e5:17:f3:b0:b8:87:4d:71:
b2:29:6b:ab:02:b4:c1:f3:0f:8d:c7:01:4f:43:6f:
3f:6b:35:3d:c3:8b:f3:e2:90:82:d7:7e:13:13:bc:
c0:5f:30:74:85:2a:98:00:14:2a:91:e3:ef:69:84:
2a:85:8f:df:80:f2:05:39:eb:05:4e:66:e7:84:c2:
85:fc:01:17:4f:67:fa:9b:e3:94:91:36:1d:be:84:
fb:a0:f9:7e:f2:97:1c:c3:03:4f:d7:6c:d2:eb:12:
a2:da:fc:bb:d9:3b:33:59:1e:18:19:a7:b3:23:9b:
60:43:82:b0:6f:f9:d0:49:2d:84:8b:34:e3:b2:e8:
19:08:30:98:f5:99:c5:a0:d4:e0:99:4a:94:ac:90:
c8:32:1a:c8:89:fa:c1:e5:78:fd:ee:3f:2c:df:36:
07:a2:d7:79:39:72:a5:3d:63:8f:86:64:07:c3:7d:
60:d2:89:52:cf:bf:9a:c4:41:80:a0:57:bf:fe:04:
7a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:7E:A6:6D:1F:92:0C:AF:FE:BB:2D:2F:6C:F6:1C:E7:F8:30:FF:00
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/5H6mbR-SDK_-uy0vbPYc5_gw_wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.88.0/24
185.218.4.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:0c:cd:c6:2c:0d:4b:d1:31:a9:ec:b2:0a:fb:86:c3:73:7f:
66:6f:07:7f:9e:fe:f1:e7:ef:6d:61:9e:d8:73:ca:39:59:68:
31:b6:6e:f2:fa:1a:a6:dc:6f:40:f2:bb:7e:be:b9:f3:32:1f:
95:5a:7a:5b:5f:c8:82:01:be:80:d2:4e:31:64:c7:68:64:66:
65:1e:dc:02:0f:4a:5f:b5:03:bb:4b:62:e1:75:ad:74:02:19:
97:20:b2:21:f6:60:3b:9d:dd:7b:78:2f:8a:9f:2f:39:a6:cb:
9c:89:3d:00:76:13:b9:e6:6f:8b:35:18:3b:17:85:16:d8:a9:
91:bd:11:65:2f:51:be:b2:35:15:44:da:df:03:5c:cf:07:28:
43:ca:ce:17:48:c7:89:55:94:2e:45:55:98:9a:c6:e7:2d:0a:
82:cd:28:fa:db:84:eb:66:4a:a3:64:45:e1:30:69:04:e8:fc:
a9:8f:26:a1:8b:52:57:87:57:36:0f:1b:4b:9b:ea:93:31:4e:
ff:20:b8:18:be:db:15:14:ab:95:e7:fa:75:d7:2b:fc:dd:11:
f0:8a:e7:ee:b7:bd:57:a9:03:09:4b:21:f1:f2:e3:98:e3:cc:
3f:2c:f0:62:ba:fd:14:ec:23:da:8c:61:08:44:9f:93:7f:79:
26:b5:47:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYu5BVrlh4hOfmKrZLDgKP/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTEwMTEzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDdlYTY2ZDFmOTIwY2FmZmViYjJkMmY2Y2Y2MWNlN2Y4MzBmZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfWbKqHR08jBEkT2FXrDnp8TBgko
71/0i3MM+XH/wS1ykFW/Ns7PR1vgIMWclP+ZkOgwb/FuvLKNoqbt9IttTs0J5Rfz
sLiHTXGyKWurArTB8w+NxwFPQ28/azU9w4vz4pCC134TE7zAXzB0hSqYABQqkePv
aYQqhY/fgPIFOesFTmbnhMKF/AEXT2f6m+OUkTYdvoT7oPl+8pccwwNP12zS6xKi
2vy72TszWR4YGaezI5tgQ4Kwb/nQSS2EizTjsugZCDCY9ZnFoNTgmUqUrJDIMhrI
ifrB5Xj97j8s3zYHotd5OXKlPWOPhmQHw31g0olSz7+axEGAoFe//gR6JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOR+pm0fkgyv/rstL2z2HOf4MP8AMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNUg2bWJSLVNES18tdXkwdmJQWWM1X2d3X3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHxlYAwQC
udoEMA0GCSqGSIb3DQEBCwUAA4IBAQC4DM3GLA1L0TGp7LIK+4bDc39mbwd/nv7x
5+9tYZ7Yc8o5WWgxtm7y+hqm3G9A8rt+vrnzMh+VWnpbX8iCAb6A0k4xZMdoZGZl
HtwCD0pftQO7S2Lhda10AhmXILIh9mA7nd17eC+Kny85psuciT0AdhO55m+LNRg7
F4UW2KmRvRFlL1G+sjUVRNrfA1zPByhDys4XSMeJVZQuRVWYmsbnLQqCzSj624Tr
ZkqjZEXhMGkE6Pypjyahi1JXh1c2DxtLm+qTMU7/ILgYvtsVFKuV5/p11yv83RHw
iufut71XqQMJSyHx8uOY48w/LPBiuv0U7CPajGEIRJ+Tf3kmtUfq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org