Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/b5i72_WkNCMjOEZU4L6UI6VaWCY.roa
File: b5i72_WkNCMjOEZU4L6UI6VaWCY.roa (raw, json)
Hash identifier: 9kilzEjFVoCyz1xRS25+lW02jX94yw8q3wjLIDWzNjQ=
Subject key identifier: 6F:98:BB:DB:F5:A4:34:23:23:38:46:54:E0:BE:94:23:A5:5A:58:26
Certificate issuer: /CN=cd2d25f7691360878cbace985890b9f5efcf7d95
Certificate serial: 01856F94E55C1DF24BD8895A5653F10376AD
Authority key identifier: CD:2D:25:F7:69:13:60:87:8C:BA:CE:98:58:90:B9:F5:EF:CF:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zS0l92kTYIeMus6YWJC59e_PfZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/b5i72_WkNCMjOEZU4L6UI6VaWCY.roa
Signing time: Sun 01 Jan 2023 23:05:07 +0000
ROA not before: Sun 01 Jan 2023 23:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9063
IP address blocks: 195.66.0.0/21 maxlen: 21
213.185.65.0/24 maxlen: 24
213.185.68.0/22 maxlen: 22
213.185.66.0/23 maxlen: 23
213.185.72.0/22 maxlen: 22
213.185.76.0/23 maxlen: 23
185.5.28.0/22 maxlen: 22
2a02:7940::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:e5:5c:1d:f2:4b:d8:89:5a:56:53:f1:03:76:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd2d25f7691360878cbace985890b9f5efcf7d95
Validity
Not Before: Jan 1 23:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f98bbdbf5a4342323384654e0be9423a55a5826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a0:12:c2:c4:58:f4:36:be:90:43:4f:ff:9d:
9b:6e:63:ba:5c:9b:5d:ce:12:38:6e:e7:d4:cc:cb:
3e:8b:db:d5:ca:2a:d7:f3:f2:d3:87:4c:47:8f:86:
58:2b:37:12:68:b1:5b:b7:86:4e:68:ce:9e:f7:9d:
80:af:09:2c:92:f6:32:da:14:dc:eb:ae:ff:de:0c:
09:73:17:c1:c7:77:19:14:d0:3c:87:c4:5b:db:f7:
28:f4:84:80:a4:bb:a4:84:bc:dc:bf:ca:89:56:27:
f4:41:2d:f3:6b:16:25:d8:2e:6a:7d:14:0d:14:8d:
be:7e:4f:50:f1:72:3a:1e:d0:8b:23:ab:8a:50:48:
71:25:3e:a0:61:0f:ae:66:24:a0:28:b1:e9:53:db:
14:cd:32:7b:89:c7:61:5f:80:52:bc:fc:2b:1d:5d:
38:24:dc:d9:d5:1f:0b:81:37:e7:61:73:c1:5f:79:
8d:95:81:9f:7e:2b:bc:07:4e:9d:c7:8e:5c:4b:ae:
3b:3e:98:4b:22:1a:91:85:06:29:39:5c:bd:1f:3c:
99:f3:e7:39:41:1e:b5:d2:c5:e8:7a:6d:a2:57:78:
67:b8:18:bb:6e:5c:2a:a9:8b:e4:00:83:31:1f:05:
e7:39:41:a9:23:41:61:bc:f5:3e:e0:51:be:39:35:
9b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:98:BB:DB:F5:A4:34:23:23:38:46:54:E0:BE:94:23:A5:5A:58:26
X509v3 Authority Key Identifier:
keyid:CD:2D:25:F7:69:13:60:87:8C:BA:CE:98:58:90:B9:F5:EF:CF:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zS0l92kTYIeMus6YWJC59e_PfZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/b5i72_WkNCMjOEZU4L6UI6VaWCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c38360-743a-428f-ab97-6369b17ff178/1/zS0l92kTYIeMus6YWJC59e_PfZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.28.0/22
195.66.0.0/21
213.185.65.0-213.185.77.255
IPv6:
2a02:7940::/32
Signature Algorithm: sha256WithRSAEncryption
95:ef:e1:37:63:e4:3d:01:25:88:dc:e1:87:0c:81:f3:d2:29:
4d:d0:8d:89:70:c2:a6:29:70:c2:23:c4:9d:8a:45:da:ef:5c:
ed:06:a1:f2:e2:32:aa:d9:e2:fc:0f:fe:61:86:96:9f:82:6a:
1c:aa:85:77:d1:f7:a3:76:7a:aa:75:67:ef:49:39:64:3e:59:
9e:ba:7e:33:08:7f:78:0a:28:d9:01:1e:81:ce:28:91:df:fc:
07:6d:b1:b6:ec:64:72:09:ed:22:41:51:be:30:a4:00:9d:d6:
12:3e:9b:0f:77:7c:0c:2c:08:fb:e4:55:a2:33:89:f8:0a:19:
13:c1:54:17:bb:68:0f:8d:cf:54:4c:78:6c:5a:4c:fd:97:33:
03:0c:93:cf:26:e8:9c:4a:a3:ab:eb:be:88:3d:10:66:9b:7b:
f0:ad:f1:47:57:d8:72:e5:d4:90:e4:bf:ab:0c:c2:3a:1f:55:
95:52:22:fd:c1:60:d4:7a:0c:66:54:cf:a3:48:da:8d:d1:69:
89:5d:ee:c1:9d:97:40:ff:b0:6c:a4:b4:95:b3:46:20:39:0f:
c3:43:41:9d:12:3b:1a:a4:d5:a3:da:e7:bd:f5:cc:a4:2d:c9:
13:1d:74:5e:4b:2f:a6:47:8a:00:d6:7a:88:54:b0:6b:ee:d0:
2a:88:bd:86
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVvlOVcHfJL2IlaVlPxA3atMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMmQyNWY3NjkxMzYwODc4Y2JhY2U5ODU4OTBiOWY1ZWZj
ZjdkOTUwHhcNMjMwMTAxMjMwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk4YmJkYmY1YTQzNDIzMjMzODQ2NTRlMGJlOTQyM2E1NWE1ODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6ASwsRY9Da+kENP/52bbmO6XJtd
zhI4bufUzMs+i9vVyirX8/LTh0xHj4ZYKzcSaLFbt4ZOaM6e952ArwkskvYy2hTc
667/3gwJcxfBx3cZFNA8h8Rb2/co9ISApLukhLzcv8qJVif0QS3zaxYl2C5qfRQN
FI2+fk9Q8XI6HtCLI6uKUEhxJT6gYQ+uZiSgKLHpU9sUzTJ7icdhX4BSvPwrHV04
JNzZ1R8LgTfnYXPBX3mNlYGffiu8B06dx45cS647PphLIhqRhQYpOVy9HzyZ8+c5
QR610sXoem2iV3hnuBi7blwqqYvkAIMxHwXnOUGpI0FhvPU+4FG+OTWbRQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFG+Yu9v1pDQjIzhGVOC+lCOlWlgmMB8GA1UdIwQY
MBaAFM0tJfdpE2CHjLrOmFiQufXvz32VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelMwbDkya1RZSWVNdXM2WVdKQzU5ZV9QZlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jMzgzNjAtNzQzYS00MjhmLWFiOTct
NjM2OWIxN2ZmMTc4LzEvYjVpNzJfV2tOQ01qT0VaVTRMNlVJNlZhV0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jMzgzNjAtNzQzYS00MjhmLWFiOTctNjM2OWIxN2ZmMTc4
LzEvelMwbDkya1RZSWVNdXM2WVdKQzU5ZV9QZlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuQUcAwQD
w0IAMAwDBADVuUEDBAHVuUwwDQQCAAIwBwMFACoCeUAwDQYJKoZIhvcNAQELBQAD
ggEBAJXv4Tdj5D0BJYjc4YcMgfPSKU3QjYlwwqYpcMIjxJ2KRdrvXO0GofLiMqrZ
4vwP/mGGlp+CahyqhXfR96N2eqp1Z+9JOWQ+WZ66fjMIf3gKKNkBHoHOKJHf/Adt
sbbsZHIJ7SJBUb4wpACd1hI+mw93fAwsCPvkVaIzifgKGRPBVBe7aA+Nz1RMeGxa
TP2XMwMMk88m6JxKo6vrvog9EGabe/Ct8UdX2HLl1JDkv6sMwjofVZVSIv3BYNR6
DGZUz6NI2o3RaYld7sGdl0D/sGyktJWzRiA5D8NDQZ0SOxqk1aPa5731zKQtyRMd
dF5LL6ZHigDWeohUsGvu0CqIvYY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:45 2024 by rpki-client on console-ams.rpki-client.org