Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/5Y_kakbPB1mf20EsuvN9bBIV614.roa
File: 5Y_kakbPB1mf20EsuvN9bBIV614.roa (raw, json)
Hash identifier: CjnDfaLVSE/rVsrf6lwB5FaXUkK76VbpqIzWmrNV3a4=
Subject key identifier: E5:8F:E4:6A:46:CF:07:59:9F:DB:41:2C:BA:F3:7D:6C:12:15:EB:5E
Certificate issuer: /CN=61d38b37980a0dfae9cf9a2c5b56ade97faf502e
Certificate serial: 01856B4A2B0051802CA66180CF62B145D4A9
Authority key identifier: 61:D3:8B:37:98:0A:0D:FA:E9:CF:9A:2C:5B:56:AD:E9:7F:AF:50:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/5Y_kakbPB1mf20EsuvN9bBIV614.roa
Signing time: Sun 01 Jan 2023 03:05:00 +0000
ROA not before: Sun 01 Jan 2023 03:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200735
IP address blocks: 185.140.253.0/24 maxlen: 24
185.140.252.0/24 maxlen: 24
185.140.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 08:19:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:2b:00:51:80:2c:a6:61:80:cf:62:b1:45:d4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61d38b37980a0dfae9cf9a2c5b56ade97faf502e
Validity
Not Before: Jan 1 03:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e58fe46a46cf07599fdb412cbaf37d6c1215eb5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:0b:98:41:ee:3b:fa:bf:d9:43:c3:9c:bd:
5e:2a:46:9e:2c:fe:ea:b3:75:db:d3:5f:76:4a:37:
8e:33:86:2e:8a:bf:55:f0:9d:83:3d:c0:f2:ee:ce:
68:b6:50:88:be:2d:d3:d9:f9:3f:38:bc:85:a4:16:
51:17:e0:c2:f0:8b:58:a1:be:39:fe:57:d5:4c:4e:
ee:95:ca:a5:c9:fc:9f:1a:aa:7f:4c:61:e3:d3:84:
b1:3d:97:8a:dc:95:dd:6e:e0:72:a1:f8:c6:e4:65:
f0:73:d4:ce:2f:a9:da:ec:ff:0e:29:aa:2b:2a:81:
86:b9:f8:59:e1:68:dc:60:ff:d6:25:a5:56:76:b2:
98:72:07:cd:0d:45:6d:a2:81:0a:d5:08:a8:8c:53:
bc:06:c3:da:9f:ff:e8:84:cf:3e:d6:c7:0e:9c:6e:
d7:f3:6a:b2:fa:14:6c:6d:54:a3:27:57:9b:2b:88:
03:39:e9:57:84:9d:5a:21:0d:c6:6c:df:a6:f3:cd:
57:8d:2e:89:81:cd:fd:3d:c4:4c:c7:24:77:3b:3b:
87:a0:cf:fc:5f:24:ee:4b:d7:f3:85:a8:39:f9:8c:
a9:f7:ea:b1:e3:6f:46:e9:e8:cf:c6:b4:2a:e9:da:
90:98:a1:44:32:2a:e0:ad:49:8e:6f:56:78:b4:51:
be:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8F:E4:6A:46:CF:07:59:9F:DB:41:2C:BA:F3:7D:6C:12:15:EB:5E
X509v3 Authority Key Identifier:
keyid:61:D3:8B:37:98:0A:0D:FA:E9:CF:9A:2C:5B:56:AD:E9:7F:AF:50:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YdOLN5gKDfrpz5osW1at6X-vUC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/5Y_kakbPB1mf20EsuvN9bBIV614.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/69746c-501a-43e8-b887-7d448b396776/1/YdOLN5gKDfrpz5osW1at6X-vUC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.252.0/23
185.140.255.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ba:a4:d3:7f:5d:44:2f:f1:c7:75:0f:83:cd:bf:e6:e1:aa:
8a:78:3d:e8:75:36:ed:d8:9d:b7:ce:74:3f:ad:0f:0f:8e:a8:
b7:f1:d5:61:6a:02:4b:08:3e:d1:e6:42:2b:87:5c:51:2f:cc:
83:4c:c4:a6:dc:51:79:40:7e:e4:43:9b:6f:b8:68:98:50:4e:
ae:77:37:ce:2b:b4:6c:84:dd:16:71:46:27:00:35:81:17:b7:
6a:42:67:f5:64:5f:b0:70:62:32:bb:c3:8f:bf:41:27:f5:b2:
4a:ff:ca:bb:0b:28:86:ad:eb:0e:32:c2:a3:62:06:e2:c7:ff:
53:be:c4:80:26:22:6d:b9:18:5d:a9:8a:b1:d8:1e:d8:95:98:
f6:63:51:ca:07:7d:0b:27:b2:74:84:57:32:c6:4c:d0:03:f2:
7a:35:8e:2f:cb:9e:c9:d8:82:b8:71:1d:98:1f:6c:db:a9:81:
a2:bc:c2:94:3a:2f:92:e6:57:37:7f:ed:d9:c6:94:ca:8c:a8:
36:e5:47:59:2c:3d:a4:6b:cf:ec:e0:c8:14:ad:fe:d1:58:c5:
77:60:cc:69:3a:6c:bd:b0:b6:8b:16:25:61:ea:41:76:a7:83:
55:1e:6a:3d:62:6f:46:c3:f9:57:5d:db:40:ca:f4:a5:1d:c6:
34:b1:d5:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrSisAUYAspmGAz2KxRdSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZDM4YjM3OTgwYTBkZmFlOWNmOWEyYzViNTZhZGU5N2Zh
ZjUwMmUwHhcNMjMwMTAxMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNThmZTQ2YTQ2Y2YwNzU5OWZkYjQxMmNiYWYzN2Q2YzEyMTVlYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhULmEHuO/q/2UPDnL1eKkaeLP7q
s3Xb0192SjeOM4Yuir9V8J2DPcDy7s5otlCIvi3T2fk/OLyFpBZRF+DC8ItYob45
/lfVTE7ulcqlyfyfGqp/TGHj04SxPZeK3JXdbuByofjG5GXwc9TOL6na7P8OKaor
KoGGufhZ4WjcYP/WJaVWdrKYcgfNDUVtooEK1QiojFO8BsPan//ohM8+1scOnG7X
82qy+hRsbVSjJ1ebK4gDOelXhJ1aIQ3GbN+m881XjS6Jgc39PcRMxyR3OzuHoM/8
XyTuS9fzhag5+Yyp9+qx429G6ejPxrQq6dqQmKFEMirgrUmOb1Z4tFG+2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOWP5GpGzwdZn9tBLLrzfWwSFeteMB8GA1UdIwQY
MBaAFGHTizeYCg366c+aLFtWrel/r1AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OTc0NmMtNTAxYS00M2U4LWI4ODct
N2Q0NDhiMzk2Nzc2LzEvNVlfa2FrYlBCMW1mMjBFc3V2TjliQklWNjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OTc0NmMtNTAxYS00M2U4LWI4ODctN2Q0NDhiMzk2Nzc2
LzEvWWRPTE41Z0tEZnJwejVvc1cxYXQ2WC12VUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYz8AwQA
uYz/MA0GCSqGSIb3DQEBCwUAA4IBAQADuqTTf11EL/HHdQ+Dzb/m4aqKeD3odTbt
2J23znQ/rQ8Pjqi38dVhagJLCD7R5kIrh1xRL8yDTMSm3FF5QH7kQ5tvuGiYUE6u
dzfOK7RshN0WcUYnADWBF7dqQmf1ZF+wcGIyu8OPv0En9bJK/8q7CyiGresOMsKj
Ygbix/9TvsSAJiJtuRhdqYqx2B7YlZj2Y1HKB30LJ7J0hFcyxkzQA/J6NY4vy57J
2IK4cR2YH2zbqYGivMKUOi+S5lc3f+3ZxpTKjKg25UdZLD2ka8/s4MgUrf7RWMV3
YMxpOmy9sLaLFiVh6kF2p4NVHmo9Ym9Gw/lXXdtAyvSlHcY0sdWR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:53 2024 by rpki-client on console-fra.rpki-client.org