Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/IB5G6euG4JFWt6WVhSG0Y0LxoiE.roa
File: IB5G6euG4JFWt6WVhSG0Y0LxoiE.roa (raw, json)
Hash identifier: lhwB7sN92ShL+ZXoG3XOl/12nMGjVWiPF2hpCadDK4E=
Subject key identifier: 20:1E:46:E9:EB:86:E0:91:56:B7:A5:95:85:21:B4:63:42:F1:A2:21
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 0187DD5F14D672676FF80916AA611AA54860
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/IB5G6euG4JFWt6WVhSG0Y0LxoiE.roa
Signing time: Tue 02 May 2023 16:50:08 +0000
ROA not before: Tue 02 May 2023 16:50:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35758
IP address blocks: 5.253.186.0/24 maxlen: 24
185.219.162.0/24 maxlen: 24
185.114.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jul 2023 19:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dd:5f:14:d6:72:67:6f:f8:09:16:aa:61:1a:a5:48:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: May 2 16:50:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=201e46e9eb86e09156b7a5958521b46342f1a221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:12:36:76:ba:f8:7b:fe:f0:85:e3:ee:38:0d:
9c:e6:de:a1:8f:2f:eb:28:f7:36:91:17:3b:1b:a2:
b9:05:5a:b3:d8:f5:67:a4:b2:43:f4:7f:43:b7:fa:
76:3c:1d:fc:3d:2b:08:f8:e6:dc:14:c9:b9:66:a8:
c0:58:f9:cc:d5:25:79:94:5d:06:34:a1:d4:22:86:
4d:aa:2d:f6:4f:d2:c0:e5:9e:72:6c:54:a5:80:49:
e8:ca:f5:c7:d0:f3:40:30:c6:33:a0:77:31:60:99:
1f:b9:b4:41:8d:d0:6f:3f:f1:6a:c1:55:6e:a8:68:
8e:03:df:05:d2:68:b8:0f:03:8f:e8:11:26:de:32:
2e:96:af:57:31:70:b3:ee:d2:10:9c:15:e2:54:c6:
40:d8:3b:90:f6:a3:ee:19:14:91:70:ca:91:d4:af:
50:7c:a4:6a:fb:30:16:c9:7c:8f:8f:a1:ad:12:6f:
3b:a7:5f:9a:b0:0f:24:7f:de:93:91:15:b6:94:05:
f2:65:9d:b7:15:a1:c0:1d:d7:d6:5f:60:a6:8e:dc:
9f:cd:b9:44:e1:81:e2:d1:60:df:eb:ab:46:89:d2:
0f:cb:df:34:6b:1c:cc:e3:82:2c:59:21:4b:b3:f6:
36:02:3a:8e:5b:c2:7a:5b:48:33:a8:3a:bf:46:2b:
76:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1E:46:E9:EB:86:E0:91:56:B7:A5:95:85:21:B4:63:42:F1:A2:21
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/IB5G6euG4JFWt6WVhSG0Y0LxoiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.186.0/24
185.114.205.0/24
185.219.162.0/24
Signature Algorithm: sha256WithRSAEncryption
52:46:53:d6:b9:d2:51:f5:11:cf:49:38:82:b9:fd:7f:9e:05:
af:e3:fc:79:66:05:e5:79:b2:c4:b3:38:fc:66:70:0d:71:ac:
39:d5:7d:3d:ca:39:1a:64:fd:cf:fb:da:2a:37:dc:4c:cf:7c:
ed:72:8a:86:2d:3f:89:13:80:2d:d0:e6:7b:5e:aa:34:57:3f:
87:1c:5d:66:e1:0b:5d:4b:82:f2:bd:68:eb:92:4b:f5:bc:4c:
66:de:36:84:6e:68:bc:78:a7:04:af:89:c7:c6:9e:07:4f:05:
62:46:27:ad:25:5c:f3:d7:52:3e:a3:7b:fb:ff:be:a3:59:22:
43:c7:d8:ce:a7:54:eb:81:0d:ef:c4:ee:a9:c8:51:bf:4d:05:
ea:d9:ce:df:34:5a:d6:a1:07:3b:d3:ef:0e:3f:34:e3:97:f4:
1d:e4:53:5f:fd:61:58:a1:33:61:70:46:1e:5a:05:89:0a:d8:
6d:ff:44:e8:31:4d:2d:ab:fa:95:8e:d2:b5:8d:e1:32:9c:2a:
6f:c5:5f:0d:96:64:5e:31:5f:09:22:c1:66:94:13:a7:9f:61:
6f:93:c7:29:d5:9e:c2:54:08:53:af:bc:ba:8f:9d:db:80:56:
80:8f:db:2d:38:7e:bc:d0:bf:75:17:d9:46:9f:ff:66:5b:c7:
78:ec:7c:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfdXxTWcmdv+AkWqmEapUhgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwNTAyMTY1MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFlNDZlOWViODZlMDkxNTZiN2E1OTU4NTIxYjQ2MzQyZjFhMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBI2drr4e/7whePuOA2c5t6hjy/r
KPc2kRc7G6K5BVqz2PVnpLJD9H9Dt/p2PB38PSsI+ObcFMm5ZqjAWPnM1SV5lF0G
NKHUIoZNqi32T9LA5Z5ybFSlgEnoyvXH0PNAMMYzoHcxYJkfubRBjdBvP/FqwVVu
qGiOA98F0mi4DwOP6BEm3jIulq9XMXCz7tIQnBXiVMZA2DuQ9qPuGRSRcMqR1K9Q
fKRq+zAWyXyPj6GtEm87p1+asA8kf96TkRW2lAXyZZ23FaHAHdfWX2CmjtyfzblE
4YHi0WDf66tGidIPy980axzM44IsWSFLs/Y2AjqOW8J6W0gzqDq/Rit27wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCAeRunrhuCRVrellYUhtGNC8aIhMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvSUI1RzZldUc0SkZXdDZXVmhTRzBZMEx4b2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf26AwQA
uXLNAwQAuduiMA0GCSqGSIb3DQEBCwUAA4IBAQBSRlPWudJR9RHPSTiCuf1/ngWv
4/x5ZgXlebLEszj8ZnANcaw51X09yjkaZP3P+9oqN9xMz3ztcoqGLT+JE4At0OZ7
Xqo0Vz+HHF1m4QtdS4LyvWjrkkv1vExm3jaEbmi8eKcEr4nHxp4HTwViRietJVzz
11I+o3v7/76jWSJDx9jOp1TrgQ3vxO6pyFG/TQXq2c7fNFrWoQc70+8OPzTjl/Qd
5FNf/WFYoTNhcEYeWgWJCtht/0ToMU0tq/qVjtK1jeEynCpvxV8NlmReMV8JIsFm
lBOnn2Fvk8cp1Z7CVAhTr7y6j53bgFaAj9stOH680L91F9lGn/9mW8d47HwE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:36 2024 by rpki-client on console-ams.rpki-client.org