Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/5MTHtC_KzbzwpbutgDLX7jdNkig.roa
File: 5MTHtC_KzbzwpbutgDLX7jdNkig.roa (raw, json)
Hash identifier: R9ia8zW8P9wyKkh0bhVb9XQkkcyZWcr4iPF18pY0AN0=
Subject key identifier: E4:C4:C7:B4:2F:CA:CD:BC:F0:A5:BB:AD:80:32:D7:EE:37:4D:92:28
Certificate issuer: /CN=d4e4e015ec01da6ae7d84916fd1ad4caa904dc4e
Certificate serial: 01856E1436FB0A119F906E6BC91A7D7C2680
Authority key identifier: D4:E4:E0:15:EC:01:DA:6A:E7:D8:49:16:FD:1A:D4:CA:A9:04:DC:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OTgFewB2mrn2EkW_RrUyqkE3E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/5MTHtC_KzbzwpbutgDLX7jdNkig.roa
Signing time: Sun 01 Jan 2023 16:04:56 +0000
ROA not before: Sun 01 Jan 2023 16:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205797
IP address blocks: 185.205.90.0/24 maxlen: 24
185.205.89.0/24 maxlen: 24
185.205.88.0/24 maxlen: 24
185.205.88.0/22 maxlen: 22
185.205.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:36:fb:0a:11:9f:90:6e:6b:c9:1a:7d:7c:26:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e4e015ec01da6ae7d84916fd1ad4caa904dc4e
Validity
Not Before: Jan 1 16:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4c4c7b42fcacdbcf0a5bbad8032d7ee374d9228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:a6:99:c0:bb:53:50:b8:92:a6:3f:d4:7b:
51:95:43:23:92:a1:7f:fa:bd:ca:f2:06:48:fd:d6:
5e:17:19:94:bb:7e:c3:c4:f6:79:1b:cb:0f:ef:56:
78:89:79:33:dd:01:47:ea:80:74:5c:2e:77:a1:6d:
9a:41:ac:35:c5:c7:65:30:ab:0b:ad:a4:20:8a:ea:
44:77:43:a7:de:45:d5:c3:76:89:80:60:8a:2a:74:
7e:19:ea:1d:a8:6c:f0:1d:8d:38:68:fb:fd:3e:6a:
9e:bd:ae:54:b3:d5:78:76:df:9e:9f:be:3c:b3:07:
8a:a6:af:c5:44:72:9a:b8:60:3b:57:f4:87:5e:4e:
4b:b1:3f:1b:5f:33:20:85:99:55:ab:b5:8a:88:97:
58:24:df:85:9a:83:de:65:61:e0:18:68:f4:63:7c:
a1:75:c8:14:0c:0b:c7:cf:46:68:49:bc:00:65:98:
ff:ab:03:d2:cb:a2:77:15:b2:c2:04:a0:ea:1c:03:
48:59:e8:d7:c2:f6:74:31:1a:44:29:73:60:fb:93:
4a:71:66:77:c6:61:0d:88:b3:eb:5d:df:1b:34:24:
42:54:34:07:33:c8:c4:44:cd:13:cf:94:ef:f9:51:
90:bc:a6:26:0e:bd:9a:84:49:03:ce:f2:19:ae:c6:
af:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C4:C7:B4:2F:CA:CD:BC:F0:A5:BB:AD:80:32:D7:EE:37:4D:92:28
X509v3 Authority Key Identifier:
keyid:D4:E4:E0:15:EC:01:DA:6A:E7:D8:49:16:FD:1A:D4:CA:A9:04:DC:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OTgFewB2mrn2EkW_RrUyqkE3E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/5MTHtC_KzbzwpbutgDLX7jdNkig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bdd87c-a6d9-4bc2-9d87-0a812bb18f35/1/1OTgFewB2mrn2EkW_RrUyqkE3E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:ba:61:a1:b1:41:a1:4e:63:61:70:e1:b4:ec:c0:e7:e5:3a:
16:fc:b7:36:53:ed:a2:8d:4a:bb:43:8e:f5:e8:d5:88:46:c4:
59:6e:47:3a:65:6d:1f:9e:83:c6:2e:0e:7d:ac:7b:95:0d:eb:
f4:03:7c:1c:30:94:26:a3:7a:78:8f:a7:01:62:f8:9c:75:dd:
1e:88:cb:5c:3f:4f:da:0d:32:5b:37:6d:f0:42:e4:c3:1b:d9:
5f:30:db:7a:e4:aa:84:d5:a2:87:6a:c7:20:9a:1e:4b:5c:19:
e3:72:44:6e:6c:42:b1:02:b1:11:37:5c:79:87:17:8d:8c:06:
b8:ee:c8:8c:75:7c:86:29:08:ad:4e:76:c4:c4:b8:f4:ad:0f:
81:61:e3:d0:1f:db:28:67:cd:c6:a1:57:8a:53:d6:f0:4c:a4:
d5:59:bf:cb:78:50:60:ed:2d:19:9b:4a:a0:ff:fd:de:90:c2:
44:33:b2:96:ce:87:56:b2:54:75:ca:90:91:44:fe:e1:ea:45:
c4:ff:47:3f:14:f8:de:5b:0b:0d:86:45:7c:3f:8c:fe:b1:25:
77:06:5e:12:7e:0a:6f:10:a9:9a:4d:d6:7d:fa:5d:22:38:86:
f8:ae:3d:b5:11:5c:4f:35:14:68:47:c2:a4:9f:29:8f:d3:6e:
97:08:14:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFDb7ChGfkG5ryRp9fCaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTRlMDE1ZWMwMWRhNmFlN2Q4NDkxNmZkMWFkNGNhYTkw
NGRjNGUwHhcNMjMwMTAxMTYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGM0YzdiNDJmY2FjZGJjZjBhNWJiYWQ4MDMyZDdlZTM3NGQ5MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcOmmcC7U1C4kqY/1HtRlUMjkqF/
+r3K8gZI/dZeFxmUu37DxPZ5G8sP71Z4iXkz3QFH6oB0XC53oW2aQaw1xcdlMKsL
raQgiupEd0On3kXVw3aJgGCKKnR+GeodqGzwHY04aPv9Pmqeva5Us9V4dt+en748
sweKpq/FRHKauGA7V/SHXk5LsT8bXzMghZlVq7WKiJdYJN+FmoPeZWHgGGj0Y3yh
dcgUDAvHz0ZoSbwAZZj/qwPSy6J3FbLCBKDqHANIWejXwvZ0MRpEKXNg+5NKcWZ3
xmENiLPrXd8bNCRCVDQHM8jERM0Tz5Tv+VGQvKYmDr2ahEkDzvIZrsavrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOTEx7Qvys288KW7rYAy1+43TZIoMB8GA1UdIwQY
MBaAFNTk4BXsAdpq59hJFv0a1MqpBNxOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9UZ0Zld0IybXJuMkVrV19SclV5cWtFM0U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iZGQ4N2MtYTZkOS00YmMyLTlkODct
MGE4MTJiYjE4ZjM1LzEvNU1USHRDX0t6Ynp3cGJ1dGdETFg3amROa2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iZGQ4N2MtYTZkOS00YmMyLTlkODctMGE4MTJiYjE4ZjM1
LzEvMU9UZ0Zld0IybXJuMkVrV19SclV5cWtFM0U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc1YMA0G
CSqGSIb3DQEBCwUAA4IBAQCjumGhsUGhTmNhcOG07MDn5ToW/Lc2U+2ijUq7Q471
6NWIRsRZbkc6ZW0fnoPGLg59rHuVDev0A3wcMJQmo3p4j6cBYvicdd0eiMtcP0/a
DTJbN23wQuTDG9lfMNt65KqE1aKHascgmh5LXBnjckRubEKxArERN1x5hxeNjAa4
7siMdXyGKQitTnbExLj0rQ+BYePQH9soZ83GoVeKU9bwTKTVWb/LeFBg7S0Zm0qg
//3ekMJEM7KWzodWslR1ypCRRP7h6kXE/0c/FPjeWwsNhkV8P4z+sSV3Bl4Sfgpv
EKmaTdZ9+l0iOIb4rj21EVxPNRRoR8KknymP026XCBRt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:45 2024 by rpki-client on console-ams.rpki-client.org