Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/5tgzTsyt0WNBfXkFyIvWXUS45wc.roa
File: 5tgzTsyt0WNBfXkFyIvWXUS45wc.roa (raw, json)
Hash identifier: WMdA7ztfE94LnIQ4DcDwI9tuqBwdRbpzkGSPRX4FVYA=
Subject key identifier: E6:D8:33:4E:CC:AD:D1:63:41:7D:79:05:C8:8B:D6:5D:44:B8:E7:07
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 018CC5DC72EC647DB70687DD0823C2AA0222
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/5tgzTsyt0WNBfXkFyIvWXUS45wc.roa
Signing time: Mon 01 Jan 2024 16:30:08 +0000
ROA not before: Mon 01 Jan 2024 16:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49436
IP address blocks: 195.42.158.0/23 maxlen: 23
185.250.168.0/22 maxlen: 22
2a0c:f47::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 22 Jan 2024 13:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:72:ec:64:7d:b7:06:87:dd:08:23:c2:aa:02:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 1 16:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d8334eccadd163417d7905c88bd65d44b8e707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ed:38:6a:9c:42:d9:a0:cd:bd:86:59:8c:45:
3a:d7:3b:e0:77:80:49:a8:31:5e:5c:09:bf:8c:f8:
13:7a:8f:58:07:f7:ed:76:8a:6c:2f:29:42:20:b1:
fc:b1:39:02:d3:8e:af:5a:7b:c4:de:e5:e3:d6:db:
9d:61:d4:f4:26:da:94:35:e1:c4:06:b6:2c:17:11:
61:42:3a:03:75:39:a0:c3:18:69:06:a9:47:64:09:
66:fc:35:31:d8:63:a8:2a:28:2f:e5:c7:d4:23:8a:
51:f2:02:f8:f5:70:b8:b6:3a:34:eb:55:26:6c:9b:
9d:ec:7a:78:36:c3:e8:08:29:21:e6:69:58:b6:bd:
60:56:00:5f:c0:02:ea:4b:18:b7:ba:0d:74:eb:5e:
39:8d:95:fd:75:ff:49:b4:95:3c:9b:d4:d1:b8:ae:
3d:bd:19:f3:3a:73:d6:4d:00:a7:bb:04:a6:02:46:
6d:92:9d:dc:f3:4e:9c:66:02:37:f7:2a:c9:81:8f:
0b:06:c6:9f:ab:58:2c:b1:f3:1b:a9:97:00:f5:6a:
2c:b6:35:dc:47:42:11:4c:0e:21:3f:f2:d8:a1:ad:
9d:5c:40:f4:fb:bb:49:04:65:e5:ab:0d:aa:b4:d4:
81:19:05:04:16:5a:a2:b4:46:b2:f8:55:20:9c:38:
90:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D8:33:4E:CC:AD:D1:63:41:7D:79:05:C8:8B:D6:5D:44:B8:E7:07
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/5tgzTsyt0WNBfXkFyIvWXUS45wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.168.0/22
195.42.158.0/23
IPv6:
2a0c:f47::/32
Signature Algorithm: sha256WithRSAEncryption
b3:cd:95:dd:56:59:cf:33:52:78:e7:68:84:d5:98:a3:76:57:
6a:26:2f:f9:87:71:ea:21:9b:c1:cf:98:91:05:d8:61:7c:7f:
3a:b5:24:7c:b8:ab:f5:3c:6b:56:18:77:24:ec:76:02:7d:80:
cb:12:a6:2b:bd:0f:5e:f4:db:eb:1e:7e:6a:15:32:7c:ef:95:
c5:b7:88:ad:57:ed:8a:1f:ce:e1:b1:af:89:7a:7b:d4:a9:2d:
40:a7:1a:18:c6:30:dd:8c:cb:57:59:90:1e:3e:b3:87:34:63:
dc:9c:b1:91:4b:bd:81:be:46:38:d5:09:76:1e:39:15:d0:76:
ef:6f:98:36:b3:f1:aa:3a:10:86:a1:f5:a7:8d:2d:16:cd:ec:
a8:bd:1d:e2:4b:da:8f:92:4c:5a:55:43:54:7b:5f:a6:94:4f:
9a:62:13:50:a3:dd:b1:3d:12:ea:af:61:05:70:40:34:fd:31:
7b:db:5c:95:a1:f8:c0:b6:65:cb:04:de:81:33:cf:38:c9:4d:
92:67:d1:9b:9e:e4:0d:54:c7:03:73:66:bc:7c:30:c0:45:a3:
24:5f:cb:0a:41:71:dd:f9:d8:be:d7:a8:43:ee:7a:c0:61:df:
e7:2f:4c:f2:c0:f3:3e:36:c3:f5:9b:09:d6:8e:80:1f:be:98:
40:ad:37:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3HLsZH23BofdCCPCqgIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjQwMTAxMTYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ4MzM0ZWNjYWRkMTYzNDE3ZDc5MDVjODhiZDY1ZDQ0YjhlNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO04apxC2aDNvYZZjEU61zvgd4BJ
qDFeXAm/jPgTeo9YB/ftdopsLylCILH8sTkC046vWnvE3uXj1tudYdT0JtqUNeHE
BrYsFxFhQjoDdTmgwxhpBqlHZAlm/DUx2GOoKigv5cfUI4pR8gL49XC4tjo061Um
bJud7Hp4NsPoCCkh5mlYtr1gVgBfwALqSxi3ug106145jZX9df9JtJU8m9TRuK49
vRnzOnPWTQCnuwSmAkZtkp3c806cZgI39yrJgY8LBsafq1gssfMbqZcA9WostjXc
R0IRTA4hP/LYoa2dXED0+7tJBGXlqw2qtNSBGQUEFlqitEay+FUgnDiQBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFObYM07MrdFjQX15BciL1l1EuOcHMB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvNXRnelRzeXQwV05CZlhrRnlJdldYVVM0NXdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufqoAwQB
wyqeMA0EAgACMAcDBQAqDA9HMA0GCSqGSIb3DQEBCwUAA4IBAQCzzZXdVlnPM1J4
52iE1ZijdldqJi/5h3HqIZvBz5iRBdhhfH86tSR8uKv1PGtWGHck7HYCfYDLEqYr
vQ9e9NvrHn5qFTJ875XFt4itV+2KH87hsa+JenvUqS1ApxoYxjDdjMtXWZAePrOH
NGPcnLGRS72BvkY41Ql2HjkV0Hbvb5g2s/GqOhCGofWnjS0WzeyovR3iS9qPkkxa
VUNUe1+mlE+aYhNQo92xPRLqr2EFcEA0/TF721yVofjAtmXLBN6BM884yU2SZ9Gb
nuQNVMcDc2a8fDDARaMkX8sKQXHd+di+16hD7nrAYd/nL0zywPM+NsP1mwnWjoAf
vphArTdV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:18 2025 by rpki-client