Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/R5c1p4MvYvTyJeVxCiVTN3aBSxM.roa
File: R5c1p4MvYvTyJeVxCiVTN3aBSxM.roa (raw, json)
Hash identifier: dgcRpMZpEwS3mYf9I4nwmIwEAgxoxR4lD1VB4gV1Umc=
Subject key identifier: 47:97:35:A7:83:2F:62:F4:F2:25:E5:71:0A:25:53:37:76:81:4B:13
Certificate issuer: /CN=fc57d7a2d57661f6c3c6ea7636ca0ff2300c146f
Certificate serial: 018572E815333B4D237784BAA6B14D759C98
Authority key identifier: FC:57:D7:A2:D5:76:61:F6:C3:C6:EA:76:36:CA:0F:F2:30:0C:14:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FfXotV2YfbDxup2NsoP8jAMFG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/R5c1p4MvYvTyJeVxCiVTN3aBSxM.roa
Signing time: Mon 02 Jan 2023 14:34:50 +0000
ROA not before: Mon 02 Jan 2023 14:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204818
IP address blocks: 185.245.92.0/23 maxlen: 23
185.245.94.0/23 maxlen: 23
2a0d:5380::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:15:33:3b:4d:23:77:84:ba:a6:b1:4d:75:9c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc57d7a2d57661f6c3c6ea7636ca0ff2300c146f
Validity
Not Before: Jan 2 14:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=479735a7832f62f4f225e5710a25533776814b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ab:bc:d1:fa:5a:fe:fa:61:e7:a2:83:59:a7:
1c:58:31:80:0e:df:34:40:67:4f:17:9f:ff:c4:41:
9f:17:73:b7:3d:d4:e0:25:c3:6e:bb:0c:6c:4c:20:
ec:0f:7f:86:7a:c0:a7:d7:2b:dd:0e:e8:69:44:b8:
e0:0a:9d:75:2a:b5:b0:23:a3:4f:da:19:f6:df:ea:
46:c2:0f:ef:47:ee:f4:28:6a:4d:e5:11:20:db:2d:
dc:2f:70:da:90:a5:0f:07:bf:04:4f:36:d4:a9:d8:
af:24:d6:c2:cc:7a:17:1d:07:d3:d3:5f:c4:10:a9:
09:86:8d:8a:56:e3:18:f3:2d:4f:77:20:36:53:ed:
2e:b4:0b:f8:61:d6:e9:8f:1a:7d:ee:03:e3:bc:25:
ce:df:0a:6d:e9:be:ec:86:69:d9:08:d9:bb:f2:6d:
b0:9f:46:7f:d0:7c:e9:b0:ce:5d:d4:24:ed:0f:08:
75:ac:cc:44:55:9a:09:c9:73:55:9a:6a:c3:bd:a9:
8d:61:49:be:08:97:72:0f:77:96:76:6f:eb:27:bc:
31:f2:09:90:aa:ee:ab:57:ef:df:db:91:e8:89:19:
b4:69:97:42:98:f0:c4:32:bd:21:f9:f0:98:9b:da:
1c:f7:a4:3d:06:63:05:64:aa:66:cc:e1:29:e0:63:
41:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:97:35:A7:83:2F:62:F4:F2:25:E5:71:0A:25:53:37:76:81:4B:13
X509v3 Authority Key Identifier:
keyid:FC:57:D7:A2:D5:76:61:F6:C3:C6:EA:76:36:CA:0F:F2:30:0C:14:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FfXotV2YfbDxup2NsoP8jAMFG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/R5c1p4MvYvTyJeVxCiVTN3aBSxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b24b88-22f0-49b8-b2e3-731f47820b20/1/_FfXotV2YfbDxup2NsoP8jAMFG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.92.0/22
IPv6:
2a0d:5380::/29
Signature Algorithm: sha256WithRSAEncryption
50:bb:74:8d:b9:03:09:9e:fd:a7:0b:75:72:43:e0:8c:7d:7d:
6c:b8:a4:dd:f8:b7:19:c7:bf:c1:62:ed:30:dd:b6:14:21:29:
b1:74:64:cd:20:1f:c8:08:7e:56:de:02:f7:d1:ee:87:00:8a:
61:c1:52:f9:6c:08:43:d3:c8:b8:32:4b:95:d2:ee:7c:aa:65:
bf:fd:c4:90:59:88:f3:72:3f:50:a5:a0:5c:a6:3c:2c:a1:d1:
dc:fc:55:bb:30:10:2a:29:49:b6:ac:8f:01:4f:1d:12:6a:b9:
59:b2:f8:cc:c3:7a:dc:92:f0:52:eb:71:23:10:9f:0e:6b:b4:
2d:0d:01:25:9c:d5:19:40:b4:ab:cf:eb:9c:35:42:cc:85:27:
b2:04:c7:68:99:4b:d4:f1:36:84:40:44:cb:58:b1:b8:4b:63:
76:72:5c:0f:8b:34:e9:e9:f0:fe:61:8b:fe:0f:e9:22:c7:9e:
66:f6:d9:04:43:41:68:c9:d0:3e:f8:d1:72:a5:55:f5:4d:ad:
cf:a7:c1:2f:cf:cd:40:e9:49:ac:86:30:e1:bd:eb:9e:d3:d6:
39:b3:30:92:8b:c4:e1:24:86:89:e2:65:aa:d2:2c:92:ff:68:
b0:6f:26:77:c5:3f:3a:b2:2f:81:09:f2:64:86:21:cb:c4:a6:
4c:e0:a6:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy6BUzO00jd4S6prFNdZyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNTdkN2EyZDU3NjYxZjZjM2M2ZWE3NjM2Y2EwZmYyMzAw
YzE0NmYwHhcNMjMwMTAyMTQzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzk3MzVhNzgzMmY2MmY0ZjIyNWU1NzEwYTI1NTMzNzc2ODE0YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqu80fpa/vph56KDWaccWDGADt80
QGdPF5//xEGfF3O3PdTgJcNuuwxsTCDsD3+GesCn1yvdDuhpRLjgCp11KrWwI6NP
2hn23+pGwg/vR+70KGpN5REg2y3cL3DakKUPB78ETzbUqdivJNbCzHoXHQfT01/E
EKkJho2KVuMY8y1PdyA2U+0utAv4Ydbpjxp97gPjvCXO3wpt6b7shmnZCNm78m2w
n0Z/0HzpsM5d1CTtDwh1rMxEVZoJyXNVmmrDvamNYUm+CJdyD3eWdm/rJ7wx8gmQ
qu6rV+/f25HoiRm0aZdCmPDEMr0h+fCYm9oc96Q9BmMFZKpmzOEp4GNBEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEeXNaeDL2L08iXlcQolUzd2gUsTMB8GA1UdIwQY
MBaAFPxX16LVdmH2w8bqdjbKD/IwDBRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ZmWG90VjJZZmJEeHVwMk5zb1A4akFNRkc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iMjRiODgtMjJmMC00OWI4LWIyZTMt
NzMxZjQ3ODIwYjIwLzEvUjVjMXA0TXZZdlR5SmVWeENpVlROM2FCU3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iMjRiODgtMjJmMC00OWI4LWIyZTMtNzMxZjQ3ODIwYjIw
LzEvX0ZmWG90VjJZZmJEeHVwMk5zb1A4akFNRkc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufVcMA0E
AgACMAcDBQMqDVOAMA0GCSqGSIb3DQEBCwUAA4IBAQBQu3SNuQMJnv2nC3VyQ+CM
fX1suKTd+LcZx7/BYu0w3bYUISmxdGTNIB/ICH5W3gL30e6HAIphwVL5bAhD08i4
MkuV0u58qmW//cSQWYjzcj9QpaBcpjwsodHc/FW7MBAqKUm2rI8BTx0SarlZsvjM
w3rckvBS63EjEJ8Oa7QtDQElnNUZQLSrz+ucNULMhSeyBMdomUvU8TaEQETLWLG4
S2N2clwPizTp6fD+YYv+D+kix55m9tkEQ0FoydA++NFypVX1Ta3Pp8Evz81A6Ums
hjDhveue09Y5szCSi8ThJIaJ4mWq0iyS/2iwbyZ3xT86si+BCfJkhiHLxKZM4KZ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:12 2024 by rpki-client on console-fra.rpki-client.org