Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/k5yR6GGCEAA-i3rfrBNYsZyHzbw.roa
File: k5yR6GGCEAA-i3rfrBNYsZyHzbw.roa (raw, json)
Hash identifier: +hO52bNqbBeAdw5HEKczCUsZ2AlZVL/dwMLxzxlDi0Q=
Subject key identifier: 93:9C:91:E8:61:82:10:00:3E:8B:7A:DF:AC:13:58:B1:9C:87:CD:BC
Certificate issuer: /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial: 01898BF881D1F2DE8004416B0E9C19406815
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/k5yR6GGCEAA-i3rfrBNYsZyHzbw.roa
Signing time: Tue 25 Jul 2023 07:34:26 +0000
ROA not before: Tue 25 Jul 2023 07:34:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199346
IP address blocks: 185.12.158.0/23 maxlen: 24
81.24.248.0/21 maxlen: 24
2a03:2240::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 12 Nov 2023 23:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8b:f8:81:d1:f2:de:80:04:41:6b:0e:9c:19:40:68:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Validity
Not Before: Jul 25 07:34:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=939c91e8618210003e8b7adfac1358b19c87cdbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:15:d7:f2:8f:a1:46:a8:02:31:05:1b:ac:4c:
01:1a:b6:57:e5:43:c9:56:64:4b:3a:d8:56:7e:b5:
22:cf:b4:7a:f4:a1:34:a1:fa:65:18:95:68:e2:42:
85:da:79:cd:ff:0d:cf:d1:88:4b:c7:e9:3d:88:63:
80:4e:9b:e6:c5:32:d6:d0:66:60:d6:f0:6e:74:52:
62:b0:7c:91:62:43:ba:76:ee:00:85:54:54:47:1e:
a1:c9:d9:60:7b:7d:54:bb:63:a6:03:3d:50:78:68:
51:b2:5a:69:de:e9:6d:24:c1:91:dc:be:25:8d:f9:
ed:b9:79:38:b6:99:ff:2e:56:36:03:23:f8:7b:d6:
9e:b6:9e:a9:f4:72:1e:11:2c:d5:22:a4:7f:f0:98:
08:33:9c:c9:bb:af:9e:c0:37:1c:10:89:ae:73:5f:
e0:26:b1:88:7f:29:84:5f:bd:57:77:96:a7:4f:cd:
ae:62:56:1f:77:b0:75:89:9c:91:7a:c9:4d:51:d2:
aa:bb:22:f2:bd:e6:01:4a:44:1a:b7:49:d2:83:03:
1f:de:2c:e0:94:dc:83:4b:4d:1c:44:d3:e5:28:9b:
9f:41:7d:b7:9e:e5:87:46:d0:48:da:5e:f6:2a:9c:
29:73:27:dd:89:93:d4:ad:25:ca:8c:b1:82:fb:8d:
56:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:9C:91:E8:61:82:10:00:3E:8B:7A:DF:AC:13:58:B1:9C:87:CD:BC
X509v3 Authority Key Identifier:
keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/k5yR6GGCEAA-i3rfrBNYsZyHzbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.248.0/21
185.12.158.0/23
IPv6:
2a03:2240::/32
Signature Algorithm: sha256WithRSAEncryption
10:ba:d3:16:3b:d6:e8:3f:dd:ad:3b:88:d2:e5:06:3d:54:77:
37:01:e2:a7:de:b2:b2:ae:b5:d7:96:78:ea:21:3b:18:22:5b:
9b:db:9a:0d:76:bf:51:40:65:0e:8e:b5:4b:81:a9:89:e7:69:
04:90:79:1a:74:07:40:7d:e4:5e:03:63:7a:15:e9:de:54:58:
17:7a:0a:19:c2:66:36:f3:dd:69:d5:23:53:2e:cf:91:cf:45:
6f:27:10:ee:78:0b:f9:dd:26:78:b4:60:b6:64:fa:03:55:ce:
b5:d8:8f:72:fa:7c:73:2c:f5:ee:32:18:05:20:41:d4:c1:ee:
67:fc:d8:06:a4:dd:4f:4b:17:71:b0:5e:7c:4b:0b:fc:2e:2c:
7f:fe:0f:4e:31:51:9b:86:e3:15:1e:e4:41:68:14:87:64:ad:
71:13:5b:86:18:c2:61:05:d0:34:9f:b6:d1:00:0b:9c:12:e9:
2e:fa:39:5b:c0:a9:3f:45:b8:1e:d0:59:88:41:e6:ea:d3:6e:
72:ec:33:06:a3:2d:95:cd:90:a3:8c:73:d2:3d:a4:d3:50:79:
a0:ed:26:59:20:a0:5d:81:ce:71:57:8e:bb:e5:f0:4e:87:7c:
94:45:eb:b1:7f:b4:47:46:d2:8e:cf:f9:8c:8b:8b:57:5d:40:
e9:a0:cb:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYmL+IHR8t6ABEFrDpwZQGgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDcwNWEzNjNkYzFkOGQwZWE1MWM5YjlhMWVjYmQzODA3
YmQwNTQwHhcNMjMwNzI1MDczNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzljOTFlODYxODIxMDAwM2U4YjdhZGZhYzEzNThiMTljODdjZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxXX8o+hRqgCMQUbrEwBGrZX5UPJ
VmRLOthWfrUiz7R69KE0ofplGJVo4kKF2nnN/w3P0YhLx+k9iGOATpvmxTLW0GZg
1vBudFJisHyRYkO6du4AhVRURx6hydlge31Uu2OmAz1QeGhRslpp3ultJMGR3L4l
jfntuXk4tpn/LlY2AyP4e9aetp6p9HIeESzVIqR/8JgIM5zJu6+ewDccEImuc1/g
JrGIfymEX71Xd5anT82uYlYfd7B1iZyReslNUdKquyLyveYBSkQat0nSgwMf3izg
lNyDS00cRNPlKJufQX23nuWHRtBI2l72KpwpcyfdiZPUrSXKjLGC+41WdwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJOckehhghAAPot636wTWLGch828MB8GA1UdIwQY
MBaAFP9HBaNj3B2NDqUcm5oey9OAe9BUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYt
NTZiYmUzOGY3NDA3LzEvazV5UjZHR0NFQUEtaTNyZnJCTllzWnlIemJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYtNTZiYmUzOGY3NDA3
LzEvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDURj4AwQB
uQyeMA0EAgACMAcDBQAqAyJAMA0GCSqGSIb3DQEBCwUAA4IBAQAQutMWO9boP92t
O4jS5QY9VHc3AeKn3rKyrrXXlnjqITsYIlub25oNdr9RQGUOjrVLgamJ52kEkHka
dAdAfeReA2N6FeneVFgXegoZwmY2891p1SNTLs+Rz0VvJxDueAv53SZ4tGC2ZPoD
Vc612I9y+nxzLPXuMhgFIEHUwe5n/NgGpN1PSxdxsF58Swv8Lix//g9OMVGbhuMV
HuRBaBSHZK1xE1uGGMJhBdA0n7bRAAucEuku+jlbwKk/Rbge0FmIQebq025y7DMG
oy2VzZCjjHPSPaTTUHmg7SZZIKBdgc5xV4675fBOh3yUReuxf7RHRtKOz/mMi4tX
XUDpoMtK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:21 2024 by rpki-client on console-ams.rpki-client.org