Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/5brCVPemubfp_ScI52P_IhyHGcU.roa
File: 5brCVPemubfp_ScI52P_IhyHGcU.roa (raw, json)
Hash identifier: V3XhudBygS6H1hx3MjHbc74wvxZyx5hWrEdmF1x8ilU=
Subject key identifier: E5:BA:C2:54:F7:A6:B9:B7:E9:FD:27:08:E7:63:FF:22:1C:87:19:C5
Certificate issuer: /CN=dea46eaae7aef2f44fe660162bb9dc70d6525af1
Certificate serial: 01863BA7A7C6AA23B3C5945E1D044CE211DB
Authority key identifier: DE:A4:6E:AA:E7:AE:F2:F4:4F:E6:60:16:2B:B9:DC:70:D6:52:5A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/5brCVPemubfp_ScI52P_IhyHGcU.roa
Signing time: Fri 10 Feb 2023 14:08:08 +0000
ROA not before: Fri 10 Feb 2023 14:08:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 185.225.132.0/23 maxlen: 23
185.225.134.128/25 maxlen: 25
2a0d:c400::/32 maxlen: 32
2a0d:c401::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 Feb 2023 18:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:a7:a7:c6:aa:23:b3:c5:94:5e:1d:04:4c:e2:11:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea46eaae7aef2f44fe660162bb9dc70d6525af1
Validity
Not Before: Feb 10 14:08:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5bac254f7a6b9b7e9fd2708e763ff221c8719c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7d:0e:ef:96:fe:ec:de:1e:6b:20:95:99:8f:
16:d6:7c:04:98:ab:96:3d:db:e6:20:ee:3e:1f:9a:
fd:fb:74:cb:d4:7f:df:c8:b6:ae:eb:09:ea:32:8e:
39:33:af:25:e2:d3:c2:5b:40:b8:6a:4a:cc:2b:bc:
67:85:a1:d4:32:bf:59:da:32:82:b6:35:18:c6:fb:
ce:da:c5:3a:6f:77:f1:66:93:87:ac:f3:84:68:f0:
c1:23:6f:1e:a4:7f:d5:ff:f9:d3:0c:a0:f4:25:9d:
1f:f2:2a:87:bd:02:29:9b:7f:81:c1:77:d7:07:54:
c7:28:69:34:ea:27:c0:05:00:53:27:eb:62:41:61:
f6:2a:07:8f:32:dd:9d:fa:df:06:40:0b:18:74:b0:
75:8a:06:72:49:5d:c9:ab:e0:dc:30:21:b5:e7:17:
65:b4:b2:fd:cb:9c:06:ff:a1:e2:3f:56:52:06:f9:
30:02:02:c7:fa:d7:cf:20:c3:17:c1:1a:a8:2f:2f:
18:4b:f4:47:db:c9:f1:00:09:01:a7:65:78:9b:75:
f2:f6:b3:eb:6d:d5:4d:d7:b8:14:2f:82:2a:60:c0:
2f:fd:0e:3e:b8:cf:02:e1:ec:30:cc:8e:30:b1:4d:
0c:40:8a:3c:4e:ef:07:da:7c:4b:03:fc:d3:20:e5:
24:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BA:C2:54:F7:A6:B9:B7:E9:FD:27:08:E7:63:FF:22:1C:87:19:C5
X509v3 Authority Key Identifier:
keyid:DE:A4:6E:AA:E7:AE:F2:F4:4F:E6:60:16:2B:B9:DC:70:D6:52:5A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/5brCVPemubfp_ScI52P_IhyHGcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/3qRuqueu8vRP5mAWK7nccNZSWvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.132.0/23
185.225.134.128/25
IPv6:
2a0d:c400::/31
Signature Algorithm: sha256WithRSAEncryption
21:46:bf:83:b9:4d:fc:7f:1c:91:d5:68:97:6b:ef:eb:43:54:
64:45:41:b6:ab:6e:03:00:25:2b:af:91:d4:8c:35:1b:1f:2f:
63:e8:99:25:64:db:48:dd:96:6c:84:a5:d1:ce:4f:28:04:e7:
e6:ff:ce:8c:ae:81:54:a6:97:ab:58:6d:91:62:46:9e:ab:f7:
69:fc:69:22:1b:c8:32:31:50:f5:7d:51:bc:ff:87:c1:0d:fe:
55:c9:cc:61:71:be:04:91:87:b3:70:7c:e2:a5:8b:76:38:8b:
e0:42:42:40:1a:ac:4d:1f:91:a8:dd:9a:b8:4c:94:30:1f:4e:
ec:f3:f6:ab:f1:21:eb:9f:e8:09:e6:aa:ce:a4:cb:e1:f3:5f:
52:b6:9f:bf:3d:5c:f5:14:71:06:65:b1:8d:c3:d4:f2:8a:1f:
31:8d:75:1d:26:a2:51:0d:e3:b0:d7:64:40:13:32:7f:48:5e:
87:72:ec:2d:8c:fc:c5:57:eb:23:24:f5:c0:d1:b0:b3:22:12:
ab:95:a7:00:ef:e3:48:d7:2d:e4:4c:df:67:a1:bd:06:d6:b3:
02:f8:27:61:ee:b2:bb:18:2a:66:85:ad:16:f2:8c:44:de:7c:
83:a4:e2:2b:f3:d5:a3:f3:28:a9:ca:d8:43:9a:52:65:b9:02:
74:23:1f:55
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYY7p6fGqiOzxZReHQRM4hHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTQ2ZWFhZTdhZWYyZjQ0ZmU2NjAxNjJiYjlkYzcwZDY1
MjVhZjEwHhcNMjMwMjEwMTQwODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJhYzI1NGY3YTZiOWI3ZTlmZDI3MDhlNzYzZmYyMjFjODcxOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX0O75b+7N4eayCVmY8W1nwEmKuW
PdvmIO4+H5r9+3TL1H/fyLau6wnqMo45M68l4tPCW0C4akrMK7xnhaHUMr9Z2jKC
tjUYxvvO2sU6b3fxZpOHrPOEaPDBI28epH/V//nTDKD0JZ0f8iqHvQIpm3+BwXfX
B1THKGk06ifABQBTJ+tiQWH2KgePMt2d+t8GQAsYdLB1igZySV3Jq+DcMCG15xdl
tLL9y5wG/6HiP1ZSBvkwAgLH+tfPIMMXwRqoLy8YS/RH28nxAAkBp2V4m3Xy9rPr
bdVN17gUL4IqYMAv/Q4+uM8C4ewwzI4wsU0MQIo8Tu8H2nxLA/zTIOUkEwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOW6wlT3prm36f0nCOdj/yIchxnFMB8GA1UdIwQY
MBaAFN6kbqrnrvL0T+ZgFiu53HDWUlrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FSdXF1ZXU4dlJQNW1BV0s3bmNjTlpTV3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTM4OTAtOGQwNi00MjdjLTg1ZjEt
MWZhOWFjNTgwYjhlLzEvNWJyQ1ZQZW11YmZwX1NjSTUyUF9JaHlIR2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTM4OTAtOGQwNi00MjdjLTg1ZjEtMWZhOWFjNTgwYjhl
LzEvM3FSdXF1ZXU4dlJQNW1BV0s3bmNjTlpTV3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANAwQBueGEAwUH
ueGGgDANBAIAAjAHAwUBKg3EADANBgkqhkiG9w0BAQsFAAOCAQEAIUa/g7lN/H8c
kdVol2vv60NUZEVBtqtuAwAlK6+R1Iw1Gx8vY+iZJWTbSN2WbISl0c5PKATn5v/O
jK6BVKaXq1htkWJGnqv3afxpIhvIMjFQ9X1RvP+HwQ3+VcnMYXG+BJGHs3B84qWL
djiL4EJCQBqsTR+RqN2auEyUMB9O7PP2q/Eh65/oCeaqzqTL4fNfUrafvz1c9RRx
BmWxjcPU8oofMY11HSaiUQ3jsNdkQBMyf0heh3LsLYz8xVfrIyT1wNGwsyISq5Wn
AO/jSNct5EzfZ6G9BtazAvgnYe6yuxgqZoWtFvKMRN58g6TiK/PVo/MoqcrYQ5pS
ZbkCdCMfVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:51 2024 by rpki-client on console-ams.rpki-client.org