Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/5A_IGqMcerB51-1zxSCGT6-0oeE.roa
File: 5A_IGqMcerB51-1zxSCGT6-0oeE.roa (raw, json)
Hash identifier: MOEB4gIp2ehjesOP0zL+6kgnMqjFgK2LEydFl4nEtIM=
Subject key identifier: E4:0F:C8:1A:A3:1C:7A:B0:79:D7:ED:73:C5:20:86:4F:AF:B4:A1:E1
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 018CF5CCADB1BB0C298B2202FF4603871902
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/5A_IGqMcerB51-1zxSCGT6-0oeE.roa
Signing time: Wed 10 Jan 2024 23:54:40 +0000
ROA not before: Wed 10 Jan 2024 23:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 06:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:cc:ad:b1:bb:0c:29:8b:22:02:ff:46:03:87:19:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Jan 10 23:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e40fc81aa31c7ab079d7ed73c520864fafb4a1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bf:db:cc:55:d9:42:51:ae:20:29:dd:16:3c:
8a:ee:78:21:c7:6b:a2:dc:c7:87:9d:95:58:4b:f1:
72:7b:f4:b9:b9:a7:a5:47:78:80:30:11:2f:dd:13:
46:3b:c5:c5:05:55:4c:f1:ea:c0:96:9a:d3:29:0c:
58:b1:7f:e5:0c:37:d7:20:fd:1d:4a:a6:aa:de:c4:
72:48:8b:1c:23:68:1a:f0:06:e7:b8:b4:06:ec:5c:
47:c3:af:f5:03:d4:16:72:56:fa:9e:80:c3:f1:85:
91:92:da:0b:0d:8f:76:b4:7d:d4:aa:03:78:8c:24:
b1:34:9b:5c:c3:b6:f7:63:2f:d8:09:0c:70:4d:80:
73:ab:87:37:2c:93:4b:f2:a8:bc:c1:64:35:2c:c0:
a2:2b:56:77:10:d1:74:82:93:99:2b:11:8b:4a:67:
22:7d:3a:1f:7c:9c:60:69:3e:97:85:86:74:22:47:
1d:87:89:29:93:10:4b:4e:d5:02:32:7b:58:f5:18:
6b:40:10:f4:05:68:50:2c:2e:77:7b:17:cb:b7:9c:
e9:1d:7f:bd:09:06:f8:e3:50:b7:d9:64:97:40:08:
53:66:0c:62:7f:3a:dc:34:7f:45:20:5f:39:40:1e:
1b:a1:28:eb:3a:46:57:b8:75:38:8f:c4:b6:c5:4e:
d0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0F:C8:1A:A3:1C:7A:B0:79:D7:ED:73:C5:20:86:4F:AF:B4:A1:E1
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/5A_IGqMcerB51-1zxSCGT6-0oeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.26.0/24
192.189.157.0/24
Signature Algorithm: sha256WithRSAEncryption
24:84:a8:bf:c4:23:0f:26:b9:4e:0c:0f:6e:d7:1c:86:08:09:
2c:ba:53:cf:7e:3a:17:4a:c0:1e:d2:81:14:0d:8a:d5:be:8c:
e7:ac:db:eb:86:0d:6f:bb:63:fd:20:ad:6c:be:e4:3a:3f:ac:
4d:94:4d:fb:0b:28:d8:f6:9a:57:28:81:18:a0:88:dd:34:58:
de:c4:e4:ab:86:08:e6:20:fd:ee:2d:ec:6c:59:3e:29:b7:99:
36:23:0c:a9:52:12:93:b2:2e:43:4d:d3:51:b3:96:68:d7:16:
4f:10:81:f8:00:e1:0a:7c:14:de:09:5a:85:ca:3c:b6:fa:63:
2e:c8:12:66:ef:2a:b9:17:d4:eb:e7:89:67:bf:6d:a6:a2:ff:
0c:f8:ae:18:55:95:9b:38:7b:c9:29:d1:49:2d:89:65:16:74:
94:78:bd:e0:a9:5a:69:15:26:e8:7b:7f:d1:fc:66:78:4f:ad:
77:c3:36:af:87:4c:a9:47:21:0a:2a:0b:95:f5:e0:bd:19:36:
12:3d:58:65:a6:39:55:57:9e:95:cd:d7:ed:20:8c:f0:3c:a2:
99:0a:59:78:39:cc:4d:6d:6f:1f:66:f7:89:36:a6:44:e0:7e:
f1:7f:25:d8:f0:04:37:d1:ca:69:eb:dc:e6:7c:72:89:46:5e:
32:39:a9:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz1zK2xuwwpiyIC/0YDhxkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwMTEwMjM1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBmYzgxYWEzMWM3YWIwNzlkN2VkNzNjNTIwODY0ZmFmYjRhMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL/bzFXZQlGuICndFjyK7nghx2ui
3MeHnZVYS/Fye/S5uaelR3iAMBEv3RNGO8XFBVVM8erAlprTKQxYsX/lDDfXIP0d
Sqaq3sRySIscI2ga8AbnuLQG7FxHw6/1A9QWclb6noDD8YWRktoLDY92tH3UqgN4
jCSxNJtcw7b3Yy/YCQxwTYBzq4c3LJNL8qi8wWQ1LMCiK1Z3ENF0gpOZKxGLSmci
fToffJxgaT6XhYZ0Ikcdh4kpkxBLTtUCMntY9RhrQBD0BWhQLC53exfLt5zpHX+9
CQb441C32WSXQAhTZgxifzrcNH9FIF85QB4boSjrOkZXuHU4j8S2xU7QAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOQPyBqjHHqwedftc8Ughk+vtKHhMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvNUFfSUdxTWNlckI1MS0xenhTQ0dUNi0wb2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueEaAwQA
wL2dMA0GCSqGSIb3DQEBCwUAA4IBAQAkhKi/xCMPJrlODA9u1xyGCAksulPPfjoX
SsAe0oEUDYrVvoznrNvrhg1vu2P9IK1svuQ6P6xNlE37CyjY9ppXKIEYoIjdNFje
xOSrhgjmIP3uLexsWT4pt5k2IwypUhKTsi5DTdNRs5Zo1xZPEIH4AOEKfBTeCVqF
yjy2+mMuyBJm7yq5F9Tr54lnv22mov8M+K4YVZWbOHvJKdFJLYllFnSUeL3gqVpp
FSboe3/R/GZ4T613wzavh0ypRyEKKguV9eC9GTYSPVhlpjlVV56VzdftIIzwPKKZ
Cll4OcxNbW8fZveJNqZE4H7xfyXY8AQ30cpp69zmfHKJRl4yOanF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org