Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/5wEUgiPUVcnUTfShz8qXBfR3zsU.roa
File: 5wEUgiPUVcnUTfShz8qXBfR3zsU.roa (raw, json)
Hash identifier: 6M1h9ty1yCMdoyX3fmXPTIKob3/e9hN5E3JzGmeKdAQ=
Subject key identifier: E7:01:14:82:23:D4:55:C9:D4:4D:F4:A1:CF:CA:97:05:F4:77:CE:C5
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 0185719E6D085126955DCC12B624A47F92B6
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/5wEUgiPUVcnUTfShz8qXBfR3zsU.roa
Signing time: Mon 02 Jan 2023 08:34:46 +0000
ROA not before: Mon 02 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204964
IP address blocks: 185.233.156.0/22 maxlen: 22
185.233.160.0/22 maxlen: 22
185.243.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:6d:08:51:26:95:5d:cc:12:b6:24:a4:7f:92:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Jan 2 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e701148223d455c9d44df4a1cfca9705f477cec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9e:6f:79:3c:02:f6:05:02:bb:e8:7a:14:57:
3e:59:14:09:38:e5:a3:b0:2d:59:d6:af:36:7c:8f:
b4:92:f7:4e:b1:0d:51:73:b8:ef:11:c1:40:8f:db:
75:72:ca:56:86:ab:8e:6d:11:f4:d7:89:4b:27:2e:
2a:3b:bd:2b:f5:7b:c8:ef:d4:98:c4:e2:79:40:e6:
0d:57:c6:37:50:5c:eb:ae:3e:5f:c1:3a:7e:1f:04:
85:06:f0:2c:bb:39:3f:24:fd:f1:80:df:42:2c:3f:
5c:1c:85:a7:d1:ab:41:0c:bc:17:68:ec:64:1f:db:
88:a2:46:90:cd:15:89:fa:91:42:a1:09:09:d1:8e:
13:d6:df:0d:40:d3:b8:da:fc:d9:7f:74:a3:8a:9c:
2f:cc:0f:28:95:67:45:e3:33:02:8f:07:57:e9:95:
3f:0c:2d:15:ea:a4:2e:ff:09:31:c5:a3:56:a0:be:
9e:a9:26:8d:96:01:3a:2c:90:d2:88:80:ba:79:fa:
15:84:02:f3:4a:20:16:14:64:71:37:4b:68:20:b5:
f4:fc:c2:51:44:23:23:79:4e:01:ed:cc:4e:48:97:
7f:8b:ee:20:cd:85:87:20:c8:bf:7d:76:c1:47:ab:
4a:6b:91:5c:8a:f9:58:01:89:cf:67:c0:bd:18:3f:
76:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:01:14:82:23:D4:55:C9:D4:4D:F4:A1:CF:CA:97:05:F4:77:CE:C5
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/5wEUgiPUVcnUTfShz8qXBfR3zsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.156.0-185.233.163.255
185.243.28.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:56:4c:c0:d6:0c:db:af:b4:08:4a:6a:a4:77:cf:b7:76:74:
b3:87:25:6f:91:38:18:ba:36:18:4c:00:5a:23:19:7a:f1:5d:
19:77:2c:92:18:56:d3:40:fa:05:a2:6b:da:dd:e1:5f:90:63:
18:88:fe:29:36:29:3d:69:6b:22:9e:0f:91:1a:fb:ef:96:34:
c2:b8:5c:36:7a:9e:74:4d:f2:fd:63:48:49:80:42:88:ea:0f:
7e:e7:b0:37:45:79:ae:8f:6d:ee:ee:02:96:87:d1:f7:f8:8e:
46:db:fb:01:ab:58:7e:ff:80:17:0c:a1:21:2d:82:e6:83:76:
32:fa:7a:ae:25:55:ce:81:e5:8a:34:44:62:15:a2:a4:4b:9c:
51:ed:e2:9f:13:11:5a:04:f1:11:29:c5:32:d7:45:04:50:95:
fa:22:94:b0:62:fc:56:05:6e:47:7a:39:c1:c1:7c:d3:ed:4e:
1c:80:10:1d:2f:bf:ab:59:81:06:43:ab:0c:a7:8b:fc:e9:1c:
65:dd:7a:cd:eb:72:e9:7d:5d:bc:02:21:ac:fb:0d:45:7f:06:
85:4a:93:3c:4f:db:f8:c0:79:ba:19:d9:95:d7:3a:64:76:39:
81:73:e9:5c:33:c0:71:ef:8a:ba:25:03:9d:3a:4f:d6:a8:2a:
42:c5:ad:a5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVxnm0IUSaVXcwStiSkf5K2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjMwMTAyMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAxMTQ4MjIzZDQ1NWM5ZDQ0ZGY0YTFjZmNhOTcwNWY0NzdjZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp5veTwC9gUCu+h6FFc+WRQJOOWj
sC1Z1q82fI+0kvdOsQ1Rc7jvEcFAj9t1cspWhquObRH014lLJy4qO70r9XvI79SY
xOJ5QOYNV8Y3UFzrrj5fwTp+HwSFBvAsuzk/JP3xgN9CLD9cHIWn0atBDLwXaOxk
H9uIokaQzRWJ+pFCoQkJ0Y4T1t8NQNO42vzZf3SjipwvzA8olWdF4zMCjwdX6ZU/
DC0V6qQu/wkxxaNWoL6eqSaNlgE6LJDSiIC6efoVhALzSiAWFGRxN0toILX0/MJR
RCMjeU4B7cxOSJd/i+4gzYWHIMi/fXbBR6tKa5FcivlYAYnPZ8C9GD92SwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOcBFIIj1FXJ1E30oc/KlwX0d87FMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvNXdFVWdpUFVWY25VVGZTaHo4cVhCZlIzenNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAK56ZwD
BAK56aADBAK58xwwDQYJKoZIhvcNAQELBQADggEBACxWTMDWDNuvtAhKaqR3z7d2
dLOHJW+ROBi6NhhMAFojGXrxXRl3LJIYVtNA+gWia9rd4V+QYxiI/ik2KT1payKe
D5Ea+++WNMK4XDZ6nnRN8v1jSEmAQojqD37nsDdFea6Pbe7uApaH0ff4jkbb+wGr
WH7/gBcMoSEtguaDdjL6eq4lVc6B5Yo0RGIVoqRLnFHt4p8TEVoE8REpxTLXRQRQ
lfoilLBi/FYFbkd6OcHBfNPtThyAEB0vv6tZgQZDqwyni/zpHGXdes3rcul9XbwC
Iaz7DUV/BoVKkzxP2/jAeboZ2ZXXOmR2OYFz6VwzwHHvirolA506T9aoKkLFraU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:58 2024 by rpki-client on console-fra.rpki-client.org