Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/sdNKdcAHkOLIaa8LQOEDJRDmjLU.roa
File: sdNKdcAHkOLIaa8LQOEDJRDmjLU.roa (raw, json)
Hash identifier: bdkpAy5/z03JZo83Swf7NHo1n1uPHO4g+NI73Zr0mUs=
Subject key identifier: B1:D3:4A:75:C0:07:90:E2:C8:69:AF:0B:40:E1:03:25:10:E6:8C:B5
Certificate issuer: /CN=d56c5074e66f43ce578a3d4a2e7bcc215cb5e960
Certificate serial: 01856ECB6589E73AFB9434D771D635D7E348
Authority key identifier: D5:6C:50:74:E6:6F:43:CE:57:8A:3D:4A:2E:7B:CC:21:5C:B5:E9:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WxQdOZvQ85Xij1KLnvMIVy16WA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/sdNKdcAHkOLIaa8LQOEDJRDmjLU.roa
Signing time: Sun 01 Jan 2023 19:25:01 +0000
ROA not before: Sun 01 Jan 2023 19:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44821
IP address blocks: 185.23.138.0/23 maxlen: 23
5.253.132.0/23 maxlen: 23
5.253.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:65:89:e7:3a:fb:94:34:d7:71:d6:35:d7:e3:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56c5074e66f43ce578a3d4a2e7bcc215cb5e960
Validity
Not Before: Jan 1 19:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1d34a75c00790e2c869af0b40e1032510e68cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0c:6f:c2:3e:d6:65:b1:24:aa:44:2e:4c:4e:
67:ac:96:11:2c:ab:e2:c8:99:5a:84:db:17:6a:e8:
e3:06:ab:f0:fd:fc:a8:9f:ab:92:0a:17:91:c7:b1:
4a:32:df:d6:de:09:cf:2b:e6:ad:06:31:25:90:8d:
8a:d6:29:f4:f7:eb:09:5e:04:60:bf:68:c6:07:0f:
28:00:ed:07:b7:d2:f8:11:28:87:7b:11:5e:cd:c6:
25:5b:e2:fc:92:5a:fb:33:66:85:2c:88:8c:fa:9e:
a7:25:66:3d:0a:8b:13:7c:1a:c9:c9:41:57:18:15:
98:b6:6e:46:f2:d3:aa:5c:4b:7e:df:fc:21:4d:79:
70:c3:ff:12:38:f5:f3:17:6f:10:41:77:9b:ba:73:
9b:41:40:55:d7:31:35:25:15:49:6c:6e:24:73:88:
78:4c:46:34:48:90:05:b4:6e:ca:e8:d1:29:40:6a:
3b:d4:9b:09:e9:d5:bf:03:46:99:e8:74:e9:70:f0:
bd:e5:e6:f9:79:76:53:d9:10:00:87:13:3a:b7:ab:
ca:7d:5f:b5:4b:e8:84:f2:a1:22:cb:54:d3:bf:ce:
19:bb:53:e9:aa:11:b5:80:62:57:b2:4b:f1:c2:56:
c2:7a:1d:6b:32:7d:36:6c:c9:52:b8:66:ca:71:61:
5d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D3:4A:75:C0:07:90:E2:C8:69:AF:0B:40:E1:03:25:10:E6:8C:B5
X509v3 Authority Key Identifier:
keyid:D5:6C:50:74:E6:6F:43:CE:57:8A:3D:4A:2E:7B:CC:21:5C:B5:E9:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WxQdOZvQ85Xij1KLnvMIVy16WA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/sdNKdcAHkOLIaa8LQOEDJRDmjLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/17527b-ecc2-4498-9208-e22b8c0a1726/1/1WxQdOZvQ85Xij1KLnvMIVy16WA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.132.0-5.253.134.255
185.23.138.0/23
Signature Algorithm: sha256WithRSAEncryption
14:d0:d2:28:15:8c:ea:da:d6:de:12:36:59:ae:ad:03:32:cc:
6c:c1:a3:a1:a5:8e:18:f3:7c:14:d6:ca:b0:ea:04:44:13:dd:
1c:2b:43:cd:14:7a:c1:d5:d1:2a:5f:85:d9:5f:4a:48:6a:68:
a3:7d:01:a6:6b:63:b8:9b:47:db:a0:27:3e:93:f1:c9:27:6b:
37:60:40:a3:93:ef:be:03:69:6f:14:eb:68:e6:74:08:5f:dc:
e9:c2:b1:19:74:0c:3a:8a:68:11:d4:6c:b3:e4:f1:e5:33:16:
97:15:19:83:43:54:a8:db:d3:08:55:fd:80:76:40:9f:9f:2c:
70:5f:71:97:b5:03:d6:c3:71:ee:38:23:63:da:24:fa:b2:ab:
5f:5c:ab:66:2a:5e:12:ef:80:88:93:5c:90:1d:5e:68:c1:21:
f4:a5:b3:1a:bb:d5:2e:aa:04:b8:da:b2:e3:6c:a1:a0:3c:95:
e9:a4:b1:da:07:40:1c:f4:42:b1:bd:e4:63:60:15:18:98:69:
5d:4f:7c:ea:e0:16:28:9c:8a:de:1a:05:c3:07:50:92:a6:2b:
2c:f6:18:18:b9:44:76:2c:50:99:43:f4:a6:4e:f8:1c:00:9b:
87:09:1c:23:50:77:2f:02:86:3a:3e:61:4c:30:07:cd:f2:86:
61:e0:a6:78
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVuy2WJ5zr7lDTXcdY11+NIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmM1MDc0ZTY2ZjQzY2U1NzhhM2Q0YTJlN2JjYzIxNWNi
NWU5NjAwHhcNMjMwMTAxMTkyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQzNGE3NWMwMDc5MGUyYzg2OWFmMGI0MGUxMDMyNTEwZTY4Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgxvwj7WZbEkqkQuTE5nrJYRLKvi
yJlahNsXaujjBqvw/fyon6uSCheRx7FKMt/W3gnPK+atBjElkI2K1in09+sJXgRg
v2jGBw8oAO0Ht9L4ESiHexFezcYlW+L8klr7M2aFLIiM+p6nJWY9CosTfBrJyUFX
GBWYtm5G8tOqXEt+3/whTXlww/8SOPXzF28QQXebunObQUBV1zE1JRVJbG4kc4h4
TEY0SJAFtG7K6NEpQGo71JsJ6dW/A0aZ6HTpcPC95eb5eXZT2RAAhxM6t6vKfV+1
S+iE8qEiy1TTv84Zu1PpqhG1gGJXskvxwlbCeh1rMn02bMlSuGbKcWFdawIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLHTSnXAB5DiyGmvC0DhAyUQ5oy1MB8GA1UdIwQY
MBaAFNVsUHTmb0POV4o9Si57zCFctelgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVd4UWRPWnZRODVYaWoxS0xudk1JVnkxNldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xNzUyN2ItZWNjMi00NDk4LTkyMDgt
ZTIyYjhjMGExNzI2LzEvc2ROS2RjQUhrT0xJYWE4TFFPRURKUkRtakxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xNzUyN2ItZWNjMi00NDk4LTkyMDgtZTIyYjhjMGExNzI2
LzEvMVd4UWRPWnZRODVYaWoxS0xudk1JVnkxNldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAIF/YQD
BAAF/YYDBAG5F4owDQYJKoZIhvcNAQELBQADggEBABTQ0igVjOra1t4SNlmurQMy
zGzBo6GljhjzfBTWyrDqBEQT3RwrQ80UesHV0SpfhdlfSkhqaKN9AaZrY7ibR9ug
Jz6T8cknazdgQKOT774DaW8U62jmdAhf3OnCsRl0DDqKaBHUbLPk8eUzFpcVGYND
VKjb0whV/YB2QJ+fLHBfcZe1A9bDce44I2PaJPqyq19cq2YqXhLvgIiTXJAdXmjB
IfSlsxq71S6qBLjasuNsoaA8lemksdoHQBz0QrG95GNgFRiYaV1PfOrgFiicit4a
BcMHUJKmKyz2GBi5RHYsUJlD9KZO+BwAm4cJHCNQdy8Chjo+YUwwB83yhmHgpng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:03 2024 by rpki-client on console-fra.rpki-client.org