Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/5DPAxd2SYM5q-MMgB2iD5ykMzWM.roa
File: 5DPAxd2SYM5q-MMgB2iD5ykMzWM.roa (raw, json)
Hash identifier: Y/L3a/PybR69xThKXMXGIWI+HK+1w9iuHoNG6H8lZbY=
Subject key identifier: E4:33:C0:C5:DD:92:60:CE:6A:F8:C3:20:07:68:83:E7:29:0C:CD:63
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 018FA3C7AC313CDFE4B0819CA786EB6C3926
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/5DPAxd2SYM5q-MMgB2iD5ykMzWM.roa
Signing time: Thu 23 May 2024 04:48:42 +0000
ROA not before: Thu 23 May 2024 04:48:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.101.168.0/23 maxlen: 23
185.101.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 27 May 2024 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a3:c7:ac:31:3c:df:e4:b0:81:9c:a7:86:eb:6c:39:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: May 23 04:48:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e433c0c5dd9260ce6af8c320076883e7290ccd63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a7:46:dc:93:ef:df:e4:8e:15:d0:b6:e4:9b:
42:89:66:59:1c:30:db:a2:32:c3:da:d2:42:6a:83:
ac:94:af:d6:84:51:31:88:d8:16:2b:6b:5d:b9:e5:
b4:23:f5:95:13:5b:cf:11:a8:2d:eb:0e:5a:c4:c6:
6d:fe:82:74:bc:4f:30:f8:74:da:7e:6e:58:26:b6:
59:40:3d:77:c1:2e:7f:28:84:a9:4f:71:e9:3a:0b:
85:0e:31:8c:8e:2c:7e:e8:af:59:a5:7b:a4:68:dc:
5c:a5:89:fa:85:38:90:bc:88:34:a7:8d:7d:7e:26:
90:f0:3d:0e:47:44:ee:d8:88:5b:53:49:c5:0e:08:
91:24:53:04:16:92:ab:c9:5d:6a:7d:b6:9d:24:2d:
23:aa:97:48:7c:7b:42:a2:d2:d6:c9:a9:3c:36:ce:
72:3c:b7:7d:b1:59:ef:e3:83:78:6f:df:4f:95:58:
64:60:f0:90:65:bf:5c:09:a7:0b:be:0f:3f:f7:2a:
79:2e:f6:f1:ff:ca:cc:7f:77:57:0e:ad:c3:9e:cc:
97:d4:4f:aa:d4:99:9e:f9:89:f8:b5:37:5e:d9:1a:
2d:02:f9:98:65:fd:a4:bf:ca:33:ea:f8:71:c0:a8:
91:fe:f9:42:f6:07:6a:95:cd:b4:9d:8b:f9:8a:fa:
e6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:33:C0:C5:DD:92:60:CE:6A:F8:C3:20:07:68:83:E7:29:0C:CD:63
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/5DPAxd2SYM5q-MMgB2iD5ykMzWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.168.0/22
Signature Algorithm: sha256WithRSAEncryption
42:ac:27:04:d0:54:14:42:ae:45:60:76:09:27:52:b2:55:64:
5a:91:be:b0:6e:02:25:46:20:4f:ee:36:87:e9:c0:ce:a8:53:
fa:fa:fa:d1:f0:1e:c3:d0:24:79:4f:6d:aa:7e:c8:d7:ea:b4:
5e:41:2b:0e:96:8d:3b:77:26:5d:2f:69:ec:cd:f0:e4:e9:0e:
29:1a:91:1d:79:c0:12:33:ea:4c:5f:87:e4:17:b9:4d:8c:dc:
7c:9e:41:33:9c:39:f6:9f:20:30:94:91:48:3e:fa:d3:87:ad:
09:cb:1f:e2:d3:13:33:e4:2a:fe:6a:c0:87:9c:7e:7e:60:76:
57:37:65:d9:a1:7d:02:0a:61:29:4d:65:61:dc:2c:9b:3f:ed:
1b:52:07:de:3a:57:1f:5e:75:ed:c2:cf:ae:9e:bb:df:a1:44:
b9:78:da:06:68:43:30:1d:a3:5a:cc:ba:aa:92:75:6d:3e:85:
30:bf:cc:6b:6b:0b:52:09:da:1e:f1:7d:3d:5c:51:6d:95:84:
f5:0d:00:72:af:39:36:28:e3:b4:a4:a0:4f:7d:63:73:45:4c:
e6:57:01:6b:a0:e0:62:0e:8d:32:da:dc:c6:e3:c1:fa:50:aa:
80:28:c7:80:e3:7d:4c:ba:8e:aa:08:5f:1c:0a:4a:be:5d:b6:
19:f5:f3:4f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+jx6wxPN/ksIGcp4brbDkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjQwNTIzMDQ0ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDMzYzBjNWRkOTI2MGNlNmFmOGMzMjAwNzY4ODNlNzI5MGNjZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6dG3JPv3+SOFdC25JtCiWZZHDDb
ojLD2tJCaoOslK/WhFExiNgWK2tdueW0I/WVE1vPEagt6w5axMZt/oJ0vE8w+HTa
fm5YJrZZQD13wS5/KISpT3HpOguFDjGMjix+6K9ZpXukaNxcpYn6hTiQvIg0p419
fiaQ8D0OR0Tu2IhbU0nFDgiRJFMEFpKryV1qfbadJC0jqpdIfHtCotLWyak8Ns5y
PLd9sVnv44N4b99PlVhkYPCQZb9cCacLvg8/9yp5Lvbx/8rMf3dXDq3DnsyX1E+q
1Jme+Yn4tTde2RotAvmYZf2kv8oz6vhxwKiR/vlC9gdqlc20nYv5ivrmBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQzwMXdkmDOavjDIAdog+cpDM1jMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvNURQQXhkMlNZTTVxLU1NZ0IyaUQ1eWtNeldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWWoMA0G
CSqGSIb3DQEBCwUAA4IBAQBCrCcE0FQUQq5FYHYJJ1KyVWRakb6wbgIlRiBP7jaH
6cDOqFP6+vrR8B7D0CR5T22qfsjX6rReQSsOlo07dyZdL2nszfDk6Q4pGpEdecAS
M+pMX4fkF7lNjNx8nkEznDn2nyAwlJFIPvrTh60Jyx/i0xMz5Cr+asCHnH5+YHZX
N2XZoX0CCmEpTWVh3CybP+0bUgfeOlcfXnXtws+unrvfoUS5eNoGaEMwHaNazLqq
knVtPoUwv8xrawtSCdoe8X09XFFtlYT1DQByrzk2KOO0pKBPfWNzRUzmVwFroOBi
Do0y2tzG48H6UKqAKMeA431Muo6qCF8cCkq+XbYZ9fNP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:36 2025 by rpki-client