Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/IK67Y5VWXmUtllHfeGDiK0iT0KY.roa
File: IK67Y5VWXmUtllHfeGDiK0iT0KY.roa (raw, json)
Hash identifier: lF6LkRvDWXhrir7TYiPcFSksRtsDKfExv49td+LTqIs=
Subject key identifier: 20:AE:BB:63:95:56:5E:65:2D:96:51:DF:78:60:E2:2B:48:93:D0:A6
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0185718C317417D988E5590F6A8A46E88BFB
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/IK67Y5VWXmUtllHfeGDiK0iT0KY.roa
Signing time: Mon 02 Jan 2023 08:14:51 +0000
ROA not before: Mon 02 Jan 2023 08:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58192
IP address blocks: 185.239.0.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 03:39:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:31:74:17:d9:88:e5:59:0f:6a:8a:46:e8:8b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 2 08:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20aebb6395565e652d9651df7860e22b4893d0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0c:2f:d6:01:34:dd:f9:cd:c3:0e:1e:ed:40:
b2:dc:e4:07:1d:6c:45:86:5a:df:66:ae:81:87:f4:
3e:7f:6c:9a:87:88:e5:81:f2:e3:54:b5:63:bd:8f:
3a:25:c2:d3:5c:8b:a1:0d:c7:ac:42:6f:c6:69:92:
e1:c2:23:d4:7c:2c:37:6f:1d:b9:8b:ca:a0:57:13:
59:a2:4a:0f:de:01:9c:bc:56:d6:a5:42:ac:b8:7f:
9a:0a:4c:b5:b8:0e:f1:92:b3:53:b6:ad:e5:b8:31:
a0:44:cf:1c:3a:d9:98:d0:3a:99:e8:4f:84:43:94:
a1:1f:0a:cb:b8:72:c7:50:a3:94:a3:84:f1:25:ae:
65:97:67:2b:b9:a7:db:9f:e1:4f:e1:d1:10:94:80:
86:c8:99:a2:07:20:d0:d2:c5:4b:c3:9b:23:1d:2b:
47:6d:87:98:b3:5e:42:10:f3:6c:05:ba:25:bd:9f:
74:58:53:98:61:56:5c:51:fe:3c:f3:09:1d:10:68:
f5:39:38:26:5e:29:e9:32:6c:fa:3d:3b:01:b6:33:
8a:66:8c:ff:06:3a:e2:83:ac:fc:07:86:0d:75:67:
da:33:cc:92:13:7d:ed:bd:61:eb:5d:14:ff:02:04:
60:de:8a:6c:db:83:27:55:b2:71:2b:62:21:ac:99:
43:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:AE:BB:63:95:56:5E:65:2D:96:51:DF:78:60:E2:2B:48:93:D0:A6
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/IK67Y5VWXmUtllHfeGDiK0iT0KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
185.239.0.0/24
Signature Algorithm: sha256WithRSAEncryption
16:5e:ad:7b:e7:cd:95:76:49:c5:1d:62:ae:df:23:70:3a:c7:
87:63:a0:01:93:d0:9c:4a:f3:1f:2d:da:7e:24:c0:89:cc:2e:
5a:af:d2:da:6c:62:a6:9d:6b:a5:0e:e8:94:3f:9b:08:a3:94:
45:2d:16:bc:0b:c4:ca:63:55:bd:64:fe:bf:6c:58:4b:f1:35:
04:07:c1:df:f5:90:4a:e0:d3:fd:e1:6c:53:df:45:23:60:32:
b7:fe:3d:0f:af:45:48:a2:6b:f0:97:7f:c7:ec:12:47:aa:85:
60:a8:b7:bf:69:aa:8f:53:c9:ea:48:65:de:0e:42:21:cd:49:
28:be:9d:23:8b:c5:0f:c7:95:1f:b8:8e:c2:0e:c9:03:a8:2e:
14:0a:58:a8:d1:d7:00:50:08:4e:ec:57:6a:dc:37:66:bb:e2:
b5:2c:6c:1b:38:e4:c4:a6:de:c5:d9:79:7c:c2:05:e5:e3:52:
1d:34:55:c9:a4:98:00:35:73:aa:ac:73:0e:1a:71:99:0b:cb:
99:77:a7:2a:28:4c:a7:fc:5d:38:b7:e9:5f:2b:9b:5f:62:54:
57:15:8e:ec:fc:6b:8d:1d:ed:7b:6f:6d:97:42:56:fb:05:ea:
1e:60:91:94:65:31:4c:7c:72:02:7a:3b:b7:ea:ed:39:a2:06:
c7:9f:82:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxjDF0F9mI5VkPaopG6Iv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwMTAyMDgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGFlYmI2Mzk1NTY1ZTY1MmQ5NjUxZGY3ODYwZTIyYjQ4OTNkMGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gwv1gE03fnNww4e7UCy3OQHHWxF
hlrfZq6Bh/Q+f2yah4jlgfLjVLVjvY86JcLTXIuhDcesQm/GaZLhwiPUfCw3bx25
i8qgVxNZokoP3gGcvFbWpUKsuH+aCky1uA7xkrNTtq3luDGgRM8cOtmY0DqZ6E+E
Q5ShHwrLuHLHUKOUo4TxJa5ll2cruafbn+FP4dEQlICGyJmiByDQ0sVLw5sjHStH
bYeYs15CEPNsBbolvZ90WFOYYVZcUf488wkdEGj1OTgmXinpMmz6PTsBtjOKZoz/
Bjrig6z8B4YNdWfaM8ySE33tvWHrXRT/AgRg3ops24MnVbJxK2IhrJlDeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCCuu2OVVl5lLZZR33hg4itIk9CmMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvSUs2N1k1VldYbVV0bGxIZmVHRGlLMGlUMEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZ8xAwQA
BZ82AwQAue8AMA0GCSqGSIb3DQEBCwUAA4IBAQAWXq17582VdknFHWKu3yNwOseH
Y6ABk9CcSvMfLdp+JMCJzC5ar9LabGKmnWulDuiUP5sIo5RFLRa8C8TKY1W9ZP6/
bFhL8TUEB8Hf9ZBK4NP94WxT30UjYDK3/j0Pr0VIomvwl3/H7BJHqoVgqLe/aaqP
U8nqSGXeDkIhzUkovp0ji8UPx5UfuI7CDskDqC4UClio0dcAUAhO7Fdq3Ddmu+K1
LGwbOOTEpt7F2Xl8wgXl41IdNFXJpJgANXOqrHMOGnGZC8uZd6cqKEyn/F04t+lf
K5tfYlRXFY7s/GuNHe17b22XQlb7BeoeYJGUZTFMfHICeju36u05ogbHn4IU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org