Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/gYrDBKkRcIysHm_8uix2VaPnL-g.roa
File: gYrDBKkRcIysHm_8uix2VaPnL-g.roa (raw, json)
Hash identifier: 8PgIXLx6HkuARd+mYkRiWW6ifldbO1QAKOHWK3OwQMU=
Subject key identifier: 81:8A:C3:04:A9:11:70:8C:AC:1E:6F:FC:BA:2C:76:55:A3:E7:2F:E8
Certificate issuer: /CN=a5d4a5a5d14c8a3b8cb94d1cb46c0d6e2a1c4847
Certificate serial: 01856E5D5CF265F136EC1AC6E9867F579176
Authority key identifier: A5:D4:A5:A5:D1:4C:8A:3B:8C:B9:4D:1C:B4:6C:0D:6E:2A:1C:48:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdSlpdFMijuMuU0ctGwNbiocSEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/gYrDBKkRcIysHm_8uix2VaPnL-g.roa
Signing time: Sun 01 Jan 2023 17:24:50 +0000
ROA not before: Sun 01 Jan 2023 17:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206471
IP address blocks: 185.185.172.0/24 maxlen: 24
185.185.173.0/24 maxlen: 24
185.185.175.0/24 maxlen: 24
185.185.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:5c:f2:65:f1:36:ec:1a:c6:e9:86:7f:57:91:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5d4a5a5d14c8a3b8cb94d1cb46c0d6e2a1c4847
Validity
Not Before: Jan 1 17:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=818ac304a911708cac1e6ffcba2c7655a3e72fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:01:28:e7:24:17:fc:2d:5e:89:be:e3:25:d1:
b0:09:34:ee:a1:e1:ef:43:53:88:45:48:79:89:f5:
45:98:6f:a2:f8:f4:7f:63:d7:08:c3:29:94:c5:8f:
5e:40:18:e8:51:75:b7:85:13:c5:0f:85:f0:c5:85:
54:22:55:6c:e9:ae:9c:a2:e1:07:b8:6b:e8:f3:0b:
f3:f4:24:84:f7:bf:70:77:d4:0e:fd:b8:b6:f5:94:
92:40:ea:c6:f5:7f:02:31:7e:de:70:b5:bf:d9:0c:
9a:a2:cb:78:5d:83:57:f7:69:69:fc:a7:b7:db:c4:
90:5a:b1:c7:47:5a:b2:19:50:82:68:77:d5:0c:db:
c2:15:39:e9:70:52:df:a5:4c:5e:98:a9:32:9f:ce:
f1:18:5c:6d:79:f6:5d:a4:b4:0a:84:69:99:72:37:
c9:df:de:cb:21:7a:5f:31:6c:23:4f:65:32:e9:bf:
ee:d7:a1:0e:26:e2:c9:c5:77:04:0f:9b:d8:52:e7:
6c:57:21:f9:4b:91:68:f6:d3:50:af:f1:dd:39:d3:
01:77:29:46:4d:df:8f:bb:70:a2:bd:6e:ee:27:c1:
1a:b2:df:59:c5:e3:a2:cb:96:bd:57:b2:52:00:60:
73:28:a0:75:d5:b9:cf:c4:97:04:56:bf:7c:8d:f5:
7c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8A:C3:04:A9:11:70:8C:AC:1E:6F:FC:BA:2C:76:55:A3:E7:2F:E8
X509v3 Authority Key Identifier:
keyid:A5:D4:A5:A5:D1:4C:8A:3B:8C:B9:4D:1C:B4:6C:0D:6E:2A:1C:48:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdSlpdFMijuMuU0ctGwNbiocSEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/gYrDBKkRcIysHm_8uix2VaPnL-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6d85ea-f74a-464b-b4a2-22c08dcbf572/1/pdSlpdFMijuMuU0ctGwNbiocSEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.172.0/22
Signature Algorithm: sha256WithRSAEncryption
35:1a:fa:bc:68:d5:59:73:28:c0:30:e5:45:76:5c:d7:f9:e6:
81:b0:c4:b8:de:a3:e8:ae:bc:a8:39:e7:a4:a4:df:b1:f5:ca:
61:73:f3:3a:cd:a3:8b:a3:f8:7c:71:b3:28:ef:36:f9:d7:81:
f5:ec:77:57:f8:ff:79:e5:a7:5b:8c:af:ad:d7:5e:80:6d:60:
a3:b8:9e:7b:f9:7f:4b:27:e4:bc:fe:9b:27:1a:05:88:61:7f:
49:43:b0:f8:74:39:6f:a7:fd:03:fb:f5:2b:b6:70:98:b7:90:
f6:58:a9:31:a4:a1:93:43:f2:c1:9d:97:28:24:1f:2b:44:0e:
ad:a9:91:f5:e3:12:cd:db:9c:fd:17:41:a2:4d:57:54:19:82:
cc:62:59:ce:65:1a:db:e6:f9:6c:19:ea:1e:03:0f:a2:07:80:
55:2a:6b:07:1f:bc:29:54:de:a3:e5:9d:70:5a:94:55:c1:a8:
95:30:8e:b2:72:a5:dd:27:12:6a:84:3c:14:97:b0:50:73:91:
ec:b0:d1:fe:ed:4b:ea:6d:a6:4a:5a:b6:30:89:a1:a4:9f:cc:
a4:40:d3:78:02:7a:b7:a6:56:e9:8d:ae:c2:9e:d6:4d:79:3c:
30:76:58:db:0a:84:92:bc:1c:46:08:23:f9:c8:7c:c2:78:08:
aa:9b:9e:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXVzyZfE27BrG6YZ/V5F2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ZDRhNWE1ZDE0YzhhM2I4Y2I5NGQxY2I0NmMwZDZlMmEx
YzQ4NDcwHhcNMjMwMTAxMTcyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThhYzMwNGE5MTE3MDhjYWMxZTZmZmNiYTJjNzY1NWEzZTcyZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwEo5yQX/C1eib7jJdGwCTTuoeHv
Q1OIRUh5ifVFmG+i+PR/Y9cIwymUxY9eQBjoUXW3hRPFD4XwxYVUIlVs6a6couEH
uGvo8wvz9CSE979wd9QO/bi29ZSSQOrG9X8CMX7ecLW/2Qyaost4XYNX92lp/Ke3
28SQWrHHR1qyGVCCaHfVDNvCFTnpcFLfpUxemKkyn87xGFxtefZdpLQKhGmZcjfJ
397LIXpfMWwjT2Uy6b/u16EOJuLJxXcED5vYUudsVyH5S5Fo9tNQr/HdOdMBdylG
Td+Pu3CivW7uJ8East9ZxeOiy5a9V7JSAGBzKKB11bnPxJcEVr98jfV8ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGKwwSpEXCMrB5v/LosdlWj5y/oMB8GA1UdIwQY
MBaAFKXUpaXRTIo7jLlNHLRsDW4qHEhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGRTbHBkRk1panVNdVUwY3RHd05iaW9jU0VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82ZDg1ZWEtZjc0YS00NjRiLWI0YTIt
MjJjMDhkY2JmNTcyLzEvZ1lyREJLa1JjSXlzSG1fOHVpeDJWYVBuTC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82ZDg1ZWEtZjc0YS00NjRiLWI0YTItMjJjMDhkY2JmNTcy
LzEvcGRTbHBkRk1panVNdVUwY3RHd05iaW9jU0VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubmsMA0G
CSqGSIb3DQEBCwUAA4IBAQA1Gvq8aNVZcyjAMOVFdlzX+eaBsMS43qPorryoOeek
pN+x9cphc/M6zaOLo/h8cbMo7zb514H17HdX+P955adbjK+t116AbWCjuJ57+X9L
J+S8/psnGgWIYX9JQ7D4dDlvp/0D+/UrtnCYt5D2WKkxpKGTQ/LBnZcoJB8rRA6t
qZH14xLN25z9F0GiTVdUGYLMYlnOZRrb5vlsGeoeAw+iB4BVKmsHH7wpVN6j5Z1w
WpRVwaiVMI6ycqXdJxJqhDwUl7BQc5HssNH+7UvqbaZKWrYwiaGkn8ykQNN4Anq3
plbpja7CntZNeTwwdljbCoSSvBxGCCP5yHzCeAiqm574
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org