Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/5bOt-u_uV8ERP49sjoghzLwJVB0.roa
File: 5bOt-u_uV8ERP49sjoghzLwJVB0.roa (raw, json)
Hash identifier: iKJuVjSIQJx+mspSKv8tl8ex7tK1Nl+2wLNM/LOhud4=
Subject key identifier: E5:B3:AD:FA:EF:EE:57:C1:11:3F:8F:6C:8E:88:21:CC:BC:09:54:1D
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 0192D368D9DE5B4C92022B491A8BEFC0BF13
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/5bOt-u_uV8ERP49sjoghzLwJVB0.roa
Signing time: Mon 28 Oct 2024 13:55:16 +0000
ROA not before: Mon 28 Oct 2024 13:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201653
IP address blocks: 185.73.208.0/24 maxlen: 24
185.73.209.0/24 maxlen: 24
2a00:8dc0:1900::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d3:68:d9:de:5b:4c:92:02:2b:49:1a:8b:ef:c0:bf:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Oct 28 13:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5b3adfaefee57c1113f8f6c8e8821ccbc09541d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1e:3e:5a:95:80:9f:99:32:78:4f:c0:4b:cf:
d6:61:e0:44:9e:b4:b5:68:33:27:29:49:5e:b5:b0:
ee:b3:f9:78:45:6d:57:8b:04:8e:8b:74:a3:c4:07:
e6:38:83:64:4a:13:30:f9:f8:c8:1b:b7:ad:c7:c7:
66:68:a6:01:c0:ca:21:8d:af:0b:04:da:5e:c2:27:
dc:97:20:44:d9:48:58:82:10:a0:65:1c:4d:06:df:
27:32:27:50:e2:ca:4d:5c:58:7d:b7:ff:e3:03:02:
3f:f5:d7:bc:bb:4a:05:0c:8e:9c:17:fd:03:b1:49:
49:be:a9:fb:8f:c3:88:e7:57:50:9e:1f:d6:98:25:
90:26:04:9d:97:c7:93:7b:56:9f:ec:47:c0:84:8d:
b1:29:1e:eb:12:ad:56:85:83:24:3c:1e:d4:c8:74:
cc:da:d1:e4:72:87:58:1d:21:eb:4d:e8:17:f6:ca:
e7:3c:e7:61:0c:98:5c:e1:57:c7:84:f7:b2:1e:fa:
ed:83:80:49:ca:1e:46:87:b1:fd:d1:ae:3f:78:9e:
ad:4b:23:6d:89:16:91:22:3d:a2:51:4b:2b:be:20:
4a:7c:98:0e:ab:c0:36:01:02:83:ed:1a:4e:5e:48:
55:22:14:25:7c:62:ed:fd:10:48:55:31:2f:b7:31:
ef:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B3:AD:FA:EF:EE:57:C1:11:3F:8F:6C:8E:88:21:CC:BC:09:54:1D
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/5bOt-u_uV8ERP49sjoghzLwJVB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.208.0/23
IPv6:
2a00:8dc0:1900::/40
Signature Algorithm: sha256WithRSAEncryption
43:86:0f:bf:60:14:49:97:33:af:92:96:78:3a:ae:7b:bc:55:
bd:e8:a4:1b:71:b1:dc:df:b3:8a:24:5d:df:39:af:05:e2:39:
d5:0a:fb:22:ab:a2:a3:88:e6:2d:a8:69:b4:09:f1:0a:8c:d8:
a8:3b:94:36:7b:bc:17:43:d9:a1:58:55:df:3c:91:47:76:4c:
95:11:5b:37:b9:5e:1a:23:c3:ae:e0:84:49:9e:b9:ba:68:18:
0f:05:7d:d9:95:b1:e5:16:18:2c:d2:ac:1e:55:72:34:59:9e:
2e:33:f7:eb:62:c0:6f:be:60:01:f4:f4:d5:e6:18:8a:ae:4a:
fa:b5:95:b7:98:a4:27:f3:d0:4e:24:45:c6:37:68:0f:82:b6:
3e:33:d3:c7:e6:36:c8:47:4a:27:e1:ec:43:5e:d3:40:ad:72:
6b:96:0c:7b:e1:96:6c:b9:33:c9:41:12:cf:b8:bd:50:9d:7e:
82:4e:99:bc:20:65:e0:f5:83:31:ff:93:00:a1:f9:0a:6c:bc:
c7:43:ce:99:a4:d6:fe:0a:60:17:6a:68:b8:c8:a7:fb:77:a5:
d3:78:b9:e8:56:f1:42:02:8d:28:41:e3:15:96:82:d9:59:de:
9f:fd:cf:14:c6:37:f0:c9:e0:0c:e5:a3:0f:f5:00:7e:e8:3b:
77:d7:97:24
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZLTaNneW0ySAitJGovvwL8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjQxMDI4MTM1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWIzYWRmYWVmZWU1N2MxMTEzZjhmNmM4ZTg4MjFjY2JjMDk1NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR4+WpWAn5kyeE/AS8/WYeBEnrS1
aDMnKUletbDus/l4RW1XiwSOi3SjxAfmOINkShMw+fjIG7etx8dmaKYBwMohja8L
BNpewifclyBE2UhYghCgZRxNBt8nMidQ4spNXFh9t//jAwI/9de8u0oFDI6cF/0D
sUlJvqn7j8OI51dQnh/WmCWQJgSdl8eTe1af7EfAhI2xKR7rEq1WhYMkPB7UyHTM
2tHkcodYHSHrTegX9srnPOdhDJhc4VfHhPeyHvrtg4BJyh5Gh7H90a4/eJ6tSyNt
iRaRIj2iUUsrviBKfJgOq8A2AQKD7RpOXkhVIhQlfGLt/RBIVTEvtzHvhwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOWzrfrv7lfBET+PbI6IIcy8CVQdMB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvNWJPdC11X3VWOEVSUDQ5c2pvZ2h6THdKVkIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuUnQMA4E
AgACMAgDBgAqAI3AGTANBgkqhkiG9w0BAQsFAAOCAQEAQ4YPv2AUSZczr5KWeDqu
e7xVveikG3Gx3N+ziiRd3zmvBeI51Qr7Iquio4jmLahptAnxCozYqDuUNnu8F0PZ
oVhV3zyRR3ZMlRFbN7leGiPDruCESZ65umgYDwV92ZWx5RYYLNKsHlVyNFmeLjP3
62LAb75gAfT01eYYiq5K+rWVt5ikJ/PQTiRFxjdoD4K2PjPTx+Y2yEdKJ+HsQ17T
QK1ya5YMe+GWbLkzyUESz7i9UJ1+gk6ZvCBl4PWDMf+TAKH5Cmy8x0POmaTW/gpg
F2pouMin+3el03i56FbxQgKNKEHjFZaC2Vnen/3PFMY38MngDOWjD/UAfug7d9eX
JA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:26 2025 by rpki-client