Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/nqHobpM6p6tBQFcO2Xk_S-Mxo10.roa
File: nqHobpM6p6tBQFcO2Xk_S-Mxo10.roa (raw, json)
Hash identifier: ToGcksE95IClGtOjMe1fQi43NhnSA3lYbP4FK78oXsI=
Subject key identifier: 9E:A1:E8:6E:93:3A:A7:AB:41:40:57:0E:D9:79:3F:4B:E3:31:A3:5D
Certificate issuer: /CN=5b3825b48b3599effaa0bc81a8dddb98f1d802c4
Certificate serial: 01856EA6A04EB3B77CE75301A33817A6D9A8
Authority key identifier: 5B:38:25:B4:8B:35:99:EF:FA:A0:BC:81:A8:DD:DB:98:F1:D8:02:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WzgltIs1me_6oLyBqN3bmPHYAsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/nqHobpM6p6tBQFcO2Xk_S-Mxo10.roa
Signing time: Sun 01 Jan 2023 18:44:51 +0000
ROA not before: Sun 01 Jan 2023 18:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206859
IP address blocks: 185.173.252.0/22 maxlen: 22
2a0b:7500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:a0:4e:b3:b7:7c:e7:53:01:a3:38:17:a6:d9:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b3825b48b3599effaa0bc81a8dddb98f1d802c4
Validity
Not Before: Jan 1 18:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ea1e86e933aa7ab4140570ed9793f4be331a35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cd:4c:50:73:0b:43:e5:b9:27:c9:13:c4:39:
0e:80:53:d1:7c:79:b5:0a:95:3f:2e:ff:5e:76:b8:
34:85:5a:9e:a4:67:11:62:29:62:e8:2d:76:ce:d5:
d2:11:9a:ac:f8:d2:33:9a:dd:ec:ff:70:54:8c:1d:
5e:89:f7:db:29:09:7b:ad:10:ca:cb:47:b6:c7:6f:
26:0f:a3:c6:7c:bb:6c:28:1b:a2:ec:5c:18:74:47:
93:50:f6:68:47:72:65:df:c8:e7:71:df:6f:5e:1a:
2e:82:7e:39:3b:e8:6c:ab:8f:a8:a3:13:21:07:9d:
b4:fc:5b:81:f0:e0:dc:6f:1c:c9:b3:b0:88:50:03:
5e:e2:af:54:5e:06:81:d0:19:5a:0b:21:95:a8:bb:
77:3d:90:74:66:43:94:e2:28:bc:05:d1:c3:a9:2a:
3b:3b:b4:f2:38:2b:d4:4d:aa:b2:4b:b5:78:a3:ad:
56:14:4b:92:98:6b:3d:9a:06:d6:5e:62:a9:7b:00:
84:dc:99:f9:6a:57:db:90:6b:93:22:77:ef:12:a6:
1b:a6:fa:39:c8:68:b4:e2:df:01:2c:83:1d:e0:ca:
1b:4b:71:2e:38:51:57:6c:15:bc:82:69:9c:35:af:
6e:d3:2a:47:e9:16:2f:d5:46:0c:26:67:b0:d0:57:
c8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A1:E8:6E:93:3A:A7:AB:41:40:57:0E:D9:79:3F:4B:E3:31:A3:5D
X509v3 Authority Key Identifier:
keyid:5B:38:25:B4:8B:35:99:EF:FA:A0:BC:81:A8:DD:DB:98:F1:D8:02:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WzgltIs1me_6oLyBqN3bmPHYAsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/nqHobpM6p6tBQFcO2Xk_S-Mxo10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/e0559d-abe6-443b-a978-5e7ded1421da/1/WzgltIs1me_6oLyBqN3bmPHYAsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.252.0/22
IPv6:
2a0b:7500::/29
Signature Algorithm: sha256WithRSAEncryption
91:6e:50:64:91:9b:09:13:ea:56:71:44:04:8c:4d:43:4c:b4:
bd:a1:47:17:9a:c6:5d:41:a7:c4:98:46:2a:3d:eb:ba:89:59:
5e:a9:27:a5:40:5c:59:20:cf:f9:0a:76:4c:1d:64:50:31:e9:
90:9a:c8:2b:53:f0:56:3a:5e:8c:cd:cb:5e:df:69:57:97:54:
19:22:28:87:a8:5d:b4:60:70:12:15:b2:dc:a1:dc:1f:78:19:
65:d9:41:35:b3:fb:93:ba:f1:40:28:85:45:b0:b7:af:a8:7d:
12:aa:2e:11:59:94:f3:8a:34:53:10:61:bc:28:b1:11:15:49:
ec:cd:ad:0b:f6:e4:36:2a:ea:0a:05:97:30:8e:68:78:49:e9:
4f:95:6d:db:ec:ea:eb:f0:25:88:50:2f:56:a6:2a:7b:92:44:
59:d5:26:f3:13:19:bd:6b:d8:ce:17:03:41:9c:37:d0:8d:ec:
53:11:76:1b:69:7d:87:35:59:07:3d:72:7e:b0:dc:02:5c:3d:
77:e0:04:79:8b:70:a2:c8:de:40:17:1c:79:69:c1:41:eb:21:
b4:3c:1f:95:bc:35:0c:c9:13:ec:33:90:4f:0e:29:7d:1c:47:
b1:0c:80:ac:91:7c:6c:46:a6:80:c9:a2:44:ef:3e:29:b6:61:
0d:75:3a:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVupqBOs7d851MBozgXptmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMzgyNWI0OGIzNTk5ZWZmYWEwYmM4MWE4ZGRkYjk4ZjFk
ODAyYzQwHhcNMjMwMTAxMTg0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWExZTg2ZTkzM2FhN2FiNDE0MDU3MGVkOTc5M2Y0YmUzMzFhMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp81MUHMLQ+W5J8kTxDkOgFPRfHm1
CpU/Lv9edrg0hVqepGcRYili6C12ztXSEZqs+NIzmt3s/3BUjB1eiffbKQl7rRDK
y0e2x28mD6PGfLtsKBui7FwYdEeTUPZoR3Jl38jncd9vXhougn45O+hsq4+ooxMh
B520/FuB8ODcbxzJs7CIUANe4q9UXgaB0BlaCyGVqLt3PZB0ZkOU4ii8BdHDqSo7
O7TyOCvUTaqyS7V4o61WFEuSmGs9mgbWXmKpewCE3Jn5alfbkGuTInfvEqYbpvo5
yGi04t8BLIMd4MobS3EuOFFXbBW8gmmcNa9u0ypH6RYv1UYMJmew0FfI0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ6h6G6TOqerQUBXDtl5P0vjMaNdMB8GA1UdIwQY
MBaAFFs4JbSLNZnv+qC8gajd25jx2ALEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3pnbHRJczFtZV82b0x5QnFOM2JtUEhZQXNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9lMDU1OWQtYWJlNi00NDNiLWE5Nzgt
NWU3ZGVkMTQyMWRhLzEvbnFIb2JwTTZwNnRCUUZjTzJYa19TLU14bzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9lMDU1OWQtYWJlNi00NDNiLWE5NzgtNWU3ZGVkMTQyMWRh
LzEvV3pnbHRJczFtZV82b0x5QnFOM2JtUEhZQXNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua38MA0E
AgACMAcDBQMqC3UAMA0GCSqGSIb3DQEBCwUAA4IBAQCRblBkkZsJE+pWcUQEjE1D
TLS9oUcXmsZdQafEmEYqPeu6iVleqSelQFxZIM/5CnZMHWRQMemQmsgrU/BWOl6M
zcte32lXl1QZIiiHqF20YHASFbLcodwfeBll2UE1s/uTuvFAKIVFsLevqH0Sqi4R
WZTzijRTEGG8KLERFUnsza0L9uQ2KuoKBZcwjmh4SelPlW3b7Orr8CWIUC9Wpip7
kkRZ1SbzExm9a9jOFwNBnDfQjexTEXYbaX2HNVkHPXJ+sNwCXD134AR5i3CiyN5A
Fxx5acFB6yG0PB+VvDUMyRPsM5BPDil9HEexDICskXxsRqaAyaJE7z4ptmENdTpQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:02 2024 by rpki-client on console-fra.rpki-client.org