Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/dpsnrG9Q0RmoxLlirAl9MsrqwFQ.roa
File: dpsnrG9Q0RmoxLlirAl9MsrqwFQ.roa (raw, json)
Hash identifier: WbOOs3iEz+jhQ2h+ngeJTjHq/ENMl4RqwWv3SafOlzY=
Subject key identifier: 76:9B:27:AC:6F:50:D1:19:A8:C4:B9:62:AC:09:7D:32:CA:EA:C0:54
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01856BDCA43F6E4C5A4E738801DF257E48C5
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/dpsnrG9Q0RmoxLlirAl9MsrqwFQ.roa
Signing time: Sun 01 Jan 2023 05:45:00 +0000
ROA not before: Sun 01 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203576
IP address blocks: 185.173.145.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a4:3f:6e:4c:5a:4e:73:88:01:df:25:7e:48:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 1 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=769b27ac6f50d119a8c4b962ac097d32caeac054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:5d:4a:55:45:ca:ca:28:b4:37:46:ad:90:
26:55:1c:3f:d0:64:fb:3a:94:19:96:0e:c4:05:22:
d7:15:90:02:64:b0:6b:c3:63:90:2f:b3:56:d6:1f:
26:6f:f1:7d:6b:d8:10:6b:b7:f9:05:60:b5:b7:32:
53:73:fa:c9:5e:b4:10:24:50:b6:3f:24:8a:be:5f:
72:34:d4:f2:c9:ed:8f:bd:7e:1c:03:05:55:d6:a2:
03:82:f4:8a:2e:90:82:89:6d:b7:25:cd:d2:e9:40:
20:77:a6:81:70:f4:84:2f:1d:01:c8:b8:59:74:d9:
ef:bf:58:0c:49:3b:6f:d3:87:12:52:d9:a7:f6:ff:
18:13:32:cd:d5:75:78:75:df:f1:02:02:47:23:79:
b3:ba:91:a3:43:da:97:00:a9:2d:ba:28:12:50:c3:
25:23:85:f1:a9:17:e6:c1:91:b1:ed:cf:46:67:5d:
7a:e2:c8:7e:06:e3:da:f5:8c:43:b4:68:63:64:c4:
5b:4c:67:89:75:d5:2e:8d:4e:47:f9:21:f0:84:71:
19:16:80:dd:a6:54:18:0e:d6:6c:3c:a8:f0:e2:76:
54:81:6e:c5:8b:69:a7:d6:80:18:29:49:b3:90:6f:
78:a2:f1:60:fa:25:b9:65:00:a2:d5:af:89:1d:e9:
0e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:9B:27:AC:6F:50:D1:19:A8:C4:B9:62:AC:09:7D:32:CA:EA:C0:54
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/dpsnrG9Q0RmoxLlirAl9MsrqwFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.145.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:3c:44:0e:f7:2a:0c:71:cc:6d:23:7d:a9:06:7e:1b:ba:81:
0b:d9:ac:0c:75:9f:76:51:77:8d:d4:14:ab:54:7b:10:fb:98:
7b:90:12:a9:5d:d2:47:41:7b:e0:72:5e:99:d0:33:32:39:1b:
e2:7d:cb:11:cf:7a:b9:a6:e6:78:66:f8:4d:48:18:f4:62:12:
5e:dd:10:b5:2e:c3:8f:00:ca:2f:e1:8a:c2:b1:a6:e8:ee:a6:
d0:eb:a7:55:19:75:a6:21:05:43:6b:ca:e5:49:41:d7:a4:b0:
ce:ff:12:80:b4:da:14:8a:bb:81:3d:89:d4:66:da:e5:6d:44:
d2:a8:ad:ea:ce:d6:13:41:d5:de:28:e1:d5:3a:ce:33:93:c6:
1d:88:71:d7:d4:0d:2f:68:10:7e:3f:6e:5b:0d:2d:1d:26:d7:
e4:71:c1:d5:b8:10:4c:be:e8:0d:a4:c9:ec:ff:af:f7:76:75:
d2:42:47:60:d8:3a:5a:d6:b0:63:35:94:bf:d1:ed:48:e7:a8:
61:ee:e1:a6:94:59:4f:8c:90:bb:c1:4a:d2:38:c1:ec:87:58:
6b:f7:f9:48:2d:c3:bb:a4:13:48:b6:94:06:c4:21:73:7e:a6:
28:3d:b4:00:55:fb:91:e4:58:24:be:03:a7:9d:57:ed:90:71:
ad:e5:7b:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3KQ/bkxaTnOIAd8lfkjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwMTAxMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjliMjdhYzZmNTBkMTE5YThjNGI5NjJhYzA5N2QzMmNhZWFjMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQRdSlVFysootDdGrZAmVRw/0GT7
OpQZlg7EBSLXFZACZLBrw2OQL7NW1h8mb/F9a9gQa7f5BWC1tzJTc/rJXrQQJFC2
PySKvl9yNNTyye2PvX4cAwVV1qIDgvSKLpCCiW23Jc3S6UAgd6aBcPSELx0ByLhZ
dNnvv1gMSTtv04cSUtmn9v8YEzLN1XV4dd/xAgJHI3mzupGjQ9qXAKktuigSUMMl
I4XxqRfmwZGx7c9GZ1164sh+BuPa9YxDtGhjZMRbTGeJddUujU5H+SHwhHEZFoDd
plQYDtZsPKjw4nZUgW7Fi2mn1oAYKUmzkG94ovFg+iW5ZQCi1a+JHekOFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHabJ6xvUNEZqMS5YqwJfTLK6sBUMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvZHBzbnJHOVEwUm1veExsaXJBbDlNc3Jxd0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua2RMA0G
CSqGSIb3DQEBCwUAA4IBAQDVPEQO9yoMccxtI32pBn4buoEL2awMdZ92UXeN1BSr
VHsQ+5h7kBKpXdJHQXvgcl6Z0DMyORvifcsRz3q5puZ4ZvhNSBj0YhJe3RC1LsOP
AMov4YrCsabo7qbQ66dVGXWmIQVDa8rlSUHXpLDO/xKAtNoUiruBPYnUZtrlbUTS
qK3qztYTQdXeKOHVOs4zk8YdiHHX1A0vaBB+P25bDS0dJtfkccHVuBBMvugNpMns
/6/3dnXSQkdg2Dpa1rBjNZS/0e1I56hh7uGmlFlPjJC7wUrSOMHsh1hr9/lILcO7
pBNItpQGxCFzfqYoPbQAVfuR5FgkvgOnnVftkHGt5XtJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:24 2024 by rpki-client on console-ams.rpki-client.org