Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/36fd43-b5f3-40cf-8631-518e7a35660a/1/5QlC5cpduuh1kWwMnqBDUIz1y5U.roa
File: 5QlC5cpduuh1kWwMnqBDUIz1y5U.roa (raw, json)
Hash identifier: hQCInRCl1KBVmRGhlWsPulSiYwwoCKmbRqFCUjrw4GM=
Subject key identifier: E5:09:42:E5:CA:5D:BA:E8:75:91:6C:0C:9E:A0:43:50:8C:F5:CB:95
Certificate issuer: /CN=d0e80414b947f1931f22bc9c878c17b7d23078eb
Certificate serial: 01856BB7E637B3912840A3892582A6336C6C
Authority key identifier: D0:E8:04:14:B9:47:F1:93:1F:22:BC:9C:87:8C:17:B7:D2:30:78:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OgEFLlH8ZMfIrych4wXt9IweOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/36fd43-b5f3-40cf-8631-518e7a35660a/1/5QlC5cpduuh1kWwMnqBDUIz1y5U.roa
Signing time: Sun 01 Jan 2023 05:04:52 +0000
ROA not before: Sun 01 Jan 2023 05:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204947
IP address blocks: 185.63.100.0/22 maxlen: 24
185.234.172.0/22 maxlen: 24
2a0d:2100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:e6:37:b3:91:28:40:a3:89:25:82:a6:33:6c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e80414b947f1931f22bc9c878c17b7d23078eb
Validity
Not Before: Jan 1 05:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e50942e5ca5dbae875916c0c9ea043508cf5cb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c8:61:a8:2e:12:45:58:cd:53:5c:a9:5b:99:
56:d8:86:f3:77:bc:0b:e5:be:63:dc:be:74:ac:fb:
a0:67:d6:e8:15:9b:54:20:0e:c1:b4:9c:db:fa:d2:
e4:ce:7c:99:e1:96:50:e5:22:58:a8:91:bb:1a:8f:
e9:92:74:96:7f:76:ad:a3:bc:87:6a:66:47:54:2c:
21:0f:81:bc:98:d6:6d:ff:f2:4a:53:cd:dc:3c:c3:
94:b9:e4:24:58:c0:ce:2b:20:de:e1:13:9f:e1:74:
4a:4e:96:78:6c:5f:61:47:70:c8:70:55:0f:96:51:
40:1d:a8:4d:f6:89:87:1b:b7:c1:b4:ce:12:f0:7d:
22:4b:fc:d7:dc:a6:1f:be:ca:82:de:51:18:8c:4d:
40:41:78:9a:f8:4c:9e:a8:ad:f0:b7:97:0a:06:bf:
59:33:38:f8:0f:69:13:7a:e8:27:9a:7e:f9:48:8d:
95:1b:23:89:5a:35:ab:ec:0c:74:9d:f5:0d:62:ed:
82:f2:4e:95:ac:29:90:cc:f1:9c:fa:91:64:b2:c1:
f2:ea:39:1a:1e:95:4f:ce:a3:e6:b5:a5:41:41:cf:
f5:09:05:5f:00:29:54:e0:57:94:09:84:af:86:92:
12:92:14:64:10:14:c5:a9:70:ab:82:c3:db:1a:6b:
7d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:09:42:E5:CA:5D:BA:E8:75:91:6C:0C:9E:A0:43:50:8C:F5:CB:95
X509v3 Authority Key Identifier:
keyid:D0:E8:04:14:B9:47:F1:93:1F:22:BC:9C:87:8C:17:B7:D2:30:78:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OgEFLlH8ZMfIrych4wXt9IweOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/36fd43-b5f3-40cf-8631-518e7a35660a/1/5QlC5cpduuh1kWwMnqBDUIz1y5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/36fd43-b5f3-40cf-8631-518e7a35660a/1/0OgEFLlH8ZMfIrych4wXt9IweOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.100.0/22
185.234.172.0/22
IPv6:
2a0d:2100::/29
Signature Algorithm: sha256WithRSAEncryption
93:62:a2:f0:69:92:fa:51:49:9a:e7:dc:51:cc:32:1d:64:50:
9f:45:6f:ac:e4:44:41:d9:a6:f4:ba:5d:ef:94:7d:ba:a2:63:
59:8d:1a:82:28:9f:a7:d3:5a:c2:3b:af:f7:cd:ce:c7:12:31:
17:c0:ba:70:6f:af:29:b8:e4:87:2f:c2:9b:4f:5c:db:03:c3:
0e:70:1e:5e:8a:f6:20:f4:33:fa:c5:06:c2:2a:1d:18:f8:fe:
b3:5f:2d:86:21:17:8e:10:c1:4b:27:95:2c:16:f4:60:a3:43:
88:97:88:8c:2e:8b:67:ef:c1:ab:2d:83:82:f0:db:35:d6:17:
eb:26:dd:9b:af:72:62:a1:47:75:6c:51:19:67:47:40:71:55:
6c:01:9a:db:b0:53:59:ec:a9:9a:54:e4:d3:86:22:d4:92:46:
66:f8:b3:dc:02:de:58:a8:e4:b0:ca:b6:50:fb:39:97:73:83:
0b:3d:79:9e:1d:09:68:af:dc:09:ef:d6:08:c6:6f:99:b1:11:
c6:f0:1c:2f:fe:7f:16:e9:3b:4b:ea:2b:cf:db:9e:d6:85:e8:
e9:9f:7d:b9:1e:c2:a1:57:d6:dd:f3:c0:83:3c:26:a3:a4:42:
2b:e1:a5:51:96:04:3e:06:bc:80:6d:7a:15:8b:72:b6:8d:a5:
4b:a0:1b:38
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVrt+Y3s5EoQKOJJYKmM2xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTgwNDE0Yjk0N2YxOTMxZjIyYmM5Yzg3OGMxN2I3ZDIz
MDc4ZWIwHhcNMjMwMTAxMDUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA5NDJlNWNhNWRiYWU4NzU5MTZjMGM5ZWEwNDM1MDhjZjVjYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgchhqC4SRVjNU1ypW5lW2Ibzd7wL
5b5j3L50rPugZ9boFZtUIA7BtJzb+tLkznyZ4ZZQ5SJYqJG7Go/pknSWf3ato7yH
amZHVCwhD4G8mNZt//JKU83cPMOUueQkWMDOKyDe4ROf4XRKTpZ4bF9hR3DIcFUP
llFAHahN9omHG7fBtM4S8H0iS/zX3KYfvsqC3lEYjE1AQXia+EyeqK3wt5cKBr9Z
Mzj4D2kTeugnmn75SI2VGyOJWjWr7Ax0nfUNYu2C8k6VrCmQzPGc+pFkssHy6jka
HpVPzqPmtaVBQc/1CQVfAClU4FeUCYSvhpISkhRkEBTFqXCrgsPbGmt9UwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOUJQuXKXbrodZFsDJ6gQ1CM9cuVMB8GA1UdIwQY
MBaAFNDoBBS5R/GTHyK8nIeMF7fSMHjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9nRUZMbEg4Wk1mSXJ5Y2g0d1h0OUl3ZU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8zNmZkNDMtYjVmMy00MGNmLTg2MzEt
NTE4ZTdhMzU2NjBhLzEvNVFsQzVjcGR1dWgxa1d3TW5xQkRVSXoxeTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8zNmZkNDMtYjVmMy00MGNmLTg2MzEtNTE4ZTdhMzU2NjBh
LzEvME9nRUZMbEg4Wk1mSXJ5Y2g0d1h0OUl3ZU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuT9kAwQC
ueqsMA0EAgACMAcDBQMqDSEAMA0GCSqGSIb3DQEBCwUAA4IBAQCTYqLwaZL6UUma
59xRzDIdZFCfRW+s5ERB2ab0ul3vlH26omNZjRqCKJ+n01rCO6/3zc7HEjEXwLpw
b68puOSHL8KbT1zbA8MOcB5eivYg9DP6xQbCKh0Y+P6zXy2GIReOEMFLJ5UsFvRg
o0OIl4iMLotn78GrLYOC8Ns11hfrJt2br3JioUd1bFEZZ0dAcVVsAZrbsFNZ7Kma
VOTThiLUkkZm+LPcAt5YqOSwyrZQ+zmXc4MLPXmeHQlor9wJ79YIxm+ZsRHG8Bwv
/n8W6TtL6ivP257Whejpn325HsKhV9bd88CDPCajpEIr4aVRlgQ+BryAbXoVi3K2
jaVLoBs4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:18 2024 by rpki-client on console-fra.rpki-client.org