Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/XbrmKNZKcYipkqU6-blTW_DcRMo.roa
File: XbrmKNZKcYipkqU6-blTW_DcRMo.roa (raw, json)
Hash identifier: 38rEUtkcUh8DLZiHooHoPh+ICsK8kUri8nB0cn6n1eQ=
Subject key identifier: 5D:BA:E6:28:D6:4A:71:88:A9:92:A5:3A:F9:B9:53:5B:F0:DC:44:CA
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 0187991018609014515C41103D928DE63DB1
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/XbrmKNZKcYipkqU6-blTW_DcRMo.roa
Signing time: Wed 19 Apr 2023 10:29:41 +0000
ROA not before: Wed 19 Apr 2023 10:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211769
IP address blocks: 185.142.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:99:10:18:60:90:14:51:5c:41:10:3d:92:8d:e6:3d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Apr 19 10:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dbae628d64a7188a992a53af9b9535bf0dc44ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:73:49:e9:13:1a:e4:38:7e:1c:2e:5e:dc:
d4:6c:fa:d3:68:4e:5d:5a:93:10:aa:5d:f3:05:86:
fd:e7:83:0d:c7:01:55:ca:07:13:32:82:70:a6:90:
e1:fc:fc:4c:a7:ba:26:79:e7:2c:2f:a0:62:83:a3:
5e:86:28:ca:02:ab:f8:ca:dd:21:f4:39:30:fe:81:
dc:c8:df:2d:da:c6:9f:ac:ea:8b:28:10:a8:45:ba:
8c:f9:fc:4f:b4:98:35:6e:75:89:f6:cd:78:a2:de:
d0:2b:0a:7a:88:c9:44:2a:4e:78:fa:da:eb:50:44:
29:2c:65:c6:f8:93:75:66:b6:81:cf:e1:a6:94:8b:
f9:b8:bb:a7:cc:2e:da:13:1f:c2:07:af:39:5a:ab:
aa:a7:ff:80:13:ca:cf:35:4d:f4:12:40:ac:00:7b:
96:ee:98:e7:83:0f:e9:89:fc:25:1e:af:62:26:e7:
1f:b9:d9:b5:91:5e:50:69:4b:27:38:3b:7b:04:7b:
de:a1:28:b2:82:90:84:1a:d6:ba:d9:68:71:e7:55:
a4:99:59:9e:4b:f0:db:be:1d:e9:2b:99:84:e6:a3:
f1:66:20:bb:b4:5a:a0:45:48:75:1d:f0:f2:ab:63:
47:4c:32:e8:b7:02:9b:29:e1:67:f7:a4:cc:c8:8d:
7f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BA:E6:28:D6:4A:71:88:A9:92:A5:3A:F9:B9:53:5B:F0:DC:44:CA
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/XbrmKNZKcYipkqU6-blTW_DcRMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:cb:fe:21:e9:44:8d:a0:ba:ca:d8:c8:3f:e0:04:94:c1:4c:
2f:e9:c5:d5:72:88:3f:21:e4:07:02:02:ab:35:6b:04:60:54:
76:a9:95:5b:45:8f:61:14:bb:a3:a2:65:74:30:13:c2:e5:43:
71:6e:79:49:e1:64:fb:bc:e1:20:22:c6:04:82:be:e7:64:e1:
46:5d:2a:cb:5a:db:19:39:c1:a6:fa:f8:d9:9c:63:55:e9:f7:
6a:97:cc:4a:57:f5:e4:a0:71:53:e6:8c:e5:41:92:d9:60:71:
8a:8d:b5:bd:98:66:5b:19:3b:f7:b5:7d:cb:36:f2:06:2b:d7:
09:71:20:2a:81:22:7b:fb:e6:b5:27:bf:ee:ca:c3:9b:d2:b7:
06:31:4c:d1:41:41:d7:75:9e:b8:07:bb:9e:d6:e1:88:02:25:
bd:61:46:45:bb:f4:69:83:57:ae:b0:6c:d8:14:ac:80:b6:ea:
01:72:d2:90:db:af:9c:41:d3:3d:33:42:8c:1f:8e:3d:e5:a1:
c1:5e:14:db:71:27:6e:28:13:aa:fd:f5:0b:19:fb:a3:c6:9a:
ca:0d:17:1a:d7:f4:74:73:f4:91:a3:44:3e:17:64:83:f3:94:
a4:7a:a5:51:b6:b6:b1:70:7f:b1:cc:ef:9e:67:83:bc:0c:4f:
ec:e4:ec:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeZEBhgkBRRXEEQPZKN5j2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjMwNDE5MTAyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGJhZTYyOGQ2NGE3MTg4YTk5MmE1M2FmOWI5NTM1YmYwZGM0NGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtdzSekTGuQ4fhwuXtzUbPrTaE5d
WpMQql3zBYb954MNxwFVygcTMoJwppDh/PxMp7omeecsL6Big6NehijKAqv4yt0h
9Dkw/oHcyN8t2safrOqLKBCoRbqM+fxPtJg1bnWJ9s14ot7QKwp6iMlEKk54+trr
UEQpLGXG+JN1ZraBz+GmlIv5uLunzC7aEx/CB685Wquqp/+AE8rPNU30EkCsAHuW
7pjngw/pifwlHq9iJucfudm1kV5QaUsnODt7BHveoSiygpCEGta62Whx51WkmVme
S/Dbvh3pK5mE5qPxZiC7tFqgRUh1HfDyq2NHTDLotwKbKeFn96TMyI1/YwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF265ijWSnGIqZKlOvm5U1vw3ETKMB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvWGJybUtOWktjWWlwa3FVNi1ibFRXX0RjUk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBdy/4h6USNoLrK2Mg/4ASUwUwv6cXVcog/IeQHAgKr
NWsEYFR2qZVbRY9hFLujomV0MBPC5UNxbnlJ4WT7vOEgIsYEgr7nZOFGXSrLWtsZ
OcGm+vjZnGNV6fdql8xKV/XkoHFT5ozlQZLZYHGKjbW9mGZbGTv3tX3LNvIGK9cJ
cSAqgSJ7++a1J7/uysOb0rcGMUzRQUHXdZ64B7ue1uGIAiW9YUZFu/Rpg1eusGzY
FKyAtuoBctKQ26+cQdM9M0KMH4495aHBXhTbcSduKBOq/fULGfujxprKDRca1/R0
c/SRo0Q+F2SD85SkeqVRtraxcH+xzO+eZ4O8DE/s5OxQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org