Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/Sx5Ol3o_yOAFF5oBWyEz_sqBHM4.roa
File: Sx5Ol3o_yOAFF5oBWyEz_sqBHM4.roa (raw, json)
Hash identifier: /IUOMTxeeOEKTtcfpjRZza4bhEkjtxLFch1XFahhNNA=
Subject key identifier: 4B:1E:4E:97:7A:3F:C8:E0:05:17:9A:01:5B:21:33:FE:CA:81:1C:CE
Certificate issuer: /CN=cae069b663ee25fd13559101dac1d5032b9fd66e
Certificate serial: 018CC9BC179A15B7EA723EED4A23FB1B9298
Authority key identifier: CA:E0:69:B6:63:EE:25:FD:13:55:91:01:DA:C1:D5:03:2B:9F:D6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuBptmPuJf0TVZEB2sHVAyuf1m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/Sx5Ol3o_yOAFF5oBWyEz_sqBHM4.roa
Signing time: Tue 02 Jan 2024 10:33:16 +0000
ROA not before: Tue 02 Jan 2024 10:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56346
IP address blocks: 185.131.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:17:9a:15:b7:ea:72:3e:ed:4a:23:fb:1b:92:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cae069b663ee25fd13559101dac1d5032b9fd66e
Validity
Not Before: Jan 2 10:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b1e4e977a3fc8e005179a015b2133feca811cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ff:8a:9b:98:01:bf:0a:5e:b3:05:b0:01:65:
eb:92:8c:cc:0e:3b:11:93:1b:c5:38:9d:cb:bf:ba:
06:05:34:d6:6d:3d:10:44:03:b7:5f:4b:ab:a3:8e:
c7:6b:9b:06:d0:56:ef:4a:5d:98:e9:1a:66:b5:e9:
1e:49:7c:a8:6e:87:2c:79:f4:4e:46:1e:76:71:87:
9c:e5:59:59:0a:20:a5:a1:04:28:f3:8a:49:08:76:
70:cc:e9:1d:76:58:8e:04:04:be:3e:b0:1b:1f:13:
36:b3:e3:93:d6:d5:05:cc:fa:d3:b3:a7:7d:fa:cf:
69:3b:ab:be:93:32:cf:1f:e4:39:ba:25:28:2a:fa:
d4:25:75:7c:28:7f:d3:b5:5a:ef:bb:cf:9c:c9:86:
f5:c6:c3:e7:9c:52:b3:d1:6a:27:57:06:2c:ad:ed:
d8:b3:69:cb:69:fc:c2:2d:11:f4:18:6c:4b:95:29:
2f:b7:db:35:36:a4:8e:ea:d9:ca:5d:cc:39:61:cc:
9a:db:16:f4:51:4f:27:e8:e7:1c:09:81:84:21:82:
57:93:a3:57:75:05:ed:59:9f:0e:39:08:71:05:7d:
3b:52:95:00:69:17:74:21:42:79:bc:7c:d7:03:e9:
1d:01:a3:82:97:f6:0a:3b:3c:06:e2:0a:a2:17:f1:
dd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1E:4E:97:7A:3F:C8:E0:05:17:9A:01:5B:21:33:FE:CA:81:1C:CE
X509v3 Authority Key Identifier:
keyid:CA:E0:69:B6:63:EE:25:FD:13:55:91:01:DA:C1:D5:03:2B:9F:D6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuBptmPuJf0TVZEB2sHVAyuf1m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/Sx5Ol3o_yOAFF5oBWyEz_sqBHM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e5f5f8-1ca1-4234-9a3c-ecceeee110a4/1/yuBptmPuJf0TVZEB2sHVAyuf1m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:ed:44:99:38:4a:27:5b:df:1a:9c:02:41:b8:50:1e:71:26:
8b:8d:57:88:21:85:59:93:ed:c1:a5:b0:e9:61:19:c4:55:c8:
a9:c7:19:e2:24:84:63:ea:9a:d7:e1:36:b3:60:85:f2:bc:28:
66:02:6e:db:b7:2a:a2:cf:7e:7d:20:c2:7a:08:86:1c:e2:a3:
e1:7b:95:dd:fd:29:e6:cc:e6:8e:ba:b1:b0:d1:6c:b6:c6:70:
55:84:ef:e5:c8:b6:fc:ec:b6:82:7c:5a:59:12:78:a1:d5:7b:
0d:6e:67:44:6c:e6:4f:91:ea:f7:12:71:ea:c5:9a:41:84:64:
94:4f:0b:b3:4b:f3:53:49:61:24:e0:8b:d1:91:f0:88:25:6d:
e9:d6:7d:85:2a:18:19:28:09:7e:12:b6:77:90:8a:64:ba:23:
6d:7f:7b:24:98:5d:65:83:74:9b:0d:a5:e6:cd:64:53:74:32:
a7:ad:56:78:58:37:f7:29:7f:9b:42:b7:46:31:69:bc:e4:e4:
5f:37:cb:7a:62:7a:d8:8f:ee:58:a4:66:1d:d0:d1:84:16:75:
e2:fa:0b:53:cb:48:c3:36:f5:8c:09:d3:4d:86:a5:fe:fe:fb:
a9:08:0e:0e:da:cb:20:bd:11:ca:41:80:4c:2f:db:87:a7:84:
d9:f4:59:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvBeaFbfqcj7tSiP7G5KYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTA2OWI2NjNlZTI1ZmQxMzU1OTEwMWRhYzFkNTAzMmI5
ZmQ2NmUwHhcNMjQwMTAyMTAzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFlNGU5NzdhM2ZjOGUwMDUxNzlhMDE1YjIxMzNmZWNhODExY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf+Km5gBvwpeswWwAWXrkozMDjsR
kxvFOJ3Lv7oGBTTWbT0QRAO3X0uro47Ha5sG0FbvSl2Y6RpmtekeSXyobocsefRO
Rh52cYec5VlZCiCloQQo84pJCHZwzOkddliOBAS+PrAbHxM2s+OT1tUFzPrTs6d9
+s9pO6u+kzLPH+Q5uiUoKvrUJXV8KH/TtVrvu8+cyYb1xsPnnFKz0WonVwYsre3Y
s2nLafzCLRH0GGxLlSkvt9s1NqSO6tnKXcw5Ycya2xb0UU8n6OccCYGEIYJXk6NX
dQXtWZ8OOQhxBX07UpUAaRd0IUJ5vHzXA+kdAaOCl/YKOzwG4gqiF/HdRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEseTpd6P8jgBReaAVshM/7KgRzOMB8GA1UdIwQY
MBaAFMrgabZj7iX9E1WRAdrB1QMrn9ZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVCcHRtUHVKZjBUVlpFQjJzSFZBeXVmMW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lNWY1ZjgtMWNhMS00MjM0LTlhM2Mt
ZWNjZWVlZTExMGE0LzEvU3g1T2wzb195T0FGRjVvQld5RXpfc3FCSE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lNWY1ZjgtMWNhMS00MjM0LTlhM2MtZWNjZWVlZTExMGE0
LzEveXVCcHRtUHVKZjBUVlpFQjJzSFZBeXVmMW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYP8MA0G
CSqGSIb3DQEBCwUAA4IBAQCa7USZOEonW98anAJBuFAecSaLjVeIIYVZk+3BpbDp
YRnEVcipxxniJIRj6prX4TazYIXyvChmAm7btyqiz359IMJ6CIYc4qPhe5Xd/Snm
zOaOurGw0Wy2xnBVhO/lyLb87LaCfFpZEnih1XsNbmdEbOZPker3EnHqxZpBhGSU
TwuzS/NTSWEk4IvRkfCIJW3p1n2FKhgZKAl+ErZ3kIpkuiNtf3skmF1lg3SbDaXm
zWRTdDKnrVZ4WDf3KX+bQrdGMWm85ORfN8t6YnrYj+5YpGYd0NGEFnXi+gtTy0jD
NvWMCdNNhqX+/vupCA4O2ssgvRHKQYBML9uHp4TZ9Fl+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:10 2025 by rpki-client