Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/02T5G3gjcGLHBYVp75uy6WIRaI4.roa
File: 02T5G3gjcGLHBYVp75uy6WIRaI4.roa (raw, json)
Hash identifier: IQUVBjEl125PAilUYRdoFH4dH3FiNiFV5ZOS8QjGk48=
Subject key identifier: D3:64:F9:1B:78:23:70:62:C7:05:85:69:EF:9B:B2:E9:62:11:68:8E
Certificate issuer: /CN=b578a461a859ddc986c08a88e9512d5c3d2210e6
Certificate serial: 018CC4255DA2DD34659B679422A5449D0EB3
Authority key identifier: B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/02T5G3gjcGLHBYVp75uy6WIRaI4.roa
Signing time: Mon 01 Jan 2024 08:30:32 +0000
ROA not before: Mon 01 Jan 2024 08:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206862
IP address blocks: 194.53.118.0/23 maxlen: 23
194.53.122.0/23 maxlen: 23
185.173.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 20 Aug 2024 06:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5d:a2:dd:34:65:9b:67:94:22:a5:44:9d:0e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b578a461a859ddc986c08a88e9512d5c3d2210e6
Validity
Not Before: Jan 1 08:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d364f91b78237062c7058569ef9bb2e96211688e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1d:0f:7a:83:56:76:6a:49:9f:c8:65:8c:17:
ea:e9:95:d1:1e:a1:e6:37:4d:6e:ba:62:49:b3:0d:
cb:ef:27:00:99:0b:fb:ac:5e:c7:2a:52:29:e8:60:
01:1c:a3:60:c9:6e:4d:36:fa:53:f0:47:10:46:aa:
0c:7f:80:dd:b3:e8:c6:e7:8f:50:7a:24:db:0f:2f:
65:e1:ad:d0:52:6c:14:1d:fb:c2:f7:65:ca:a7:22:
92:05:7a:73:33:2e:b3:1f:cb:63:7e:22:83:a4:e7:
c2:81:43:af:ec:6e:18:ab:69:eb:5a:4b:ee:3d:b1:
7f:ba:cf:5c:bb:c3:89:f8:ab:83:63:d3:99:98:2a:
5a:15:f0:95:7b:8b:c4:66:55:cd:21:22:ee:a3:d9:
04:0a:b1:ea:f6:8a:30:fe:d4:17:f9:21:4a:12:9c:
1e:d1:68:1d:1e:d3:fc:f8:16:51:31:8c:8e:9b:cd:
e4:97:0b:9a:8c:d6:64:65:01:b6:1b:54:5c:2e:fe:
c1:27:1c:90:e8:67:bf:93:dc:54:64:4d:96:af:46:
e8:d7:1a:7e:d9:6f:a4:13:7a:e6:65:00:99:b8:f3:
9b:a1:25:93:c1:9d:c7:4e:4d:45:33:04:a3:90:2f:
ab:7d:00:96:f8:40:d3:1c:27:55:80:2a:d6:54:d1:
f3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:64:F9:1B:78:23:70:62:C7:05:85:69:EF:9B:B2:E9:62:11:68:8E
X509v3 Authority Key Identifier:
keyid:B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/02T5G3gjcGLHBYVp75uy6WIRaI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.168.0/22
194.53.118.0/23
194.53.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:7a:70:5b:29:7b:a3:4e:24:f7:ae:92:ff:95:b5:c1:f4:f4:
64:e6:e9:92:43:b9:90:fa:34:53:ed:f2:05:a6:8a:67:f8:d3:
ce:f6:a7:df:93:bd:70:58:8c:c0:46:b2:49:ef:55:84:54:b6:
59:7d:d4:c8:1c:ac:9f:c3:1a:c4:0b:22:47:92:5e:4d:95:7f:
f1:8c:f7:70:6a:8a:b6:73:46:0f:13:c2:7d:0e:03:98:39:5e:
c2:d2:1c:8e:ad:90:12:5b:64:e5:65:af:2d:f6:e9:8d:0c:be:
63:ce:dc:d6:f6:d8:1e:32:53:ad:07:6e:7b:00:3c:5d:13:c6:
12:cc:0e:aa:58:69:fd:81:7d:3c:c9:5b:45:c3:34:df:d8:c0:
0e:79:23:b1:25:51:1e:14:85:7c:9d:5e:5a:e5:f2:3b:51:da:
1b:2a:fd:4e:bf:63:4e:b9:23:8c:c4:91:17:71:4f:d6:14:d6:
73:e6:45:eb:aa:d6:7a:15:64:f1:07:26:7c:24:c7:0c:14:67:
5a:4b:12:16:24:ca:08:39:81:40:63:45:f3:04:05:75:44:c2:
59:3f:e1:da:80:1c:f1:7a:c7:1a:99:2d:17:63:03:66:ee:52:
a6:5a:0d:f1:56:2a:71:17:14:c3:c9:ae:5a:48:41:93:53:86:
e4:b8:fd:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEJV2i3TRlm2eUIqVEnQ6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NzhhNDYxYTg1OWRkYzk4NmMwOGE4OGU5NTEyZDVjM2Qy
MjEwZTYwHhcNMjQwMTAxMDgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY0ZjkxYjc4MjM3MDYyYzcwNTg1NjllZjliYjJlOTYyMTE2ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlx0PeoNWdmpJn8hljBfq6ZXRHqHm
N01uumJJsw3L7ycAmQv7rF7HKlIp6GABHKNgyW5NNvpT8EcQRqoMf4Dds+jG549Q
eiTbDy9l4a3QUmwUHfvC92XKpyKSBXpzMy6zH8tjfiKDpOfCgUOv7G4Yq2nrWkvu
PbF/us9cu8OJ+KuDY9OZmCpaFfCVe4vEZlXNISLuo9kECrHq9oow/tQX+SFKEpwe
0WgdHtP8+BZRMYyOm83klwuajNZkZQG2G1RcLv7BJxyQ6Ge/k9xUZE2Wr0bo1xp+
2W+kE3rmZQCZuPOboSWTwZ3HTk1FMwSjkC+rfQCW+EDTHCdVgCrWVNHzuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNNk+Rt4I3BixwWFae+bsuliEWiOMB8GA1UdIwQY
MBaAFLV4pGGoWd3JhsCKiOlRLVw9IhDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFhpa1lhaFozY21Hd0lxSTZWRXRYRDBpRU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wY2VlMzQtNWFjYy00MmQ1LWE1YmYt
ZmMxYzBjY2JjMGI3LzEvMDJUNUczZ2pjR0xIQllWcDc1dXk2V0lSYUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wY2VlMzQtNWFjYy00MmQ1LWE1YmYtZmMxYzBjY2JjMGI3
LzEvdFhpa1lhaFozY21Hd0lxSTZWRXRYRDBpRU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCua2oAwQB
wjV2AwQBwjV6MA0GCSqGSIb3DQEBCwUAA4IBAQCnenBbKXujTiT3rpL/lbXB9PRk
5umSQ7mQ+jRT7fIFpopn+NPO9qffk71wWIzARrJJ71WEVLZZfdTIHKyfwxrECyJH
kl5NlX/xjPdwaoq2c0YPE8J9DgOYOV7C0hyOrZASW2TlZa8t9umNDL5jztzW9tge
MlOtB257ADxdE8YSzA6qWGn9gX08yVtFwzTf2MAOeSOxJVEeFIV8nV5a5fI7Udob
Kv1Ov2NOuSOMxJEXcU/WFNZz5kXrqtZ6FWTxByZ8JMcMFGdaSxIWJMoIOYFAY0Xz
BAV1RMJZP+HagBzxescamS0XYwNm7lKmWg3xVipxFxTDya5aSEGTU4bkuP3T
-----END CERTIFICATE-----
Generated at Tue Aug 20 08:01:56 2024 by rpki-client on console-ams.rpki-client.org