Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/BRgdDU09zy8mxeOxFpFhmfjezVA.roa
File: BRgdDU09zy8mxeOxFpFhmfjezVA.roa (raw, json)
Hash identifier: f3p+DY74l4Tfxb0Ine+WMl/iQRKOnPmJxvurEjw7xkc=
Subject key identifier: 05:18:1D:0D:4D:3D:CF:2F:26:C5:E3:B1:16:91:61:99:F8:DE:CD:50
Certificate issuer: /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial: 01875AB7B9BB339300F88DE8AFF5797B6C88
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/BRgdDU09zy8mxeOxFpFhmfjezVA.roa
Signing time: Fri 07 Apr 2023 07:56:42 +0000
ROA not before: Fri 07 Apr 2023 07:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51984
IP address blocks: 185.182.152.0/24 maxlen: 24
185.182.155.0/24 maxlen: 24
185.182.154.0/24 maxlen: 24
185.182.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Dec 2023 14:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:b7:b9:bb:33:93:00:f8:8d:e8:af:f5:79:7b:6c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Validity
Not Before: Apr 7 07:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05181d0d4d3dcf2f26c5e3b116916199f8decd50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5f:c4:4d:c6:e9:84:54:cf:c5:d7:fb:df:88:
37:55:ad:b6:3b:09:6f:b6:ac:87:80:bb:44:11:95:
0a:c6:d0:ee:49:2b:6e:0e:31:09:0e:5e:20:38:eb:
6b:b6:26:1a:cd:67:76:c0:43:37:2a:3a:2c:87:68:
8c:10:fa:06:c4:f3:59:ca:17:cc:1b:5c:24:09:6c:
83:12:de:63:c5:5c:23:1c:9f:73:84:0e:78:e4:ca:
3b:e3:f9:e7:02:2a:2f:35:b7:98:13:da:95:44:d0:
6f:44:e7:c3:d5:07:99:96:55:3d:1a:00:1d:c4:2f:
61:ec:03:4d:a5:48:af:a6:91:04:c3:ad:62:66:fd:
16:5e:63:05:73:41:ac:de:9d:60:11:a2:e6:87:f7:
0d:10:65:c3:36:66:94:cf:07:37:a2:56:a4:e1:3f:
de:ac:14:e1:4d:ba:3d:43:ff:21:f2:95:b9:18:13:
9f:87:47:13:4a:2f:c8:ff:ab:2d:8b:e1:ef:30:7f:
f4:80:ea:7b:13:82:06:a6:99:4e:70:3e:17:3f:73:
86:50:01:f4:64:15:c6:21:d5:ec:bd:55:c1:89:85:
6b:c7:74:7a:30:cf:13:85:e2:8d:7b:cf:9e:87:d6:
d7:ac:99:3f:bd:f1:74:5c:60:ba:7f:8c:ba:73:1d:
33:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:18:1D:0D:4D:3D:CF:2F:26:C5:E3:B1:16:91:61:99:F8:DE:CD:50
X509v3 Authority Key Identifier:
keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/BRgdDU09zy8mxeOxFpFhmfjezVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:88:ef:eb:22:a4:3f:98:ab:05:f5:c5:9f:37:2d:13:64:01:
48:b2:6c:4d:72:cf:5b:0a:51:0f:f6:b1:7e:6d:41:7e:83:9c:
f2:86:ec:94:f7:05:41:e5:7e:35:ab:67:68:da:d6:76:d5:9a:
cb:78:50:99:32:cc:79:93:58:8c:a7:50:cd:95:38:34:ac:34:
0a:7b:5b:77:39:2a:19:3b:1d:6a:54:a2:56:72:50:f8:03:77:
c2:14:09:f8:0d:6f:e8:f4:cb:65:29:eb:7e:61:c8:5f:6a:6e:
0f:35:84:7c:fc:33:be:a7:96:f4:8c:63:29:53:33:28:bd:ba:
9c:2d:d8:21:6f:93:6a:cb:f9:d2:d8:b1:0a:68:30:53:59:14:
06:00:26:ba:86:8f:7c:c6:66:8e:a8:37:0c:2c:4e:50:18:23:
e6:7d:fe:81:84:d7:21:dd:dc:bc:48:99:c5:d6:15:91:de:50:
fd:e2:99:22:f6:79:6f:89:33:3a:6a:6d:d3:00:b8:28:f4:9f:
63:5b:ee:41:c8:0c:ea:02:44:56:1c:84:05:16:cf:b7:a0:cf:
12:b0:6d:76:c3:ae:30:c5:e5:bc:0a:87:78:77:de:37:f2:52:
f6:ae:c5:be:5a:5f:3a:7c:a4:3b:b7:64:c8:5d:d6:f7:3e:3d:
ee:96:23:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdat7m7M5MA+I3or/V5e2yIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYWEzNTQwMWU1Mjk3YjNiNTI3ZTg0ZjkzZWE4YWExMTBk
OTdiOTUwHhcNMjMwNDA3MDc1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE4MWQwZDRkM2RjZjJmMjZjNWUzYjExNjkxNjE5OWY4ZGVjZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV/ETcbphFTPxdf734g3Va22Owlv
tqyHgLtEEZUKxtDuSStuDjEJDl4gOOtrtiYazWd2wEM3Kjosh2iMEPoGxPNZyhfM
G1wkCWyDEt5jxVwjHJ9zhA545Mo74/nnAiovNbeYE9qVRNBvROfD1QeZllU9GgAd
xC9h7ANNpUivppEEw61iZv0WXmMFc0Gs3p1gEaLmh/cNEGXDNmaUzwc3olak4T/e
rBThTbo9Q/8h8pW5GBOfh0cTSi/I/6sti+HvMH/0gOp7E4IGpplOcD4XP3OGUAH0
ZBXGIdXsvVXBiYVrx3R6MM8TheKNe8+eh9bXrJk/vfF0XGC6f4y6cx0zGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUYHQ1NPc8vJsXjsRaRYZn43s1QMB8GA1UdIwQY
MBaAFFuqNUAeUpeztSfoT5PqiqEQ2XuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2Et
NDQwMDE3MDBiOGNhLzEvQlJnZERVMDl6eThteGVPeEZwRmhtZmplelZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2EtNDQwMDE3MDBiOGNh
LzEvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubaYMA0G
CSqGSIb3DQEBCwUAA4IBAQBqiO/rIqQ/mKsF9cWfNy0TZAFIsmxNcs9bClEP9rF+
bUF+g5zyhuyU9wVB5X41q2do2tZ21ZrLeFCZMsx5k1iMp1DNlTg0rDQKe1t3OSoZ
Ox1qVKJWclD4A3fCFAn4DW/o9MtlKet+Ychfam4PNYR8/DO+p5b0jGMpUzMovbqc
Ldghb5Nqy/nS2LEKaDBTWRQGACa6ho98xmaOqDcMLE5QGCPmff6BhNch3dy8SJnF
1hWR3lD94pki9nlviTM6am3TALgo9J9jW+5ByAzqAkRWHIQFFs+3oM8SsG12w64w
xeW8Cod4d9438lL2rsW+Wl86fKQ7t2TIXdb3Pj3uliOS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:28 2024 by rpki-client on console-ams.rpki-client.org