Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/5Y-SzdhrnuzcRAfrWiwpTWFeOvc.roa
File: 5Y-SzdhrnuzcRAfrWiwpTWFeOvc.roa (raw, json)
Hash identifier: CiArcwn4aTIrCx/UGNqgtLuPzareDEfaIzEMv4XKSpk=
Subject key identifier: E5:8F:92:CD:D8:6B:9E:EC:DC:44:07:EB:5A:2C:29:4D:61:5E:3A:F7
Certificate issuer: /CN=965135dd42519fdda3dd3fdaa9db3357815fad75
Certificate serial: 018CC8019BD8638149E953103B747F363C33
Authority key identifier: 96:51:35:DD:42:51:9F:DD:A3:DD:3F:DA:A9:DB:33:57:81:5F:AD:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llE13UJRn92j3T_aqdszV4FfrXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/5Y-SzdhrnuzcRAfrWiwpTWFeOvc.roa
Signing time: Tue 02 Jan 2024 02:29:57 +0000
ROA not before: Tue 02 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212549
IP address blocks: 185.203.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:9b:d8:63:81:49:e9:53:10:3b:74:7f:36:3c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=965135dd42519fdda3dd3fdaa9db3357815fad75
Validity
Not Before: Jan 2 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e58f92cdd86b9eecdc4407eb5a2c294d615e3af7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:89:b4:f0:cf:77:c0:7b:9b:f0:48:e4:6f:3e:
76:ae:14:12:7c:79:fb:66:36:f1:13:1c:63:c0:a7:
d4:fd:b2:0b:0f:27:38:2a:41:ef:02:2d:5d:85:cb:
ca:d1:b2:ec:ba:91:89:59:40:66:ed:38:ea:12:aa:
84:25:34:34:27:c8:e5:60:0a:dd:a6:51:d6:ca:79:
56:c3:b3:77:fe:10:39:fa:55:c4:6d:a2:36:30:06:
49:45:82:60:ec:a2:5a:19:ff:03:00:b1:58:1b:00:
e2:58:df:09:67:07:8a:f9:87:d1:f9:4d:5a:80:a9:
cd:a2:50:e9:f6:33:14:cf:8b:91:54:ad:f2:ec:aa:
fc:cf:0a:90:56:79:a2:46:91:15:eb:5d:38:6c:68:
9f:ab:3b:42:3b:9c:94:33:10:a8:d1:4d:a7:6b:30:
0e:38:fb:bf:a3:40:15:f0:df:e3:73:ed:e2:eb:14:
7c:4c:c5:84:b2:e1:fd:80:e4:76:bd:7f:76:7e:46:
25:30:67:e8:44:09:64:9d:e9:81:be:db:e1:47:10:
18:99:7d:58:7b:ec:1c:7b:3e:ce:af:ba:56:06:39:
36:7a:1a:70:93:af:59:bb:8d:a4:f2:27:91:77:65:
1f:33:e5:9e:b9:94:d0:38:d8:d1:bd:45:59:93:f2:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:8F:92:CD:D8:6B:9E:EC:DC:44:07:EB:5A:2C:29:4D:61:5E:3A:F7
X509v3 Authority Key Identifier:
keyid:96:51:35:DD:42:51:9F:DD:A3:DD:3F:DA:A9:DB:33:57:81:5F:AD:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llE13UJRn92j3T_aqdszV4FfrXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/5Y-SzdhrnuzcRAfrWiwpTWFeOvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/46d903-afda-421b-8a61-07ee242e136d/1/llE13UJRn92j3T_aqdszV4FfrXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.89.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e2:c2:74:1b:f5:ad:05:33:04:c3:e3:02:e6:aa:5c:40:9f:
24:fb:25:03:a2:4d:76:99:24:e1:ff:a4:8f:5a:9e:bc:f0:2f:
5d:ab:71:17:89:f4:66:18:a5:63:ed:27:15:fe:f5:c2:f1:33:
91:cc:b8:d0:6b:f1:3f:cd:f4:44:21:72:c7:9e:fe:da:ca:ea:
74:2a:cb:91:9c:8a:eb:57:a0:a7:6a:e0:5b:0a:f9:aa:70:4d:
d3:45:dd:59:18:08:fb:eb:3a:ba:6e:f9:fc:90:04:3f:cf:04:
46:69:53:f8:30:28:c0:3a:4b:cc:d6:9f:d4:b7:69:1b:b0:33:
60:cf:a5:76:38:2c:fb:21:28:5c:54:d4:44:ae:0d:2a:7f:6f:
2c:03:2e:dd:1b:91:eb:e0:ee:d4:9f:9b:88:9d:e1:6a:13:b6:
d1:54:7b:74:b6:d8:39:ae:ff:d9:f7:fa:e3:86:06:18:e4:d0:
6d:28:a2:48:8a:b5:9e:08:cd:a4:17:c3:67:af:71:8c:06:f0:
91:d4:28:dd:83:f5:25:15:92:54:ce:75:98:0b:65:23:cd:b2:
4b:73:46:92:50:39:80:0f:34:58:83:05:50:a5:9c:34:72:54:
62:08:a2:f3:78:c0:03:00:a4:69:12:80:85:b3:5d:9b:6e:5f:
c5:e6:2c:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAZvYY4FJ6VMQO3R/NjwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NTEzNWRkNDI1MTlmZGRhM2RkM2ZkYWE5ZGIzMzU3ODE1
ZmFkNzUwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNThmOTJjZGQ4NmI5ZWVjZGM0NDA3ZWI1YTJjMjk0ZDYxNWUzYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtom08M93wHub8Ejkbz52rhQSfHn7
ZjbxExxjwKfU/bILDyc4KkHvAi1dhcvK0bLsupGJWUBm7TjqEqqEJTQ0J8jlYArd
plHWynlWw7N3/hA5+lXEbaI2MAZJRYJg7KJaGf8DALFYGwDiWN8JZweK+YfR+U1a
gKnNolDp9jMUz4uRVK3y7Kr8zwqQVnmiRpEV6104bGifqztCO5yUMxCo0U2nazAO
OPu/o0AV8N/jc+3i6xR8TMWEsuH9gOR2vX92fkYlMGfoRAlknemBvtvhRxAYmX1Y
e+wcez7Or7pWBjk2ehpwk69Zu42k8ieRd2UfM+WeuZTQONjRvUVZk/KPWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWPks3Ya57s3EQH61osKU1hXjr3MB8GA1UdIwQY
MBaAFJZRNd1CUZ/do90/2qnbM1eBX611MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGxFMTNVSlJuOTJqM1RfYXFkc3pWNEZmclhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80NmQ5MDMtYWZkYS00MjFiLThhNjEt
MDdlZTI0MmUxMzZkLzEvNVktU3pkaHJudXpjUkFmcldpd3BUV0ZlT3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80NmQ5MDMtYWZkYS00MjFiLThhNjEtMDdlZTI0MmUxMzZk
LzEvbGxFMTNVSlJuOTJqM1RfYXFkc3pWNEZmclhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuctZMA0G
CSqGSIb3DQEBCwUAA4IBAQCY4sJ0G/WtBTMEw+MC5qpcQJ8k+yUDok12mSTh/6SP
Wp688C9dq3EXifRmGKVj7ScV/vXC8TORzLjQa/E/zfREIXLHnv7ayup0KsuRnIrr
V6CnauBbCvmqcE3TRd1ZGAj76zq6bvn8kAQ/zwRGaVP4MCjAOkvM1p/Ut2kbsDNg
z6V2OCz7IShcVNRErg0qf28sAy7dG5Hr4O7Un5uIneFqE7bRVHt0ttg5rv/Z9/rj
hgYY5NBtKKJIirWeCM2kF8Nnr3GMBvCR1Cjdg/UlFZJUznWYC2UjzbJLc0aSUDmA
DzRYgwVQpZw0clRiCKLzeMADAKRpEoCFs12bbl/F5iw6
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:15:12 2025 by rpki-client