Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/I5Q_ihOEqF356938rB1SeuREFfA.roa
File: I5Q_ihOEqF356938rB1SeuREFfA.roa (raw, json)
Hash identifier: ula5i58wZDYST9Q8HO9xxcOV3MGY65U1pPnV1J9TBS8=
Subject key identifier: 23:94:3F:8A:13:84:A8:5D:F9:EB:DD:FC:AC:1D:52:7A:E4:44:15:F0
Certificate issuer: /CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Certificate serial: 01856B53234AE2E962DA490B6FB695124E2B
Authority key identifier: CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/I5Q_ihOEqF356938rB1SeuREFfA.roa
Signing time: Sun 01 Jan 2023 03:14:48 +0000
ROA not before: Sun 01 Jan 2023 03:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205870
IP address blocks: 185.145.31.0/24 maxlen: 24
185.145.30.0/24 maxlen: 24
185.145.29.0/24 maxlen: 24
185.145.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:23:4a:e2:e9:62:da:49:0b:6f:b6:95:12:4e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb9f8612b7f14750016b848c42f60df36ad832d9
Validity
Not Before: Jan 1 03:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23943f8a1384a85df9ebddfcac1d527ae44415f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:be:bf:e9:80:fc:cc:ab:3d:5e:4a:2a:a5:
23:60:6b:bc:a1:bf:a3:6a:00:25:e6:47:5e:f3:14:
1c:da:88:d0:77:e3:8d:eb:55:3b:ce:87:8e:f8:ea:
e1:8f:05:9f:b1:4b:d4:c2:41:27:41:3e:0a:a7:25:
0e:ca:46:08:9b:61:d5:bf:01:13:30:bd:e2:3c:d1:
99:a9:49:27:04:7a:dc:2a:d7:cc:84:1e:65:5a:3d:
97:47:6a:3b:4a:bb:28:59:2e:15:9a:9c:aa:e6:d5:
c8:a3:e8:b7:24:39:f1:f1:2a:26:d4:0e:65:d0:18:
02:a3:90:af:72:12:ac:dd:d2:2b:09:40:f4:52:66:
6a:b9:27:6f:fb:2a:8e:15:70:38:89:3a:3e:d9:a4:
d6:f4:45:ee:6c:09:34:32:a5:b4:71:4e:58:8b:17:
1c:bd:08:01:c8:5c:59:96:06:49:2b:e7:40:65:ee:
da:2b:a9:4f:79:86:49:1b:79:e3:3b:77:f5:c0:cf:
fd:58:bb:b3:97:6f:9c:27:e2:e2:61:88:ec:2c:29:
10:bc:55:96:6e:56:b0:86:cd:cf:a5:4a:1f:60:11:
00:ef:fa:29:20:e1:77:09:d7:8d:87:36:06:c2:db:
08:43:be:62:c4:88:5c:f8:dc:d1:cf:1e:06:36:28:
97:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:94:3F:8A:13:84:A8:5D:F9:EB:DD:FC:AC:1D:52:7A:E4:44:15:F0
X509v3 Authority Key Identifier:
keyid:CB:9F:86:12:B7:F1:47:50:01:6B:84:8C:42:F6:0D:F3:6A:D8:32:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5-GErfxR1ABa4SMQvYN82rYMtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/I5Q_ihOEqF356938rB1SeuREFfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b84500-ffdb-42d2-9465-a2eade83955d/1/y5-GErfxR1ABa4SMQvYN82rYMtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:db:06:c8:00:6b:21:5e:1e:45:33:34:42:f4:ca:4c:d5:1f:
03:b8:a6:23:86:1f:70:ff:28:cf:b5:66:d4:c8:4c:8b:23:0c:
8c:57:6d:f7:29:a3:f3:f9:ee:f8:30:59:05:6e:6f:5d:a1:5c:
45:3c:32:12:9c:72:1c:57:2f:dc:3b:47:ac:9e:ab:93:27:0f:
63:09:25:b0:db:87:db:a5:3f:e2:57:68:83:96:56:1b:d1:94:
29:98:38:32:b3:e0:d0:02:dc:2f:0d:a6:5d:fe:c5:b3:de:00:
58:c1:52:57:b6:a3:19:f2:75:dc:77:0f:64:24:ef:20:29:40:
46:b4:4d:c5:82:4f:a8:f0:cd:66:69:6c:f7:f4:fa:4b:05:1a:
bf:d9:11:49:09:2a:b4:0b:be:98:14:dc:87:cc:ee:a4:08:0f:
7b:95:20:d5:06:24:fd:ff:48:b9:94:91:f4:8b:3e:80:ed:83:
db:e1:f0:cb:46:9a:1c:32:ce:f7:ea:3f:26:b2:40:68:32:3a:
22:f5:aa:01:50:61:57:e5:ba:e4:30:23:a4:ec:e7:b3:51:91:
e4:f2:f9:2e:bf:1e:2b:d1:dc:8d:a2:41:fb:3d:2f:2f:fb:04:
63:f6:9a:a2:b6:f2:31:58:bb:cc:cc:ad:21:fb:bf:e9:06:e1:
61:96:43:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrUyNK4uli2kkLb7aVEk4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOWY4NjEyYjdmMTQ3NTAwMTZiODQ4YzQyZjYwZGYzNmFk
ODMyZDkwHhcNMjMwMTAxMDMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk0M2Y4YTEzODRhODVkZjllYmRkZmNhYzFkNTI3YWU0NDQxNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfm+v+mA/MyrPV5KKqUjYGu8ob+j
agAl5kde8xQc2ojQd+ON61U7zoeO+OrhjwWfsUvUwkEnQT4KpyUOykYIm2HVvwET
ML3iPNGZqUknBHrcKtfMhB5lWj2XR2o7SrsoWS4Vmpyq5tXIo+i3JDnx8Som1A5l
0BgCo5CvchKs3dIrCUD0UmZquSdv+yqOFXA4iTo+2aTW9EXubAk0MqW0cU5Yixcc
vQgByFxZlgZJK+dAZe7aK6lPeYZJG3njO3f1wM/9WLuzl2+cJ+LiYYjsLCkQvFWW
blawhs3PpUofYBEA7/opIOF3CdeNhzYGwtsIQ75ixIhc+NzRzx4GNiiXGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOUP4oThKhd+evd/KwdUnrkRBXwMB8GA1UdIwQY
MBaAFMufhhK38UdQAWuEjEL2DfNq2DLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUt
YTJlYWRlODM5NTVkLzEvSTVRX2loT0VxRjM1NjkzOHJCMVNldVJFRmZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iODQ1MDAtZmZkYi00MmQyLTk0NjUtYTJlYWRlODM5NTVk
LzEveTUtR0VyZnhSMUFCYTRTTVF2WU44MnJZTXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZEcMA0G
CSqGSIb3DQEBCwUAA4IBAQBa2wbIAGshXh5FMzRC9MpM1R8DuKYjhh9w/yjPtWbU
yEyLIwyMV233KaPz+e74MFkFbm9doVxFPDISnHIcVy/cO0esnquTJw9jCSWw24fb
pT/iV2iDllYb0ZQpmDgys+DQAtwvDaZd/sWz3gBYwVJXtqMZ8nXcdw9kJO8gKUBG
tE3Fgk+o8M1maWz39PpLBRq/2RFJCSq0C76YFNyHzO6kCA97lSDVBiT9/0i5lJH0
iz6A7YPb4fDLRpocMs736j8mskBoMjoi9aoBUGFX5brkMCOk7OezUZHk8vkuvx4r
0dyNokH7PS8v+wRj9pqitvIxWLvMzK0h+7/pBuFhlkOq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:43 2024 by rpki-client on console-fra.rpki-client.org