Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/5eaDPx6zIyMihP5R14XtvgfM3mU.roa
File: 5eaDPx6zIyMihP5R14XtvgfM3mU.roa (raw, json)
Hash identifier: rM/8U/hlNl1XdaJyixb3BbY0Wg8EdMn6MltO9oJQYUU=
Subject key identifier: E5:E6:83:3F:1E:B3:23:23:22:84:FE:51:D7:85:ED:BE:07:CC:DE:65
Certificate issuer: /CN=e55b1a4f1942e4b1d894cbc8cf09073d02890170
Certificate serial: 018CC79427260EE9CEFC92C0348374AEAE01
Authority key identifier: E5:5B:1A:4F:19:42:E4:B1:D8:94:CB:C8:CF:09:07:3D:02:89:01:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5VsaTxlC5LHYlMvIzwkHPQKJAXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/5eaDPx6zIyMihP5R14XtvgfM3mU.roa
Signing time: Tue 02 Jan 2024 00:30:24 +0000
ROA not before: Tue 02 Jan 2024 00:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211740
IP address blocks: 185.112.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:27:26:0e:e9:ce:fc:92:c0:34:83:74:ae:ae:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e55b1a4f1942e4b1d894cbc8cf09073d02890170
Validity
Not Before: Jan 2 00:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5e6833f1eb323232284fe51d785edbe07ccde65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8c:50:ce:50:3e:b9:20:11:d1:84:9a:a2:cd:
9c:51:75:38:ad:02:6f:31:71:63:09:a3:b1:5f:82:
51:1e:64:9a:ed:26:b9:c1:c3:86:16:c8:ea:82:11:
20:45:96:2f:42:be:b7:b8:96:5e:cb:e0:21:af:f4:
e7:5d:8a:96:a2:94:a6:f0:0d:85:1c:20:13:a0:7c:
ee:05:de:0d:b0:37:e9:01:c8:e9:6a:22:ae:e8:94:
21:54:6a:9c:37:09:a8:54:57:f2:98:50:8b:d5:a9:
ad:58:12:ed:ba:fa:77:08:c3:64:6f:e7:87:d0:98:
ea:58:53:c6:c8:d2:8b:6b:04:ea:59:a0:6c:5f:bc:
d5:09:c3:85:ca:32:00:29:ce:b1:0d:a6:3c:72:7c:
e2:58:c0:0a:e1:1f:7e:c6:f2:31:47:c9:fe:7c:c6:
b7:3a:00:ed:32:39:f1:af:a2:11:fa:d7:79:c6:9a:
d5:c7:3b:8b:63:c1:6f:26:1e:71:14:76:29:99:c8:
04:76:d9:cd:e1:c6:8a:64:d9:4b:8e:25:b8:08:b0:
5e:9e:5b:31:df:2a:78:ba:05:48:1b:42:72:9e:fb:
16:cb:41:8a:5b:bd:86:3e:19:72:82:25:ff:f4:4e:
54:18:bd:41:af:db:93:91:9b:17:3b:dc:5c:4f:1e:
74:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:E6:83:3F:1E:B3:23:23:22:84:FE:51:D7:85:ED:BE:07:CC:DE:65
X509v3 Authority Key Identifier:
keyid:E5:5B:1A:4F:19:42:E4:B1:D8:94:CB:C8:CF:09:07:3D:02:89:01:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VsaTxlC5LHYlMvIzwkHPQKJAXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/5eaDPx6zIyMihP5R14XtvgfM3mU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/5VsaTxlC5LHYlMvIzwkHPQKJAXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.88.0/22
Signature Algorithm: sha256WithRSAEncryption
88:e9:0e:ad:69:ec:9e:64:6f:a3:f6:24:00:be:de:ef:e4:15:
52:d2:54:69:8e:bd:1e:87:6d:4c:23:d3:56:e1:27:ce:c5:05:
b7:8c:ca:ff:f8:2b:31:41:37:7b:76:5e:92:3c:1e:62:3c:f1:
a1:b8:76:c8:65:96:db:20:54:4a:54:cf:11:d3:d5:78:38:ac:
80:37:20:ca:c7:27:30:8c:1c:7b:3b:5e:13:ec:a3:53:45:94:
66:55:b5:3b:30:99:4e:7f:96:d2:34:34:8d:8f:15:b3:ed:49:
79:a0:d5:a2:b1:92:cb:3c:89:2a:84:75:18:09:64:4e:71:fc:
85:81:8b:d3:6d:c7:27:d3:b0:1a:1a:5b:a4:1a:64:ed:05:f2:
e6:8a:90:42:a2:76:5c:51:72:2f:d1:3c:d0:c9:4d:9d:54:fa:
55:34:de:f7:9f:f1:9f:78:52:ed:ba:4a:c9:29:d2:87:04:95:
cf:4b:67:3e:a4:ee:a7:05:31:cd:5f:6f:f4:cd:6e:59:04:66:
61:81:bb:4a:8b:8a:c3:56:f3:dd:81:b3:eb:48:6f:f4:6b:97:
af:68:d9:a6:e0:38:ff:0b:cd:d2:3d:9f:c7:2d:a0:8c:9d:ba:
f8:c2:5a:49:9e:7b:f6:af:d7:70:9d:7e:2c:da:8a:f1:31:93:
9c:4c:bb:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlCcmDunO/JLANIN0rq4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NWIxYTRmMTk0MmU0YjFkODk0Y2JjOGNmMDkwNzNkMDI4
OTAxNzAwHhcNMjQwMTAyMDAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWU2ODMzZjFlYjMyMzIzMjI4NGZlNTFkNzg1ZWRiZTA3Y2NkZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIxQzlA+uSAR0YSaos2cUXU4rQJv
MXFjCaOxX4JRHmSa7Sa5wcOGFsjqghEgRZYvQr63uJZey+Ahr/TnXYqWopSm8A2F
HCAToHzuBd4NsDfpAcjpaiKu6JQhVGqcNwmoVFfymFCL1amtWBLtuvp3CMNkb+eH
0JjqWFPGyNKLawTqWaBsX7zVCcOFyjIAKc6xDaY8cnziWMAK4R9+xvIxR8n+fMa3
OgDtMjnxr6IR+td5xprVxzuLY8FvJh5xFHYpmcgEdtnN4caKZNlLjiW4CLBenlsx
3yp4ugVIG0JynvsWy0GKW72GPhlygiX/9E5UGL1Br9uTkZsXO9xcTx50wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOXmgz8esyMjIoT+UdeF7b4HzN5lMB8GA1UdIwQY
MBaAFOVbGk8ZQuSx2JTLyM8JBz0CiQFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZzYVR4bEM1TEhZbE12SXp3a0hQUUtKQVhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jNjZhMWYtNzcwNy00ZjhkLWEyNzQt
NGRmNjVhYmE2YTYyLzEvNWVhRFB4NnpJeU1paFA1UjE0WHR2Z2ZNM21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jNjZhMWYtNzcwNy00ZjhkLWEyNzQtNGRmNjVhYmE2YTYy
LzEvNVZzYVR4bEM1TEhZbE12SXp3a0hQUUtKQVhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXBYMA0G
CSqGSIb3DQEBCwUAA4IBAQCI6Q6taeyeZG+j9iQAvt7v5BVS0lRpjr0eh21MI9NW
4SfOxQW3jMr/+CsxQTd7dl6SPB5iPPGhuHbIZZbbIFRKVM8R09V4OKyANyDKxycw
jBx7O14T7KNTRZRmVbU7MJlOf5bSNDSNjxWz7Ul5oNWisZLLPIkqhHUYCWROcfyF
gYvTbccn07AaGlukGmTtBfLmipBConZcUXIv0TzQyU2dVPpVNN73n/GfeFLtukrJ
KdKHBJXPS2c+pO6nBTHNX2/0zW5ZBGZhgbtKi4rDVvPdgbPrSG/0a5evaNmm4Dj/
C83SPZ/HLaCMnbr4wlpJnnv2r9dwnX4s2orxMZOcTLt7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:51 2025 by rpki-client