Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/pYkjdOpyWghMu4HV2VkoDkuT31w.roa
File: pYkjdOpyWghMu4HV2VkoDkuT31w.roa (raw, json)
Hash identifier: YOtYEDg8sXz73CvfgPjihdgKp3yfZsFHTJnQ2C5R2vg=
Subject key identifier: A5:89:23:74:EA:72:5A:08:4C:BB:81:D5:D9:59:28:0E:4B:93:DF:5C
Certificate issuer: /CN=729b33de6051d04d75f6bb1f7e53b1efd6646211
Certificate serial: 01856DC1C9F356C5C83FC21EE53A075794AB
Authority key identifier: 72:9B:33:DE:60:51:D0:4D:75:F6:BB:1F:7E:53:B1:EF:D6:64:62:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpsz3mBR0E119rsfflOx79ZkYhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/pYkjdOpyWghMu4HV2VkoDkuT31w.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2872
IP address blocks: 185.152.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c9:f3:56:c5:c8:3f:c2:1e:e5:3a:07:57:94:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=729b33de6051d04d75f6bb1f7e53b1efd6646211
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5892374ea725a084cbb81d5d959280e4b93df5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:65:8f:05:2b:61:a0:2e:96:bb:59:13:75:d1:
e8:4a:89:bc:fe:11:5a:dd:4a:11:52:b9:5b:5c:29:
23:0a:96:ea:1b:77:42:51:93:65:9b:7f:91:d7:da:
0b:a3:dd:60:b0:8a:e6:d1:3a:e9:47:02:60:7d:27:
03:f1:83:bd:a5:72:06:d9:c8:b8:c1:c3:65:f4:b1:
bd:63:f3:e8:92:83:2b:88:96:16:f7:6b:1f:a9:79:
b2:4b:7c:e0:41:92:11:ff:80:0f:95:0e:1e:c2:cc:
94:28:26:66:7f:9f:2d:53:4b:36:6d:8f:35:86:b8:
0d:af:20:e5:0d:16:f1:91:81:d2:ef:7e:fe:ad:c5:
c9:d8:4a:70:04:b8:a4:66:a6:df:1e:ab:5c:90:93:
ce:3e:d1:8d:64:17:96:28:57:ee:8b:1e:40:51:d9:
71:ff:9c:bc:78:7d:75:cf:31:67:cb:c5:3d:b4:f4:
c8:44:30:5b:26:1d:f7:4d:b4:fd:88:34:88:b4:6b:
2a:f9:b7:e2:f3:7b:18:31:46:20:dc:ac:fa:63:92:
0e:95:8d:2b:e1:56:b4:b5:0a:f8:18:45:bc:9e:a6:
d7:9b:e1:52:7c:ff:4f:a3:14:ee:04:ae:5b:e4:d8:
a6:1c:63:b4:45:a7:b6:ce:53:ae:fb:3b:b4:fe:d4:
af:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:89:23:74:EA:72:5A:08:4C:BB:81:D5:D9:59:28:0E:4B:93:DF:5C
X509v3 Authority Key Identifier:
keyid:72:9B:33:DE:60:51:D0:4D:75:F6:BB:1F:7E:53:B1:EF:D6:64:62:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpsz3mBR0E119rsfflOx79ZkYhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/pYkjdOpyWghMu4HV2VkoDkuT31w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/cpsz3mBR0E119rsfflOx79ZkYhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.90.0/24
Signature Algorithm: sha256WithRSAEncryption
89:45:cd:d6:f6:b6:03:09:4c:49:33:cb:9d:a1:22:63:f5:95:
08:f5:5f:13:95:cb:48:eb:26:3a:d6:0e:4c:68:bd:e5:81:74:
53:dc:3b:09:cd:7e:9b:20:6e:9a:95:4d:14:48:f6:1b:9b:7c:
b3:27:22:39:37:6f:0a:02:be:03:43:e7:e9:52:76:d0:8d:66:
22:64:08:6f:af:b0:53:f6:03:cd:b7:69:9a:3f:ea:1d:ff:8f:
dd:22:9b:5b:e2:01:53:0d:53:9e:0b:86:20:f9:6a:05:c8:70:
cd:07:26:2e:aa:84:d0:cd:5e:55:4d:b5:b7:fc:d0:be:6f:80:
b9:45:38:8f:7e:b6:00:2a:80:ab:57:82:c6:31:67:77:7e:42:
62:ff:1f:0e:fd:9b:09:10:22:94:3e:7c:c0:1f:b9:2f:c8:a3:
38:b5:2d:4f:02:90:e1:a7:0e:12:57:1e:98:7f:5f:12:b3:18:
4b:5d:34:3d:00:bc:85:e0:d0:76:17:3f:65:c1:47:28:67:4c:
52:67:f0:fc:d4:03:2b:96:ae:5c:f7:f7:c1:15:eb:1c:d8:fa:
d6:6b:e0:59:b9:62:70:25:96:92:a7:6b:a4:3a:84:23:8c:bf:
59:f1:ad:17:a7:92:b4:71:00:8c:fd:95:59:48:7f:39:15:07:
9b:0c:83:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwcnzVsXIP8Ie5ToHV5SrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOWIzM2RlNjA1MWQwNGQ3NWY2YmIxZjdlNTNiMWVmZDY2
NDYyMTEwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTg5MjM3NGVhNzI1YTA4NGNiYjgxZDVkOTU5MjgwZTRiOTNkZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGWPBSthoC6Wu1kTddHoSom8/hFa
3UoRUrlbXCkjCpbqG3dCUZNlm3+R19oLo91gsIrm0TrpRwJgfScD8YO9pXIG2ci4
wcNl9LG9Y/PokoMriJYW92sfqXmyS3zgQZIR/4APlQ4ewsyUKCZmf58tU0s2bY81
hrgNryDlDRbxkYHS737+rcXJ2EpwBLikZqbfHqtckJPOPtGNZBeWKFfuix5AUdlx
/5y8eH11zzFny8U9tPTIRDBbJh33TbT9iDSItGsq+bfi83sYMUYg3Kz6Y5IOlY0r
4Va0tQr4GEW8nqbXm+FSfP9PoxTuBK5b5NimHGO0Rae2zlOu+zu0/tSvXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWJI3TqcloITLuB1dlZKA5Lk99cMB8GA1UdIwQY
MBaAFHKbM95gUdBNdfa7H35Tse/WZGIRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BzejNtQlIwRTExOXJzZmZsT3g3OVprWWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yZDk1NDEtZWI3ZS00YTFhLWI4NGIt
NmVhMjc5YTJlNmNiLzEvcFlramRPcHlXZ2hNdTRIVjJWa29Ea3VUMzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8yZDk1NDEtZWI3ZS00YTFhLWI4NGItNmVhMjc5YTJlNmNi
LzEvY3BzejNtQlIwRTExOXJzZmZsT3g3OVprWWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZhaMA0G
CSqGSIb3DQEBCwUAA4IBAQCJRc3W9rYDCUxJM8udoSJj9ZUI9V8TlctI6yY61g5M
aL3lgXRT3DsJzX6bIG6alU0USPYbm3yzJyI5N28KAr4DQ+fpUnbQjWYiZAhvr7BT
9gPNt2maP+od/4/dIptb4gFTDVOeC4Yg+WoFyHDNByYuqoTQzV5VTbW3/NC+b4C5
RTiPfrYAKoCrV4LGMWd3fkJi/x8O/ZsJECKUPnzAH7kvyKM4tS1PApDhpw4SVx6Y
f18SsxhLXTQ9ALyF4NB2Fz9lwUcoZ0xSZ/D81AMrlq5c9/fBFesc2PrWa+BZuWJw
JZaSp2ukOoQjjL9Z8a0Xp5K0cQCM/ZVZSH85FQebDIOP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org