Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/kBwkTDmUYxfoo2SpmK-ALh5dLik.roa
File: kBwkTDmUYxfoo2SpmK-ALh5dLik.roa (raw, json)
Hash identifier: WoHDGvuhbqXO08dTKNrUzOLUyIVloR4cAaWA4eZLjaM=
Subject key identifier: 90:1C:24:4C:39:94:63:17:E8:A3:64:A9:98:AF:80:2E:1E:5D:2E:29
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 01856D4172F1AF43BB0F8CEAB1A1B11CAC76
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/kBwkTDmUYxfoo2SpmK-ALh5dLik.roa
Signing time: Sun 01 Jan 2023 12:14:43 +0000
ROA not before: Sun 01 Jan 2023 12:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206483
IP address blocks: 185.185.78.0/24 maxlen: 24
185.185.76.0/24 maxlen: 24
185.185.77.0/24 maxlen: 24
5.180.188.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jul 2023 15:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:72:f1:af:43:bb:0f:8c:ea:b1:a1:b1:1c:ac:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jan 1 12:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=901c244c39946317e8a364a998af802e1e5d2e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:ae:b3:92:50:d6:10:3e:71:ec:7e:13:e5:
bf:0f:20:61:b5:61:ad:c7:e8:39:b8:04:47:68:7f:
e2:bb:dd:7f:23:48:1a:34:0e:bd:e3:b4:76:25:d6:
e4:f3:1d:3c:26:a5:a8:71:ad:bc:87:c0:02:fe:d5:
8a:a4:1b:82:36:05:5e:c0:d0:4a:18:a5:d4:e9:98:
75:03:34:95:bf:52:88:0a:76:08:5e:64:2a:77:6c:
34:15:19:cf:cd:14:eb:c6:fe:10:75:3b:31:95:59:
79:38:90:ad:81:1b:74:59:5a:3a:64:bb:91:2d:1f:
59:59:aa:2d:bb:ce:47:79:38:36:14:b5:16:60:22:
29:82:38:8f:db:fd:34:54:29:ef:89:96:a9:99:9e:
34:74:ae:69:18:c7:47:d7:35:e1:0e:95:5c:0f:24:
12:b6:bf:fc:f4:1c:7f:c5:35:b1:5f:f7:23:80:97:
e3:a3:ea:32:49:e7:db:33:24:ef:14:25:6c:f1:9e:
0b:55:01:02:23:65:1c:f3:ce:2e:ac:71:d9:06:2f:
e1:1c:ad:b1:b4:33:83:c0:fc:e6:d8:a9:07:49:61:
d9:eb:69:9d:41:cb:d4:d9:f0:b5:1c:fe:40:b1:db:
21:46:a0:0a:c8:2c:43:06:a8:51:f8:a7:5d:58:9d:
80:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:1C:24:4C:39:94:63:17:E8:A3:64:A9:98:AF:80:2E:1E:5D:2E:29
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/kBwkTDmUYxfoo2SpmK-ALh5dLik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.76.0-185.185.78.255
Signature Algorithm: sha256WithRSAEncryption
85:10:22:dd:39:97:ec:ed:02:d2:4a:b4:33:36:b3:4f:29:c7:
9c:8f:bc:79:60:da:84:92:d3:bb:23:a6:4f:85:f6:9f:78:4b:
b5:00:df:eb:12:32:87:9d:fb:af:11:0b:62:07:9c:a1:e2:b4:
68:3b:fc:9f:2c:44:9d:23:c8:f8:d1:36:86:e5:92:a6:59:13:
3a:27:98:ec:dd:0e:0e:e7:a5:b1:db:1e:b0:de:d8:33:fe:de:
45:65:aa:03:69:c0:1f:34:34:6d:50:48:1e:cb:49:bc:7c:8d:
b0:0c:9b:a8:33:1a:08:41:a4:8c:46:db:53:2f:22:76:95:bb:
c5:d0:6f:f2:ea:61:dd:28:93:16:77:29:ce:3a:0d:1f:5a:05:
9b:7a:da:6b:69:bb:38:50:e5:6f:b3:c3:21:80:69:34:95:ab:
1b:c1:f4:3f:08:bd:36:ef:7b:1c:5c:74:64:1a:a0:69:f2:05:
60:b8:4e:ea:ce:00:b3:46:e3:16:70:30:99:f6:45:cb:43:f3:
1b:0f:f2:3c:fb:e9:7e:eb:d9:64:1b:cf:f1:78:5c:85:31:6e:
ec:53:e7:b1:af:75:f6:8b:21:9c:91:b1:21:78:e0:f3:18:44:
48:e1:8b:2d:db:a1:54:c8:5d:24:1b:6b:cb:11:ee:26:06:bd:
a4:26:3c:7e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtQXLxr0O7D4zqsaGxHKx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjMwMTAxMTIxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDFjMjQ0YzM5OTQ2MzE3ZThhMzY0YTk5OGFmODAyZTFlNWQyZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNyus5JQ1hA+cex+E+W/DyBhtWGt
x+g5uARHaH/iu91/I0gaNA6947R2Jdbk8x08JqWoca28h8AC/tWKpBuCNgVewNBK
GKXU6Zh1AzSVv1KICnYIXmQqd2w0FRnPzRTrxv4QdTsxlVl5OJCtgRt0WVo6ZLuR
LR9ZWaotu85HeTg2FLUWYCIpgjiP2/00VCnviZapmZ40dK5pGMdH1zXhDpVcDyQS
tr/89Bx/xTWxX/cjgJfjo+oySefbMyTvFCVs8Z4LVQECI2Uc884urHHZBi/hHK2x
tDODwPzm2KkHSWHZ62mdQcvU2fC1HP5AsdshRqAKyCxDBqhR+KddWJ2AjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJAcJEw5lGMX6KNkqZivgC4eXS4pMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEva0J3a1REbVVZeGZvbzJTcG1LLUFMaDVkTGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCBbS8MAwD
BAK5uUwDBAC5uU4wDQYJKoZIhvcNAQELBQADggEBAIUQIt05l+ztAtJKtDM2s08p
x5yPvHlg2oSS07sjpk+F9p94S7UA3+sSMoed+68RC2IHnKHitGg7/J8sRJ0jyPjR
NoblkqZZEzonmOzdDg7npbHbHrDe2DP+3kVlqgNpwB80NG1QSB7LSbx8jbAMm6gz
GghBpIxG21MvInaVu8XQb/LqYd0okxZ3Kc46DR9aBZt62mtpuzhQ5W+zwyGAaTSV
qxvB9D8IvTbvexxcdGQaoGnyBWC4TurOALNG4xZwMJn2RctD8xsP8jz76X7r2WQb
z/F4XIUxbuxT57GvdfaLIZyRsSF44PMYREjhiy3boVTIXSQba8sR7iYGvaQmPH4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:44 2024 by rpki-client on console-fra.rpki-client.org