Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/9fX5M9rtKW8vnU2EcSySM6EfBJI.roa
File: 9fX5M9rtKW8vnU2EcSySM6EfBJI.roa (raw, json)
Hash identifier: IM6GockrHeHgOO6j07o4mHQAJTSo70b6ripbbe9RN+I=
Subject key identifier: F5:F5:F9:33:DA:ED:29:6F:2F:9D:4D:84:71:2C:92:33:A1:1F:04:92
Certificate issuer: /CN=ba7966ecfd8bc2d31833f70afba4f7f8a15b24a3
Certificate serial: 018F75440F84016F10C49B4F910AC094E5A0
Authority key identifier: BA:79:66:EC:FD:8B:C2:D3:18:33:F7:0A:FB:A4:F7:F8:A1:5B:24:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unlm7P2LwtMYM_cK-6T3-KFbJKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/9fX5M9rtKW8vnU2EcSySM6EfBJI.roa
Signing time: Tue 14 May 2024 04:02:25 +0000
ROA not before: Tue 14 May 2024 04:02:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23422
IP address blocks: 185.215.225.0/24 maxlen: 24
185.215.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 May 2024 04:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:44:0f:84:01:6f:10:c4:9b:4f:91:0a:c0:94:e5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba7966ecfd8bc2d31833f70afba4f7f8a15b24a3
Validity
Not Before: May 14 04:02:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5f5f933daed296f2f9d4d84712c9233a11f0492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:11:a0:45:16:4d:40:0c:09:0a:84:1a:0e:2a:
68:a0:48:91:17:ca:9e:ec:67:54:64:7e:23:52:26:
98:52:6c:9f:ef:ec:74:64:9d:17:c4:64:36:40:d8:
b1:61:b1:45:6b:f7:c8:9a:e2:5d:b7:ea:76:ae:5d:
58:60:ce:47:2a:cb:f3:14:60:f3:e5:6a:39:da:fe:
76:a8:76:5f:29:d9:fb:d6:02:84:f1:79:6a:25:ba:
85:a6:a0:92:3a:5d:8f:63:2f:bb:8f:b1:17:fc:3d:
7f:b6:3a:01:ca:9d:58:4f:c2:5e:0a:0e:75:a6:ed:
73:58:22:77:56:ae:da:e2:0e:7a:e7:d1:9a:1f:d0:
88:26:d9:3c:17:55:04:2e:be:3d:5b:0c:c4:8c:6e:
2c:6d:8f:a1:cc:87:e0:51:a8:9e:02:38:9f:7c:48:
c8:ee:cd:b1:95:a5:f1:ce:29:c8:80:c7:44:cd:1b:
c8:96:a8:d2:ce:84:b6:1b:a9:be:b6:62:e4:a3:80:
ed:4d:cc:ac:55:07:84:61:ae:44:af:d5:76:0c:9c:
0f:5e:91:7f:3e:3b:f3:1e:ae:3e:e6:a1:49:3d:b9:
21:96:ae:e6:6f:36:bf:e7:a9:89:ec:5f:57:77:ac:
cd:8b:90:00:56:56:0b:d0:d4:3d:cb:e9:04:63:d8:
37:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F5:F9:33:DA:ED:29:6F:2F:9D:4D:84:71:2C:92:33:A1:1F:04:92
X509v3 Authority Key Identifier:
keyid:BA:79:66:EC:FD:8B:C2:D3:18:33:F7:0A:FB:A4:F7:F8:A1:5B:24:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unlm7P2LwtMYM_cK-6T3-KFbJKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/9fX5M9rtKW8vnU2EcSySM6EfBJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/unlm7P2LwtMYM_cK-6T3-KFbJKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.225.0-185.215.226.255
Signature Algorithm: sha256WithRSAEncryption
46:c9:96:e3:c5:cd:51:5a:96:e2:99:3e:e3:77:fc:f7:eb:80:
0b:d8:9c:e8:70:aa:f4:66:2c:67:c9:1f:74:0a:56:5f:83:30:
63:c6:71:37:b7:6d:98:ec:fc:6a:cb:56:58:b1:7c:14:1a:dd:
b8:66:29:0f:74:aa:7c:c8:a2:bd:85:01:3e:4a:54:90:53:ed:
b1:5b:54:a2:72:9c:2c:0d:23:45:23:99:35:02:51:6f:80:6d:
af:8e:cc:27:25:a0:fc:7a:a1:2d:5f:48:dd:f7:f3:bf:fc:16:
4b:e2:58:a2:3f:28:d4:da:f1:20:16:3c:22:1f:2e:0e:c7:0c:
74:0c:1a:e3:c3:55:e5:6f:c9:0b:92:7a:12:0e:97:75:78:c3:
06:12:7c:61:de:98:89:ec:a2:92:bb:36:1b:9f:c5:64:30:34:
89:3b:95:25:65:11:3e:dc:c2:1f:e0:99:0a:63:21:5e:6d:57:
f0:a1:c6:8d:d3:52:ab:3a:96:d9:0e:32:f2:9e:90:0a:7c:d2:
7f:67:5f:98:cd:bc:e5:81:49:50:df:30:e6:46:08:ae:91:38:
0b:94:4e:29:8c:6e:3c:16:5d:84:74:6e:c7:11:58:6b:45:17:
b2:fa:fb:ae:a4:42:66:1d:0d:e9:bc:9b:e6:1b:4a:5a:f4:8d:
41:41:a1:b4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY91RA+EAW8QxJtPkQrAlOWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzk2NmVjZmQ4YmMyZDMxODMzZjcwYWZiYTRmN2Y4YTE1
YjI0YTMwHhcNMjQwNTE0MDQwMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWY1ZjkzM2RhZWQyOTZmMmY5ZDRkODQ3MTJjOTIzM2ExMWYwNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhGgRRZNQAwJCoQaDipooEiRF8qe
7GdUZH4jUiaYUmyf7+x0ZJ0XxGQ2QNixYbFFa/fImuJdt+p2rl1YYM5HKsvzFGDz
5Wo52v52qHZfKdn71gKE8XlqJbqFpqCSOl2PYy+7j7EX/D1/tjoByp1YT8JeCg51
pu1zWCJ3Vq7a4g5659GaH9CIJtk8F1UELr49WwzEjG4sbY+hzIfgUaieAjiffEjI
7s2xlaXxzinIgMdEzRvIlqjSzoS2G6m+tmLko4DtTcysVQeEYa5Er9V2DJwPXpF/
PjvzHq4+5qFJPbkhlq7mbza/56mJ7F9Xd6zNi5AAVlYL0NQ9y+kEY9g3wwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPX1+TPa7SlvL51NhHEskjOhHwSSMB8GA1UdIwQY
MBaAFLp5Zuz9i8LTGDP3Cvuk9/ihWySjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5sbTdQMkx3dE1ZTV9jSy02VDMtS0ZiSktNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84NmYzNTAtOTRkZi00ODMwLThlOWIt
ZmIwNDQzYjhkOWJlLzEvOWZYNU05cnRLVzh2blUyRWNTeVNNNkVmQkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84NmYzNTAtOTRkZi00ODMwLThlOWItZmIwNDQzYjhkOWJl
LzEvdW5sbTdQMkx3dE1ZTV9jSy02VDMtS0ZiSktNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC51+ED
BAC51+IwDQYJKoZIhvcNAQELBQADggEBAEbJluPFzVFaluKZPuN3/PfrgAvYnOhw
qvRmLGfJH3QKVl+DMGPGcTe3bZjs/GrLVlixfBQa3bhmKQ90qnzIor2FAT5KVJBT
7bFbVKJynCwNI0UjmTUCUW+Aba+OzCcloPx6oS1fSN3387/8FkviWKI/KNTa8SAW
PCIfLg7HDHQMGuPDVeVvyQuSehIOl3V4wwYSfGHemInsopK7NhufxWQwNIk7lSVl
ET7cwh/gmQpjIV5tV/Chxo3TUqs6ltkOMvKekAp80n9nX5jNvOWBSVDfMOZGCK6R
OAuUTimMbjwWXYR0bscRWGtFF7L6+66kQmYdDem8m+YbSlr0jUFBobQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:45 2024 by rpki-client on console-fra.rpki-client.org