Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/XVsQeUXtakh1PX5CTYkIvzPs9d4.roa
File: XVsQeUXtakh1PX5CTYkIvzPs9d4.roa (raw, json)
Hash identifier: 4z1xk/0f0x55MrsSN4n1bpoXMrhR4Dgw25IqLBEPq1k=
Subject key identifier: 5D:5B:10:79:45:ED:6A:48:75:3D:7E:42:4D:89:08:BF:33:EC:F5:DE
Certificate issuer: /CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Certificate serial: 018A2397B6C9DB83F5E16290978F309677EF
Authority key identifier: 05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/XVsQeUXtakh1PX5CTYkIvzPs9d4.roa
Signing time: Wed 23 Aug 2023 18:10:59 +0000
ROA not before: Wed 23 Aug 2023 18:10:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13335
IP address blocks: 185.112.245.0/24 maxlen: 24
185.112.244.0/24 maxlen: 24
185.112.246.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:97:b6:c9:db:83:f5:e1:62:90:97:8f:30:96:77:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05da7571c5eb13b1ae4f4417cefec2bd77902e2d
Validity
Not Before: Aug 23 18:10:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d5b107945ed6a48753d7e424d8908bf33ecf5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:0b:2d:20:de:65:89:79:91:6a:bf:5e:c3:
ee:5d:50:7a:d7:27:d1:cc:8f:4e:c1:6a:91:db:6e:
8b:ca:94:8c:64:1a:4b:8a:9c:8f:72:ac:5e:42:9f:
f8:38:53:8f:4c:8f:7d:ff:2c:32:76:1f:aa:14:24:
ed:35:c1:2b:94:36:57:31:da:56:f5:12:70:af:3b:
13:62:6f:73:7c:0b:41:9d:4c:82:73:98:20:68:b7:
76:69:51:27:b7:7f:d1:8b:3a:2f:ed:9c:20:28:e2:
1b:11:77:18:e0:2a:83:a1:30:e6:56:6f:42:ef:d3:
36:83:f2:49:ad:40:4e:20:90:9f:e7:bd:24:f0:d6:
b4:44:24:ed:fa:8f:55:b2:a4:da:b4:cd:00:e1:98:
1c:47:53:eb:e8:de:07:15:f0:3c:88:52:77:bf:a3:
29:e3:8b:de:d7:34:cb:30:1b:a5:cb:da:d2:6c:da:
3b:8d:69:0f:17:e0:48:16:b2:9c:19:31:42:53:c0:
ae:65:d9:07:ce:56:b7:24:d5:2d:32:2c:6f:5d:cd:
59:2e:00:5d:b4:51:ba:70:0d:9c:d9:9d:9a:cd:04:
8f:02:aa:31:0a:ae:5d:f6:53:aa:4a:bf:de:f4:68:
bc:03:95:16:38:d4:54:f9:bd:bf:83:f0:21:03:be:
27:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:5B:10:79:45:ED:6A:48:75:3D:7E:42:4D:89:08:BF:33:EC:F5:DE
X509v3 Authority Key Identifier:
keyid:05:DA:75:71:C5:EB:13:B1:AE:4F:44:17:CE:FE:C2:BD:77:90:2E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/XVsQeUXtakh1PX5CTYkIvzPs9d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f64f83-370a-4901-8bfa-3655302bf005/1/Bdp1ccXrE7GuT0QXzv7CvXeQLi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.244.0-185.112.246.255
Signature Algorithm: sha256WithRSAEncryption
97:64:5d:9d:da:7a:61:8c:94:05:f6:cd:f1:9c:59:5f:d8:eb:
bd:e5:91:68:3a:52:76:78:dd:08:52:ad:f8:be:b5:f2:c6:9f:
66:60:f0:60:73:b5:f3:ac:e2:0f:4d:d9:d4:cf:0b:ab:fb:cf:
05:2e:38:06:b9:6a:ff:41:32:e3:13:bd:96:4e:75:15:dd:a3:
68:f0:37:24:ce:04:c6:8e:84:9f:6a:5f:05:be:8d:48:71:14:
10:16:40:d8:d1:c2:c8:21:ff:7b:2e:b8:96:54:94:5d:d2:00:
93:96:fd:d3:9b:68:03:8a:58:05:bd:7a:43:f3:67:1a:7b:a4:
a2:90:09:16:0c:87:35:17:77:46:28:dd:22:b3:c6:b9:9f:78:
3d:bd:14:37:aa:d7:03:23:28:e8:cd:fd:fd:74:ed:49:c0:34:
1f:db:13:0a:d3:32:f6:ac:5f:a2:25:84:c0:07:18:1a:63:94:
1a:d3:71:b7:c7:fd:aa:cd:9b:ff:1b:56:7f:1b:03:61:d2:dc:
f8:8c:f0:6b:3e:3c:50:35:39:70:4f:d9:37:12:e7:b2:66:ff:
b5:53:a0:c1:ba:c2:6d:d1:7e:cc:6b:8d:36:65:ed:4b:d2:d8:
18:ee:5f:3b:6d:c8:a7:4a:16:b5:b2:2f:e0:63:48:a1:86:69:
56:2e:10:94
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYojl7bJ24P14WKQl48wlnfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZGE3NTcxYzVlYjEzYjFhZTRmNDQxN2NlZmVjMmJkNzc5
MDJlMmQwHhcNMjMwODIzMTgxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDViMTA3OTQ1ZWQ2YTQ4NzUzZDdlNDI0ZDg5MDhiZjMzZWNmNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtALLSDeZYl5kWq/XsPuXVB61yfR
zI9OwWqR226LypSMZBpLipyPcqxeQp/4OFOPTI99/ywydh+qFCTtNcErlDZXMdpW
9RJwrzsTYm9zfAtBnUyCc5ggaLd2aVEnt3/Rizov7ZwgKOIbEXcY4CqDoTDmVm9C
79M2g/JJrUBOIJCf570k8Na0RCTt+o9VsqTatM0A4ZgcR1Pr6N4HFfA8iFJ3v6Mp
44ve1zTLMBuly9rSbNo7jWkPF+BIFrKcGTFCU8CuZdkHzla3JNUtMixvXc1ZLgBd
tFG6cA2c2Z2azQSPAqoxCq5d9lOqSr/e9Gi8A5UWONRU+b2/g/AhA74nrwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF1bEHlF7WpIdT1+Qk2JCL8z7PXeMB8GA1UdIwQY
MBaAFAXadXHF6xOxrk9EF87+wr13kC4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEt
MzY1NTMwMmJmMDA1LzEvWFZzUWVVWHRha2gxUFg1Q1RZa0l2elBzOWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjRmODMtMzcwYS00OTAxLThiZmEtMzY1NTMwMmJmMDA1
LzEvQmRwMWNjWHJFN0d1VDBRWHp2N0N2WGVRTGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5cPQD
BAC5cPYwDQYJKoZIhvcNAQELBQADggEBAJdkXZ3aemGMlAX2zfGcWV/Y673lkWg6
UnZ43QhSrfi+tfLGn2Zg8GBztfOs4g9N2dTPC6v7zwUuOAa5av9BMuMTvZZOdRXd
o2jwNyTOBMaOhJ9qXwW+jUhxFBAWQNjRwsgh/3suuJZUlF3SAJOW/dObaAOKWAW9
ekPzZxp7pKKQCRYMhzUXd0Yo3SKzxrmfeD29FDeq1wMjKOjN/f107UnANB/bEwrT
MvasX6IlhMAHGBpjlBrTcbfH/arNm/8bVn8bA2HS3PiM8Gs+PFA1OXBP2TcS57Jm
/7VToMG6wm3RfsxrjTZl7UvS2BjuXzttyKdKFrWyL+BjSKGGaVYuEJQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:08 2024 by rpki-client on console-fra.rpki-client.org