Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/5JzLFNNA0VjsCJdrYKqRfHELM-A.roa
File: 5JzLFNNA0VjsCJdrYKqRfHELM-A.roa (raw, json)
Hash identifier: NezfhmnBKORo78u0UQE/fKGekpwOjmGDDBxI9Yp62LY=
Subject key identifier: E4:9C:CB:14:D3:40:D1:58:EC:08:97:6B:60:AA:91:7C:71:0B:33:E0
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 01862CE808F724482D6CD5160E65C660EA8D
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/5JzLFNNA0VjsCJdrYKqRfHELM-A.roa
Signing time: Tue 07 Feb 2023 17:24:09 +0000
ROA not before: Tue 07 Feb 2023 17:24:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1828
IP address blocks: 185.92.120.0/24 maxlen: 24
185.92.123.0/24 maxlen: 24
185.92.121.0/24 maxlen: 24
185.92.122.0/24 maxlen: 24
2a05:f240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 Mar 2023 12:07:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:e8:08:f7:24:48:2d:6c:d5:16:0e:65:c6:60:ea:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Feb 7 17:24:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e49ccb14d340d158ec08976b60aa917c710b33e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:63:84:04:3b:6e:8d:fb:1d:cf:18:bc:71:ca:
d0:9b:4d:24:c5:7f:bf:e7:84:c9:d5:e2:4e:2a:3d:
26:89:f0:fd:f5:97:f1:bd:c5:f0:19:0b:bf:f6:ac:
80:f0:0d:3a:23:62:f4:27:be:c0:b1:54:9c:55:8c:
9a:8d:58:45:b6:c4:6a:05:a3:86:59:9c:a0:99:0a:
a6:8a:20:59:30:c4:99:2f:26:ad:b7:f1:df:09:e9:
ab:40:03:c6:d0:f2:29:22:4f:9b:6f:9e:55:52:4e:
db:88:86:0e:61:40:49:b2:39:6f:4d:30:96:d4:33:
2a:1b:66:05:36:29:49:44:e3:28:7c:4f:c2:34:04:
48:bf:61:1e:f7:3c:a2:bf:5b:46:3c:a7:a1:ed:86:
dc:e4:d3:99:e5:74:1b:62:f4:a2:2c:1a:be:50:d6:
64:2c:de:8b:77:41:66:20:cd:25:93:09:71:b5:1b:
d0:c8:b0:2a:f4:45:ce:ed:21:83:fd:65:cd:02:2d:
2e:3d:1b:1f:50:00:91:78:ce:9a:b8:e9:6e:e3:29:
1b:19:54:fb:23:eb:16:b2:e9:ad:b6:11:05:7a:9a:
5a:a2:ba:4c:b6:ad:38:75:e7:c5:af:4e:83:e2:11:
35:33:87:93:77:3d:7c:9f:fe:8a:90:23:63:8d:76:
81:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9C:CB:14:D3:40:D1:58:EC:08:97:6B:60:AA:91:7C:71:0B:33:E0
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/5JzLFNNA0VjsCJdrYKqRfHELM-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.120.0/22
IPv6:
2a05:f240::/29
Signature Algorithm: sha256WithRSAEncryption
c2:2b:13:10:1e:35:9f:4b:e6:9d:6e:62:57:11:81:24:72:07:
7a:a2:2b:3f:90:86:97:c7:06:ae:4a:32:c4:3e:b1:b1:fb:44:
55:85:c4:bc:5f:6f:05:ca:41:d6:5d:77:93:ef:bc:c9:20:9a:
9c:29:0f:d6:8d:27:b3:44:b6:1e:09:df:e6:d7:bc:63:11:b9:
ce:99:99:4a:98:09:38:cb:77:9e:69:f7:f4:5f:80:9d:69:f8:
5d:c4:95:f9:7a:50:22:13:71:05:2c:aa:c8:2b:16:ad:2a:19:
44:4a:8f:bb:4d:13:24:ab:c3:3a:49:22:af:2a:2a:fc:da:90:
34:36:43:ee:48:ad:f2:52:25:2a:65:43:34:54:69:2c:3d:9a:
78:20:39:38:62:0a:72:00:a2:10:f8:25:ed:0b:68:a8:fe:8a:
52:0e:4b:65:7a:a2:8f:75:e5:c9:aa:9e:ac:26:ff:0c:0b:70:
11:1a:f9:16:d4:b9:0d:da:4f:67:6f:c4:c3:6b:44:47:4c:df:
32:fb:48:40:63:d4:9c:43:1d:0a:a7:6b:72:92:b1:56:3e:cb:
39:25:99:64:58:82:25:74:69:0b:51:23:7d:ac:42:64:d7:0d:
c0:28:ab:cb:4a:2b:5a:d8:95:17:2b:4a:89:66:84:d3:68:66:
bb:1d:f9:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYYs6Aj3JEgtbNUWDmXGYOqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjMwMjA3MTcyNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDljY2IxNGQzNDBkMTU4ZWMwODk3NmI2MGFhOTE3YzcxMGIzM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2OEBDtujfsdzxi8ccrQm00kxX+/
54TJ1eJOKj0mifD99ZfxvcXwGQu/9qyA8A06I2L0J77AsVScVYyajVhFtsRqBaOG
WZygmQqmiiBZMMSZLyatt/HfCemrQAPG0PIpIk+bb55VUk7biIYOYUBJsjlvTTCW
1DMqG2YFNilJROMofE/CNARIv2Ee9zyiv1tGPKeh7Ybc5NOZ5XQbYvSiLBq+UNZk
LN6Ld0FmIM0lkwlxtRvQyLAq9EXO7SGD/WXNAi0uPRsfUACReM6auOlu4ykbGVT7
I+sWsumtthEFeppaorpMtq04defFr06D4hE1M4eTdz18n/6KkCNjjXaBIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOScyxTTQNFY7AiXa2CqkXxxCzPgMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvNUp6TEZOTkEwVmpzQ0pkcllLcVJmSEVMTS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVx4MA0E
AgACMAcDBQMqBfJAMA0GCSqGSIb3DQEBCwUAA4IBAQDCKxMQHjWfS+adbmJXEYEk
cgd6ois/kIaXxwauSjLEPrGx+0RVhcS8X28FykHWXXeT77zJIJqcKQ/WjSezRLYe
Cd/m17xjEbnOmZlKmAk4y3eeaff0X4CdafhdxJX5elAiE3EFLKrIKxatKhlESo+7
TRMkq8M6SSKvKir82pA0NkPuSK3yUiUqZUM0VGksPZp4IDk4YgpyAKIQ+CXtC2io
/opSDktleqKPdeXJqp6sJv8MC3ARGvkW1LkN2k9nb8TDa0RHTN8y+0hAY9ScQx0K
p2tykrFWPss5JZlkWIIldGkLUSN9rEJk1w3AKKvLSita2JUXK0qJZoTTaGa7Hflk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org