Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/5XMKBjFmnp7pGKi1K5GcfpNwhvg.roa
File: 5XMKBjFmnp7pGKi1K5GcfpNwhvg.roa (raw, json)
Hash identifier: ON+ywCT/q9WETt+oeMPp52asC6XH1nTXs9rZEX95CLw=
Subject key identifier: E5:73:0A:06:31:66:9E:9E:E9:18:A8:B5:2B:91:9C:7E:93:70:86:F8
Certificate issuer: /CN=32facf5d02730268d3b1e76c96b0f8588d998b4f
Certificate serial: 018572D5C9930D15B6E13DD940CDDC6D721E
Authority key identifier: 32:FA:CF:5D:02:73:02:68:D3:B1:E7:6C:96:B0:F8:58:8D:99:8B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MvrPXQJzAmjTsedslrD4WI2Zi08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/5XMKBjFmnp7pGKi1K5GcfpNwhvg.roa
Signing time: Mon 02 Jan 2023 14:14:51 +0000
ROA not before: Mon 02 Jan 2023 14:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203247
IP address blocks: 185.141.48.0/24 maxlen: 24
185.141.51.0/24 maxlen: 24
185.141.50.0/24 maxlen: 24
185.141.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:c9:93:0d:15:b6:e1:3d:d9:40:cd:dc:6d:72:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32facf5d02730268d3b1e76c96b0f8588d998b4f
Validity
Not Before: Jan 2 14:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5730a0631669e9ee918a8b52b919c7e937086f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:00:15:b9:a7:c8:df:77:5b:e1:c6:b0:ad:33:
cb:2d:09:29:c9:6d:64:d9:e1:c4:a0:06:2f:0a:cb:
9d:76:97:31:51:c6:59:c1:fb:6e:47:a3:14:da:6a:
03:2a:f0:bc:cf:23:61:ce:91:b8:c1:87:86:f9:f8:
2d:7f:ca:74:59:9d:e1:61:6f:bf:9b:4d:5c:93:81:
e7:a7:de:73:a3:7f:b7:0a:f9:8a:6a:5c:0c:0e:41:
78:9c:2f:90:14:37:e3:14:a2:2b:d2:4c:38:58:65:
c7:c0:60:07:7b:ab:41:cf:aa:9c:f4:79:8d:94:7e:
a8:7d:6a:c5:5f:d8:86:f3:90:67:4c:d5:81:01:89:
a6:e3:7b:2c:e1:dd:c9:68:7d:81:b4:34:a3:93:86:
7e:69:31:60:24:2e:16:7d:11:32:c5:57:4e:50:34:
c0:d7:df:1f:c6:bf:71:db:0f:00:2e:e3:2c:f3:8d:
c2:cc:a4:ee:70:fd:94:0c:79:11:da:68:f4:7f:86:
71:e3:a8:f1:e8:e3:f4:33:9f:70:63:09:bf:c0:6c:
33:ca:1f:6d:a6:db:0d:49:7d:6a:08:8e:60:8a:25:
60:08:f7:c4:de:14:f6:43:55:e2:ac:bc:55:7b:5a:
62:b6:d4:89:d8:8e:cd:92:3f:df:e0:84:16:ce:2b:
04:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:73:0A:06:31:66:9E:9E:E9:18:A8:B5:2B:91:9C:7E:93:70:86:F8
X509v3 Authority Key Identifier:
keyid:32:FA:CF:5D:02:73:02:68:D3:B1:E7:6C:96:B0:F8:58:8D:99:8B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MvrPXQJzAmjTsedslrD4WI2Zi08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/5XMKBjFmnp7pGKi1K5GcfpNwhvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a4cb95-9127-4869-8f90-9e4e46f60a68/1/MvrPXQJzAmjTsedslrD4WI2Zi08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.48.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:0f:e6:7f:6b:c3:75:71:f7:63:e6:c4:b8:3e:91:9f:d9:0d:
30:1d:bb:3d:31:e8:9f:5e:0a:76:60:34:09:7a:04:fa:4a:a2:
8b:05:71:9b:22:c9:70:5f:42:5a:5a:53:18:38:6f:01:81:c0:
0f:89:cf:8a:72:fd:73:81:0b:b8:10:27:71:3c:2c:74:e0:d1:
ed:63:76:19:2d:4b:73:4f:e8:29:a9:91:4f:9e:ba:73:19:ef:
17:c3:19:f5:38:81:1a:22:80:83:6c:87:c9:18:08:d4:41:d2:
ed:d1:46:bd:cd:e2:e0:33:20:39:9e:ab:8d:6a:dc:41:b9:02:
46:29:a1:af:3e:eb:d7:11:5f:dd:f6:26:25:6c:1c:72:4f:84:
73:44:7c:55:65:95:be:76:d6:21:93:98:a8:f0:c4:83:08:cb:
04:2f:82:55:af:98:42:aa:36:0f:c2:30:27:d6:f5:b5:1b:10:
c7:1d:61:fb:c0:8e:df:d2:4c:27:88:b6:52:e3:68:b4:d3:ae:
15:52:50:1c:9d:89:db:0a:e2:76:a1:3f:22:1a:23:65:a7:10:
d5:d1:87:d7:f0:d9:37:98:a7:4d:f4:40:ae:dc:ba:39:e1:97:
f0:05:5d:f3:75:73:70:57:11:10:5c:ea:4d:15:95:a5:a9:b9:
ad:29:7d:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1cmTDRW24T3ZQM3cbXIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZmFjZjVkMDI3MzAyNjhkM2IxZTc2Yzk2YjBmODU4OGQ5
OThiNGYwHhcNMjMwMTAyMTQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTczMGEwNjMxNjY5ZTllZTkxOGE4YjUyYjkxOWM3ZTkzNzA4NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwAVuafI33db4cawrTPLLQkpyW1k
2eHEoAYvCsuddpcxUcZZwftuR6MU2moDKvC8zyNhzpG4wYeG+fgtf8p0WZ3hYW+/
m01ck4Hnp95zo3+3CvmKalwMDkF4nC+QFDfjFKIr0kw4WGXHwGAHe6tBz6qc9HmN
lH6ofWrFX9iG85BnTNWBAYmm43ss4d3JaH2BtDSjk4Z+aTFgJC4WfREyxVdOUDTA
198fxr9x2w8ALuMs843CzKTucP2UDHkR2mj0f4Zx46jx6OP0M59wYwm/wGwzyh9t
ptsNSX1qCI5giiVgCPfE3hT2Q1XirLxVe1pittSJ2I7Nkj/f4IQWzisEZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVzCgYxZp6e6RiotSuRnH6TcIb4MB8GA1UdIwQY
MBaAFDL6z10CcwJo07HnbJaw+FiNmYtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXZyUFhRSnpBbWpUc2Vkc2xyRDRXSTJaaTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNGNiOTUtOTEyNy00ODY5LThmOTAt
OWU0ZTQ2ZjYwYTY4LzEvNVhNS0JqRm1ucDdwR0tpMUs1R2NmcE53aHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNGNiOTUtOTEyNy00ODY5LThmOTAtOWU0ZTQ2ZjYwYTY4
LzEvTXZyUFhRSnpBbWpUc2Vkc2xyRDRXSTJaaTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY0wMA0G
CSqGSIb3DQEBCwUAA4IBAQCkD+Z/a8N1cfdj5sS4PpGf2Q0wHbs9MeifXgp2YDQJ
egT6SqKLBXGbIslwX0JaWlMYOG8BgcAPic+Kcv1zgQu4ECdxPCx04NHtY3YZLUtz
T+gpqZFPnrpzGe8Xwxn1OIEaIoCDbIfJGAjUQdLt0Ua9zeLgMyA5nquNatxBuQJG
KaGvPuvXEV/d9iYlbBxyT4RzRHxVZZW+dtYhk5io8MSDCMsEL4JVr5hCqjYPwjAn
1vW1GxDHHWH7wI7f0kwniLZS42i0064VUlAcnYnbCuJ2oT8iGiNlpxDV0YfX8Nk3
mKdN9ECu3Lo54ZfwBV3zdXNwVxEQXOpNFZWlqbmtKX3y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:30 2024 by rpki-client on console-fra.rpki-client.org