Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5u-9ai0r5r3Tkg1RpIO7lAOHCW4.roa
File: 5u-9ai0r5r3Tkg1RpIO7lAOHCW4.roa (raw, json)
Hash identifier: wjqTHGWWZEjla6wHH+Rik7EXARZPhCM92CGsugW6E8w=
Subject key identifier: E6:EF:BD:6A:2D:2B:E6:BD:D3:92:0D:51:A4:83:BB:94:03:87:09:6E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857103115E46A444780EAFEBE0096EF0A6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5u-9ai0r5r3Tkg1RpIO7lAOHCW4.roa
Signing time: Mon 02 Jan 2023 05:45:04 +0000
ROA not before: Mon 02 Jan 2023 05:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.198.243.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.165.45.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
45.80.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:11:5e:46:a4:44:78:0e:af:eb:e0:09:6e:f0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6efbd6a2d2be6bdd3920d51a483bb940387096e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:41:08:c2:4d:bc:ed:9a:e7:18:d3:35:ff:bd:
69:fd:98:b6:52:8e:b3:92:58:bd:f0:e8:8a:1f:32:
d7:98:37:12:c1:84:5c:68:de:1b:f9:24:18:33:2e:
4c:6b:c2:f6:4f:3a:fb:e4:5f:ce:30:84:9b:35:94:
88:e9:e1:c6:fa:77:06:b0:4a:c0:a5:f9:2c:00:65:
a8:36:ad:40:17:0b:09:5f:2e:f0:ca:34:c0:44:5e:
a7:36:ab:9a:31:a5:8c:58:a4:85:61:e2:3f:4b:e0:
80:03:ba:43:6b:91:58:50:27:77:d7:7f:bf:5e:3c:
fd:09:23:40:d4:15:0c:2c:96:35:5c:e5:bb:98:01:
4b:08:56:04:3b:f0:bb:b5:0a:df:a7:8d:87:57:c0:
16:4b:6a:8e:55:c1:32:5e:ca:47:0b:35:71:a7:b0:
55:1a:a3:9f:86:fb:4b:20:00:15:d9:aa:cc:62:fe:
e1:7b:60:4f:73:e9:47:e3:cd:2d:c7:36:f1:22:ef:
59:cc:bf:c7:ac:ff:35:87:be:a4:e7:47:79:85:06:
74:50:3f:59:1d:7f:4e:d3:43:7c:1c:6a:be:5b:bb:
01:d8:a1:d6:47:84:10:70:c1:46:25:bd:e2:16:6b:
bd:9c:e7:24:f0:40:d9:5b:c9:7c:61:67:5e:2a:c9:
07:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EF:BD:6A:2D:2B:E6:BD:D3:92:0D:51:A4:83:BB:94:03:87:09:6E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5u-9ai0r5r3Tkg1RpIO7lAOHCW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
185.165.45.0/24
185.192.69.0/24
185.198.243.0/24
185.217.117.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:00:81:c7:78:bc:71:4a:f8:9c:18:00:6e:bd:9d:52:d0:bb:
43:f0:13:45:94:23:ed:cb:d7:3e:3a:2b:fd:26:40:4b:74:67:
e6:82:e7:c8:57:2b:c8:41:40:31:fa:bc:8d:bd:05:d4:97:a2:
5e:61:eb:1c:15:92:bd:26:51:de:f5:4b:61:6d:80:3c:e2:15:
9a:6a:1e:03:65:e1:eb:d7:4d:f3:4d:58:62:f7:78:62:9c:05:
43:eb:e1:31:0d:3b:08:e6:2e:51:07:82:fc:18:74:ae:2c:65:
cd:80:89:b2:f3:6a:5e:b6:7e:50:b3:cb:3c:b0:54:68:3a:6c:
54:1b:05:79:c0:85:e8:70:f8:66:77:20:ac:c8:82:d9:9f:42:
04:64:d6:d4:28:0a:9b:9a:ed:8c:ef:81:0c:3c:d9:e4:70:9b:
ff:61:ce:4b:f7:d7:37:9c:fe:10:93:f4:19:67:cf:fb:06:97:
ef:f0:b9:fe:fd:50:76:d8:5d:4d:41:7e:73:12:5d:d9:f6:de:
b9:a4:aa:d8:b4:93:60:51:bd:3d:82:2d:ec:e7:cf:fc:45:78:
9d:25:f1:01:d8:26:0c:de:e3:48:cf:de:e6:b3:62:4c:19:6e:
fb:06:8c:6d:1c:b9:12:7a:11:a1:90:a2:51:46:c2:09:a5:4a:
90:f9:36:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxAxFeRqREeA6v6+AJbvCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmVmYmQ2YTJkMmJlNmJkZDM5MjBkNTFhNDgzYmI5NDAzODcwOTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEEIwk287ZrnGNM1/71p/Zi2Uo6z
kli98OiKHzLXmDcSwYRcaN4b+SQYMy5Ma8L2Tzr75F/OMISbNZSI6eHG+ncGsErA
pfksAGWoNq1AFwsJXy7wyjTARF6nNquaMaWMWKSFYeI/S+CAA7pDa5FYUCd313+/
Xjz9CSNA1BUMLJY1XOW7mAFLCFYEO/C7tQrfp42HV8AWS2qOVcEyXspHCzVxp7BV
GqOfhvtLIAAV2arMYv7he2BPc+lH480txzbxIu9ZzL/HrP81h76k50d5hQZ0UD9Z
HX9O00N8HGq+W7sB2KHWR4QQcMFGJb3iFmu9nOck8EDZW8l8YWdeKskH0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFObvvWotK+a905INUaSDu5QDhwluMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNXUtOWFpMHI1cjNUa2cxUnBJTzdsQU9IQ1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVCdAwQA
uaUtAwQAucBFAwQAucbzAwQAudl1MA0GCSqGSIb3DQEBCwUAA4IBAQB7AIHHeLxx
SvicGABuvZ1S0LtD8BNFlCPty9c+Oiv9JkBLdGfmgufIVyvIQUAx+ryNvQXUl6Je
YescFZK9JlHe9UthbYA84hWaah4DZeHr103zTVhi93hinAVD6+ExDTsI5i5RB4L8
GHSuLGXNgImy82petn5Qs8s8sFRoOmxUGwV5wIXocPhmdyCsyILZn0IEZNbUKAqb
mu2M74EMPNnkcJv/Yc5L99c3nP4Qk/QZZ8/7Bpfv8Ln+/VB22F1NQX5zEl3Z9t65
pKrYtJNgUb09gi3s58/8RXidJfEB2CYM3uNIz97ms2JMGW77BoxtHLkSehGhkKJR
RsIJpUqQ+TZ2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org