Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/r_BdS6xR9QFUJhPyqyoGDPM9hC0.roa
File: r_BdS6xR9QFUJhPyqyoGDPM9hC0.roa (raw, json)
Hash identifier: AEwRRbGIPihvrOGpHUI72H/obUqdY2BsU4cXzvng0XI=
Subject key identifier: AF:F0:5D:4B:AC:51:F5:01:54:26:13:F2:AB:2A:06:0C:F3:3D:84:2D
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0187F09F52E0FE38CF062A1675DEFCF6D575
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/r_BdS6xR9QFUJhPyqyoGDPM9hC0.roa
Signing time: Sat 06 May 2023 10:33:05 +0000
ROA not before: Sat 06 May 2023 10:33:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60256
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.254.0/24 maxlen: 24
5.145.112.0/23 maxlen: 23
5.145.112.0/24 maxlen: 24
5.145.115.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:9f:52:e0:fe:38:cf:06:2a:16:75:de:fc:f6:d5:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: May 6 10:33:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aff05d4bac51f501542613f2ab2a060cf33d842d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ed:be:ec:ba:d1:c0:51:cc:ba:3e:3b:a1:d9:
04:c7:55:b7:18:c8:b5:e6:a1:1f:b8:f7:cf:47:6f:
34:7b:6b:dd:18:ea:b5:7f:06:d2:bc:79:3c:11:8c:
e0:41:4e:7b:50:da:e9:84:52:ce:40:4d:57:e5:a5:
d3:35:92:f0:7f:a0:5d:f3:bd:3d:ee:4e:36:ea:92:
5e:61:a7:b0:b8:e8:15:f1:37:88:4a:5f:91:e6:fd:
8e:d4:92:b5:82:b1:d1:a3:68:5b:92:e2:f7:8e:01:
cb:ce:3e:df:fa:8b:df:b2:49:b2:ae:34:32:e4:12:
aa:90:09:5a:f0:86:ac:01:c0:a3:2a:64:1d:ba:78:
47:11:91:db:d8:2b:c1:03:ce:98:65:5f:ab:b0:6e:
b5:12:42:ca:60:43:9e:d1:82:c6:a8:ff:48:ac:2c:
c4:0a:e3:2a:01:54:bb:88:c0:d2:e9:98:fd:24:8e:
59:14:43:be:9c:b4:c7:28:75:09:1b:9d:2f:40:70:
ed:fb:8e:f8:1b:71:d2:18:81:31:10:87:75:cc:fc:
f2:63:a5:9c:78:6b:f2:22:16:9d:9e:00:b1:6b:d2:
42:69:f4:a2:8f:f7:6d:51:de:26:e4:0c:f8:ff:41:
2c:be:1d:2f:1e:7f:12:9a:84:a7:fe:7e:15:1c:3f:
5d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F0:5D:4B:AC:51:F5:01:54:26:13:F2:AB:2A:06:0C:F3:3D:84:2D
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/r_BdS6xR9QFUJhPyqyoGDPM9hC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.112.0/23
5.145.115.0/24
5.145.118.0/23
185.24.254.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d7:b6:b4:21:8b:61:8a:d5:6b:65:38:c3:91:8d:9f:bf:fa:
e1:e9:56:2e:3a:a0:12:a7:cb:54:57:1d:87:31:3c:e2:0e:2a:
f3:f3:cf:fe:e9:55:4c:44:46:c3:b3:b7:e7:b0:48:5f:d5:4d:
88:3f:63:ef:15:09:a5:0e:af:8b:71:f9:c6:07:ba:ef:fe:7b:
63:c3:94:87:81:16:6d:02:a1:6a:d6:7a:30:62:79:a6:54:2d:
e9:48:f9:91:0b:fb:d2:ff:b5:c5:29:d6:16:2d:7d:f4:61:83:
08:e1:93:b7:8a:d1:4f:82:8b:ad:78:3f:2c:2d:8f:de:14:43:
dc:46:dc:fb:a7:d0:49:0d:a5:a6:7c:51:e1:f8:03:e1:98:29:
36:9c:db:8b:0f:cd:d5:4a:4b:8b:2e:b1:6a:a2:82:da:bf:2e:
82:13:2e:b9:18:3d:b3:4b:35:dc:2d:5b:13:00:89:69:01:25:
f4:3d:36:e0:8e:a4:7c:22:be:22:7c:c0:08:91:ff:b0:ec:2e:
ad:2a:51:2f:ad:d1:d7:32:0d:a1:d2:1b:fe:27:7e:7a:8c:92:
30:e1:7f:97:14:65:e2:e7:d8:d8:d5:ee:d6:8c:74:96:f9:c2:
82:cf:89:f1:9e:00:fb:c9:a3:f9:11:8a:8f:1e:e0:ad:82:6d:
d1:b2:af:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfwn1Lg/jjPBioWdd789tV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjMwNTA2MTAzMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmYwNWQ0YmFjNTFmNTAxNTQyNjEzZjJhYjJhMDYwY2YzM2Q4NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2e2+7LrRwFHMuj47odkEx1W3GMi1
5qEfuPfPR280e2vdGOq1fwbSvHk8EYzgQU57UNrphFLOQE1X5aXTNZLwf6Bd8709
7k426pJeYaewuOgV8TeISl+R5v2O1JK1grHRo2hbkuL3jgHLzj7f+ovfskmyrjQy
5BKqkAla8IasAcCjKmQdunhHEZHb2CvBA86YZV+rsG61EkLKYEOe0YLGqP9IrCzE
CuMqAVS7iMDS6Zj9JI5ZFEO+nLTHKHUJG50vQHDt+474G3HSGIExEId1zPzyY6Wc
eGvyIhadngCxa9JCafSij/dtUd4m5Az4/0Esvh0vHn8SmoSn/n4VHD9dhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK/wXUusUfUBVCYT8qsqBgzzPYQtMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvcl9CZFM2eFI5UUZVSmhQeXF5b0dEUE05aEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBZFwAwQA
BZFzAwQBBZF2AwQAuRj+MA0GCSqGSIb3DQEBCwUAA4IBAQAQ17a0IYthitVrZTjD
kY2fv/rh6VYuOqASp8tUVx2HMTziDirz88/+6VVMREbDs7fnsEhf1U2IP2PvFQml
Dq+LcfnGB7rv/ntjw5SHgRZtAqFq1nowYnmmVC3pSPmRC/vS/7XFKdYWLX30YYMI
4ZO3itFPgouteD8sLY/eFEPcRtz7p9BJDaWmfFHh+APhmCk2nNuLD83VSkuLLrFq
ooLavy6CEy65GD2zSzXcLVsTAIlpASX0PTbgjqR8Ir4ifMAIkf+w7C6tKlEvrdHX
Mg2h0hv+J356jJIw4X+XFGXi59jY1e7WjHSW+cKCz4nxngD7yaP5EYqPHuCtgm3R
sq8n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:15 2024 by rpki-client on console-ams.rpki-client.org