Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/u8IFKw8NlItFbevCmP4185hHdHo.roa
File: u8IFKw8NlItFbevCmP4185hHdHo.roa (raw, json)
Hash identifier: IOdYWb+Ul7T5+Z3QuJJ/sF4Y222lwpgOrgkgyZZgAUA=
Subject key identifier: BB:C2:05:2B:0F:0D:94:8B:45:6D:EB:C2:98:FE:35:F3:98:47:74:7A
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 01856E542BCFE77DADB9FCBB43FC2045CFFC
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/u8IFKw8NlItFbevCmP4185hHdHo.roa
Signing time: Sun 01 Jan 2023 17:14:47 +0000
ROA not before: Sun 01 Jan 2023 17:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:54:2b:cf:e7:7d:ad:b9:fc:bb:43:fc:20:45:cf:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Jan 1 17:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbc2052b0f0d948b456debc298fe35f39847747a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:15:d5:95:0a:6d:50:6d:1b:49:a9:ab:3c:2e:
2f:44:bf:e1:1e:ac:7d:99:9b:d4:f5:83:56:e0:3c:
49:d4:d5:1c:14:e1:fa:da:2d:f1:86:36:c9:ed:14:
e5:69:13:ce:5d:d6:c1:b0:7c:b6:d6:c9:16:e3:04:
49:33:45:c4:3c:ae:2d:36:63:46:6b:b3:b5:57:0e:
1b:84:52:0e:be:82:18:5b:ce:cb:d4:3e:4f:fe:63:
0c:6e:0b:7a:1b:4e:7c:de:21:04:06:64:b5:1b:fb:
02:f3:b8:32:47:f9:eb:96:16:e8:fc:8e:23:5b:47:
28:6d:df:d1:ef:7d:56:4a:0f:38:df:32:ff:c2:fd:
d2:03:b6:36:9a:94:b8:b8:0d:e3:42:7d:fe:d0:c8:
c7:c0:78:e6:25:31:11:70:fa:9e:15:52:00:ed:93:
43:0f:ec:e3:39:36:f9:e3:b4:75:53:f3:b9:03:06:
f9:c6:88:db:c2:3c:30:2d:a3:b0:a8:20:fa:28:24:
ac:4e:9d:20:3a:cb:d6:15:5d:f2:e2:4e:57:ef:b7:
c5:03:18:00:8f:24:ec:df:6e:53:7c:f3:93:ac:12:
f6:d4:5d:15:bc:e4:51:78:b7:6a:51:5b:55:79:60:
be:9f:53:d1:c5:d2:01:60:df:7f:ac:10:8d:57:21:
48:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C2:05:2B:0F:0D:94:8B:45:6D:EB:C2:98:FE:35:F3:98:47:74:7A
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/u8IFKw8NlItFbevCmP4185hHdHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.117.0-5.145.119.255
185.24.252.0/23
IPv6:
2a04:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
a0:9f:5d:85:e0:e7:9c:13:e3:fb:40:20:d2:27:7d:e1:81:0e:
ad:dc:0e:a9:16:25:d1:39:26:88:96:91:6c:d5:a7:01:85:51:
8e:86:97:3b:3b:c0:6d:25:30:71:e9:4f:6a:e7:93:c2:ef:6e:
52:ad:3e:96:e0:5d:ad:41:25:eb:2f:62:a0:55:98:f2:b2:0a:
51:a2:6a:cc:9f:8e:60:d7:6b:e8:ea:8b:99:38:93:3d:48:3d:
16:4e:4e:ec:e8:ee:d1:e2:0d:13:cd:b9:61:9a:74:2f:17:cd:
9d:bd:b0:d6:f5:84:06:15:2f:85:d9:b8:98:75:7f:3a:47:ef:
e8:cf:09:0a:97:08:9b:54:2b:f1:68:98:fb:06:c1:a2:23:50:
ac:78:8e:14:c0:95:1b:fb:e5:d3:b1:96:32:e0:87:07:9c:e6:
29:6f:66:ee:2b:8f:3c:b1:4e:af:31:f2:a7:16:9e:3c:80:dd:
99:06:fa:5e:72:50:b1:5d:f0:94:98:cb:83:cd:9b:a3:05:e3:
fc:8e:04:7c:0c:c8:38:ca:de:5a:68:83:96:99:be:8d:e2:be:
66:53:15:25:2b:7e:9c:3c:ae:89:32:6a:0d:d6:29:c9:ab:7b:
d4:8f:1c:1c:12:37:dd:f2:43:17:89:b8:92:a8:fd:f7:84:11:
56:c1:7e:1b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVuVCvP532tufy7Q/wgRc/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjMwMTAxMTcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmMyMDUyYjBmMGQ5NDhiNDU2ZGViYzI5OGZlMzVmMzk4NDc3NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhXVlQptUG0bSamrPC4vRL/hHqx9
mZvU9YNW4DxJ1NUcFOH62i3xhjbJ7RTlaRPOXdbBsHy21skW4wRJM0XEPK4tNmNG
a7O1Vw4bhFIOvoIYW87L1D5P/mMMbgt6G0583iEEBmS1G/sC87gyR/nrlhbo/I4j
W0cobd/R731WSg843zL/wv3SA7Y2mpS4uA3jQn3+0MjHwHjmJTERcPqeFVIA7ZND
D+zjOTb547R1U/O5Awb5xojbwjwwLaOwqCD6KCSsTp0gOsvWFV3y4k5X77fFAxgA
jyTs325TfPOTrBL21F0VvORReLdqUVtVeWC+n1PRxdIBYN9/rBCNVyFIrQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLvCBSsPDZSLRW3rwpj+NfOYR3R6MB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvdThJRkt3OE5sSXRGYmV2Q21QNDE4NWhIZEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAAFkXUD
BAMFkXADBAG5GPwwDwQCAAIwCQMHACoELwAAADANBgkqhkiG9w0BAQsFAAOCAQEA
oJ9dheDnnBPj+0Ag0id94YEOrdwOqRYl0TkmiJaRbNWnAYVRjoaXOzvAbSUwcelP
aueTwu9uUq0+luBdrUEl6y9ioFWY8rIKUaJqzJ+OYNdr6OqLmTiTPUg9Fk5O7Oju
0eINE825YZp0LxfNnb2w1vWEBhUvhdm4mHV/Okfv6M8JCpcIm1Qr8WiY+wbBoiNQ
rHiOFMCVG/vl07GWMuCHB5zmKW9m7iuPPLFOrzHypxaePIDdmQb6XnJQsV3wlJjL
g82bowXj/I4EfAzIOMreWmiDlpm+jeK+ZlMVJSt+nDyuiTJqDdYpyat71I8cHBI3
3fJDF4m4kqj994QRVsF+Gw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:13 2023 by rpki-client on console-ams.rpki-client.org