Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/4vJ3O9nRk5UyWx8QW49hFh-wCfE.roa
File: 4vJ3O9nRk5UyWx8QW49hFh-wCfE.roa (raw, json)
Hash identifier: reR/v4KsD1dewDZZmjdJmtsyuM5hi0D0K9mp/vo01qw=
Subject key identifier: E2:F2:77:3B:D9:D1:93:95:32:5B:1F:10:5B:8F:61:16:1F:B0:09:F1
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 01856F5DD4F09A01D281BDC888407BDA40E0
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/4vJ3O9nRk5UyWx8QW49hFh-wCfE.roa
Signing time: Sun 01 Jan 2023 22:04:58 +0000
ROA not before: Sun 01 Jan 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206894
IP address blocks: 193.142.154.0/23 maxlen: 23
185.219.192.0/22 maxlen: 22
185.192.104.0/22 maxlen: 22
185.38.88.0/22 maxlen: 22
2a0a:2bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Feb 2023 18:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d4:f0:9a:01:d2:81:bd:c8:88:40:7b:da:40:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Jan 1 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2f2773bd9d19395325b1f105b8f61161fb009f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ce:d2:69:b1:66:ea:ab:a2:b5:0f:e6:fd:e5:
7b:5f:7d:0c:a5:48:66:ad:02:25:90:a5:19:08:a7:
df:c8:30:ab:4d:2d:ad:43:de:7d:c7:3f:03:73:a2:
78:86:0f:97:c6:6e:68:f0:d5:0b:ec:13:68:f4:03:
a3:11:bc:d5:d3:c5:35:e4:05:8a:25:02:67:37:bc:
23:01:19:ea:11:13:7e:2c:86:d1:bd:11:26:97:94:
f2:7c:57:71:12:35:e5:cc:a6:4a:37:fe:58:9d:9d:
e6:69:c6:45:a1:6d:60:b3:c1:0a:8b:2e:b2:f8:ca:
1a:77:c8:88:7c:74:af:2e:b2:c8:ea:d2:89:1f:79:
11:72:ac:e5:f9:ec:37:b8:57:90:ce:4a:ff:c3:4e:
e1:c1:00:8f:62:87:e6:fe:b6:1b:f7:00:5b:ad:8d:
e8:4a:da:85:d2:a8:09:44:84:87:c5:36:1a:c1:88:
95:f7:80:db:d6:23:53:ae:5d:fd:5f:69:09:88:38:
59:2a:d3:3a:9c:be:02:c6:99:80:ed:9e:2c:6f:be:
a7:ea:11:d7:d8:a3:8d:8b:75:5f:aa:9c:5f:34:84:
a4:8f:e1:8a:4b:44:f8:a7:7f:66:3b:99:3b:ef:4c:
ec:58:f1:48:a5:f6:6b:1c:68:78:2a:b8:b2:7b:ab:
2c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F2:77:3B:D9:D1:93:95:32:5B:1F:10:5B:8F:61:16:1F:B0:09:F1
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/4vJ3O9nRk5UyWx8QW49hFh-wCfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.88.0/22
185.192.104.0/22
185.219.192.0/22
193.142.154.0/23
IPv6:
2a0a:2bc0::/32
Signature Algorithm: sha256WithRSAEncryption
bf:4d:d6:fe:a9:6f:59:f8:a5:c5:72:dc:14:42:78:dc:ca:07:
90:e4:0e:31:70:a0:ea:6e:b4:d6:1c:57:11:77:d6:3b:fd:c9:
37:be:fe:52:5a:f7:7e:e9:ea:29:b5:fe:ca:2e:97:41:33:00:
41:fc:8d:55:e8:9a:3d:8f:34:19:83:ba:05:0b:b8:db:ba:71:
b4:f8:4e:a7:fe:be:be:a1:74:66:57:7c:77:03:bf:af:c3:62:
db:c8:94:ad:1e:25:da:7d:9c:92:7c:1c:d5:93:3a:2d:c5:7e:
e3:e3:89:8c:b2:b0:9a:6a:3a:e2:cc:5a:63:4f:70:5b:46:6d:
c5:7a:bb:18:42:34:b4:dd:84:15:99:45:04:a1:30:5c:a4:0d:
17:d7:1c:1b:80:74:a9:1b:c9:af:77:68:da:e5:58:25:0e:9e:
5c:5c:06:00:89:01:4c:51:78:9b:de:80:5e:ac:17:32:88:92:
b0:11:f0:59:b8:dc:16:1f:c5:a9:c6:5e:0e:70:f6:fa:22:04:
32:75:17:6a:82:1a:eb:42:6b:70:34:5b:d7:97:1c:62:17:d4:
74:6e:dc:0f:92:92:8e:c3:94:ed:42:80:ac:54:f2:18:32:e8:
b7:22:16:26:a0:9b:d1:ff:c3:d3:33:5e:cd:e1:ad:a5:e8:8b:
e9:b1:9a:3d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvXdTwmgHSgb3IiEB72kDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjMwMTAxMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmYyNzczYmQ5ZDE5Mzk1MzI1YjFmMTA1YjhmNjExNjFmYjAwOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM7SabFm6quitQ/m/eV7X30MpUhm
rQIlkKUZCKffyDCrTS2tQ959xz8Dc6J4hg+Xxm5o8NUL7BNo9AOjEbzV08U15AWK
JQJnN7wjARnqERN+LIbRvREml5TyfFdxEjXlzKZKN/5YnZ3macZFoW1gs8EKiy6y
+Moad8iIfHSvLrLI6tKJH3kRcqzl+ew3uFeQzkr/w07hwQCPYofm/rYb9wBbrY3o
StqF0qgJRISHxTYawYiV94Db1iNTrl39X2kJiDhZKtM6nL4CxpmA7Z4sb76n6hHX
2KONi3VfqpxfNISkj+GKS0T4p39mO5k770zsWPFIpfZrHGh4Kriye6ssWwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOLydzvZ0ZOVMlsfEFuPYRYfsAnxMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvNHZKM085blJrNVV5V3g4UVc0OWhGaC13Q2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSZYAwQC
ucBoAwQCudvAAwQBwY6aMA0EAgACMAcDBQAqCivAMA0GCSqGSIb3DQEBCwUAA4IB
AQC/Tdb+qW9Z+KXFctwUQnjcygeQ5A4xcKDqbrTWHFcRd9Y7/ck3vv5SWvd+6eop
tf7KLpdBMwBB/I1V6Jo9jzQZg7oFC7jbunG0+E6n/r6+oXRmV3x3A7+vw2LbyJSt
HiXafZySfBzVkzotxX7j44mMsrCaajrizFpjT3BbRm3FersYQjS03YQVmUUEoTBc
pA0X1xwbgHSpG8mvd2ja5VglDp5cXAYAiQFMUXib3oBerBcyiJKwEfBZuNwWH8Wp
xl4OcPb6IgQydRdqghrrQmtwNFvXlxxiF9R0btwPkpKOw5TtQoCsVPIYMui3IhYm
oJvR/8PTM17N4a2l6IvpsZo9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:49 2024 by rpki-client on console-ams.rpki-client.org