Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5oYnLu71ip4FWdU36rYRp5V6SyM.roa
File: 5oYnLu71ip4FWdU36rYRp5V6SyM.roa (raw, json)
Hash identifier: rYNfDpX3xpuOfGlP9bZd6f9Oir1ouw4jN3ZZqWfHKsE=
Subject key identifier: E6:86:27:2E:EE:F5:8A:9E:05:59:D5:37:EA:B6:11:A7:95:7A:4B:23
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189726768C53D0D7FF55820E22FBEB48DF1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5oYnLu71ip4FWdU36rYRp5V6SyM.roa
Signing time: Thu 20 Jul 2023 08:25:26 +0000
ROA not before: Thu 20 Jul 2023 08:25:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 185.221.22.0/24 maxlen: 24
185.221.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 11:59:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:67:68:c5:3d:0d:7f:f5:58:20:e2:2f:be:b4:8d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 20 08:25:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e686272eeef58a9e0559d537eab611a7957a4b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:97:f5:03:35:53:f0:8b:f5:17:ec:2e:44:b2:
6d:f8:c0:f6:0d:9d:92:51:e6:c5:0b:13:2e:03:96:
93:e6:bd:a3:39:a8:84:ad:31:c5:97:d6:d0:68:7b:
7d:e2:dc:8b:a0:52:04:a9:f9:c0:6e:93:b3:be:42:
52:db:2e:da:3d:30:a2:08:99:de:13:3b:08:e5:2a:
4b:f1:ba:ca:7b:34:e9:38:59:a1:c8:d3:9c:1c:8c:
c1:6d:89:5f:83:30:b8:c8:fb:77:80:bd:71:48:90:
fd:0f:1e:1b:b5:ca:f4:23:78:39:d8:1d:3b:5b:13:
c9:77:3e:cf:d6:ac:7f:19:ec:a7:4e:e4:73:42:3b:
74:56:d5:38:fd:76:d5:0a:56:b8:b2:09:ac:53:1a:
df:66:8e:a0:17:e3:51:10:35:db:62:c5:d4:73:09:
d4:0f:4b:15:89:58:2d:b8:ee:e8:2f:aa:5a:e2:b0:
b9:b1:3f:8c:95:90:36:11:fd:eb:53:16:7e:86:ac:
7f:1c:11:60:3b:eb:08:a0:87:3e:51:c1:a9:ca:f9:
7e:6c:a6:0f:4f:c1:e5:31:3f:3a:0a:0d:56:39:0b:
24:fa:cf:3e:29:60:6d:fb:fc:9d:88:78:92:f1:81:
6b:6d:d3:a8:22:de:2c:19:94:16:c0:4a:c2:74:ae:
e5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:86:27:2E:EE:F5:8A:9E:05:59:D5:37:EA:B6:11:A7:95:7A:4B:23
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5oYnLu71ip4FWdU36rYRp5V6SyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.22.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:6b:a4:d8:1e:02:c6:06:45:bf:3a:09:94:e8:e6:6a:88:0b:
90:51:f8:2e:6c:91:61:8f:d3:57:97:e2:97:16:6c:f5:42:56:
47:e9:de:94:6d:28:f6:37:b1:42:89:40:ef:a8:66:f0:82:35:
c9:88:f5:d1:59:01:e8:16:ce:db:11:30:e1:c5:f4:27:c3:e9:
0d:5d:7f:5e:79:4b:ad:d2:e8:f1:5c:e5:29:57:dc:86:a0:8b:
94:b6:ff:88:e2:1c:54:b3:89:5a:bd:7e:d1:cd:8f:85:3e:b7:
07:a4:6b:6d:ed:72:19:02:5a:f2:cc:a7:f6:3e:f2:95:4c:48:
85:e2:1b:b9:a4:98:54:8e:f5:8e:1a:e5:c9:1d:78:62:9c:79:
00:74:e5:3e:0e:63:00:96:d3:ce:d8:3c:f9:fc:d5:fe:84:22:
ac:cc:6a:26:6f:bd:5a:4c:12:6e:e8:34:6a:66:bf:78:7e:14:
d2:de:91:19:63:e1:cf:3e:84:36:67:50:16:5c:6f:0b:59:a0:
5e:31:00:05:c1:4d:38:a1:64:31:42:28:94:7c:44:d4:8f:44:
ff:9c:af:0d:69:46:8f:91:89:c4:51:b8:e2:d7:8d:a2:31:8c:
16:df:3a:5d:56:21:35:47:5d:07:a7:58:1d:9b:03:39:d7:3a:
5d:c9:7c:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlyZ2jFPQ1/9Vgg4i++tI3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzIwMDgyNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjg2MjcyZWVlZjU4YTllMDU1OWQ1MzdlYWI2MTFhNzk1N2E0YjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipf1AzVT8Iv1F+wuRLJt+MD2DZ2S
UebFCxMuA5aT5r2jOaiErTHFl9bQaHt94tyLoFIEqfnAbpOzvkJS2y7aPTCiCJne
EzsI5SpL8brKezTpOFmhyNOcHIzBbYlfgzC4yPt3gL1xSJD9Dx4btcr0I3g52B07
WxPJdz7P1qx/GeynTuRzQjt0VtU4/XbVCla4sgmsUxrfZo6gF+NREDXbYsXUcwnU
D0sViVgtuO7oL6pa4rC5sT+MlZA2Ef3rUxZ+hqx/HBFgO+sIoIc+UcGpyvl+bKYP
T8HlMT86Cg1WOQsk+s8+KWBt+/ydiHiS8YFrbdOoIt4sGZQWwErCdK7lrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaGJy7u9YqeBVnVN+q2EaeVeksjMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNW9Zbkx1NzFpcDRGV2RVMzZyWVJwNVY2U3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBud0WMA0G
CSqGSIb3DQEBCwUAA4IBAQBfa6TYHgLGBkW/OgmU6OZqiAuQUfgubJFhj9NXl+KX
Fmz1QlZH6d6UbSj2N7FCiUDvqGbwgjXJiPXRWQHoFs7bETDhxfQnw+kNXX9eeUut
0ujxXOUpV9yGoIuUtv+I4hxUs4lavX7RzY+FPrcHpGtt7XIZAlryzKf2PvKVTEiF
4hu5pJhUjvWOGuXJHXhinHkAdOU+DmMAltPO2Dz5/NX+hCKszGomb71aTBJu6DRq
Zr94fhTS3pEZY+HPPoQ2Z1AWXG8LWaBeMQAFwU04oWQxQiiUfETUj0T/nK8NaUaP
kYnEUbji142iMYwW3zpdViE1R10Hp1gdmwM51zpdyXwu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org