Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5xBFcsOm5krHB4em23Xn66PCAMU.roa
File: 5xBFcsOm5krHB4em23Xn66PCAMU.roa (raw, json)
Hash identifier: V6pXa8BfVT+hD7P4nLXM8n4h8qQ++dIKte0St8ciYUM=
Subject key identifier: E7:10:45:72:C3:A6:E6:4A:C7:07:87:A6:DB:75:E7:EB:A3:C2:00:C5
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A4FD885FC5561FEE0E68A710FF31BED5D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5xBFcsOm5krHB4em23Xn66PCAMU.roa
Signing time: Fri 01 Sep 2023 08:25:04 +0000
ROA not before: Fri 01 Sep 2023 08:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 45.90.19.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Sep 2023 09:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:d8:85:fc:55:61:fe:e0:e6:8a:71:0f:f3:1b:ed:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 1 08:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7104572c3a6e64ac70787a6db75e7eba3c200c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:a5:5a:07:2f:70:43:50:eb:12:1d:57:a7:
08:c9:d0:f4:93:19:a2:f4:d0:46:18:bf:67:e0:dd:
5e:e8:10:d2:b6:62:b7:c7:46:09:91:cf:ab:71:c6:
10:1c:bc:a9:28:20:84:ab:8f:07:2b:26:84:e0:20:
f3:53:81:21:98:1c:82:01:be:6a:1e:95:ac:8a:c1:
b2:13:4c:92:90:39:30:fe:d7:b3:4f:0f:a4:e4:12:
b1:9f:f2:e6:69:a9:6e:64:e1:ca:d6:4f:de:c8:a8:
c9:b9:e5:99:be:a0:29:c8:ff:53:4d:2e:ce:6e:ee:
a7:1d:ac:f6:cc:cf:f9:23:13:14:93:b5:51:04:fb:
72:ed:d7:32:cc:40:9c:e5:b2:59:1a:e0:66:66:85:
d9:df:cb:ba:96:f1:34:92:64:58:fe:03:f4:0a:65:
e1:b1:8a:44:6f:90:8b:ea:69:0c:12:2a:03:3d:97:
86:7b:14:54:99:07:09:29:45:a8:64:18:a1:ac:00:
e1:92:35:e1:1c:b5:6f:ac:43:14:61:b9:6a:cc:17:
7b:36:29:c2:83:fc:01:00:a2:3c:c3:ae:20:fe:a9:
10:12:f4:80:ae:52:a1:70:d7:2d:47:fd:fd:12:1e:
11:a2:fb:ec:eb:89:41:c6:39:68:12:65:10:c1:6b:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:10:45:72:C3:A6:E6:4A:C7:07:87:A6:DB:75:E7:EB:A3:C2:00:C5
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/5xBFcsOm5krHB4em23Xn66PCAMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.19.0/24
185.214.102.0/24
185.225.0.0/24
Signature Algorithm: sha256WithRSAEncryption
84:ec:c2:c7:da:b4:fc:ce:35:e7:37:14:f9:fb:7f:e2:e6:3a:
72:1c:6a:09:a5:dd:eb:4d:5c:b8:00:22:18:d6:6b:40:b6:ee:
06:ac:9e:fd:ff:f9:35:c3:f9:6d:9b:7e:a6:16:c6:30:43:2e:
82:43:b9:2d:07:b6:3f:bc:83:e2:9a:4d:48:17:46:f2:b2:5c:
2f:a8:d8:6c:9b:01:68:05:54:55:00:00:ab:06:fd:0b:38:5d:
f9:75:24:d7:62:ce:19:38:8b:87:a0:34:5c:07:52:a2:cc:59:
ec:2d:55:ce:b2:1c:b2:65:43:f6:3d:4b:ef:0b:07:50:01:1f:
51:8d:98:1c:5f:fa:1c:8b:07:2a:97:50:30:cb:52:f6:1d:8b:
be:80:4d:be:9a:e5:91:de:f6:e9:e7:0d:30:7f:50:90:56:aa:
94:ce:0b:f3:da:45:90:17:19:ad:87:11:2e:5e:b3:c7:a1:e3:
c5:8f:16:87:a5:60:83:4a:4a:29:83:15:cb:dd:8c:e5:2a:e7:
64:f7:39:89:bc:b6:f0:a8:55:12:f2:78:6e:01:f3:e3:16:3e:
d5:4e:e1:09:3a:40:63:22:95:f3:1e:ba:b6:2c:91:48:b5:6c:
a6:5a:02:9a:ec:b6:40:c2:63:1f:ea:af:da:61:d7:42:8b:a8:
e2:f0:d9:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpP2IX8VWH+4OaKcQ/zG+1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTAxMDgyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzEwNDU3MmMzYTZlNjRhYzcwNzg3YTZkYjc1ZTdlYmEzYzIwMGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS+lWgcvcENQ6xIdV6cIydD0kxmi
9NBGGL9n4N1e6BDStmK3x0YJkc+rccYQHLypKCCEq48HKyaE4CDzU4EhmByCAb5q
HpWsisGyE0ySkDkw/tezTw+k5BKxn/LmaaluZOHK1k/eyKjJueWZvqApyP9TTS7O
bu6nHaz2zM/5IxMUk7VRBPty7dcyzECc5bJZGuBmZoXZ38u6lvE0kmRY/gP0CmXh
sYpEb5CL6mkMEioDPZeGexRUmQcJKUWoZBihrADhkjXhHLVvrEMUYblqzBd7NinC
g/wBAKI8w64g/qkQEvSArlKhcNctR/39Eh4Rovvs64lBxjloEmUQwWvO/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOcQRXLDpuZKxweHptt15+ujwgDFMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNXhCRmNzT201a3JIQjRlbTIzWG42NlBDQU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVoTAwQA
udZmAwQAueEAMA0GCSqGSIb3DQEBCwUAA4IBAQCE7MLH2rT8zjXnNxT5+3/i5jpy
HGoJpd3rTVy4ACIY1mtAtu4GrJ79//k1w/ltm36mFsYwQy6CQ7ktB7Y/vIPimk1I
F0byslwvqNhsmwFoBVRVAACrBv0LOF35dSTXYs4ZOIuHoDRcB1KizFnsLVXOshyy
ZUP2PUvvCwdQAR9RjZgcX/ociwcql1Awy1L2HYu+gE2+muWR3vbp5w0wf1CQVqqU
zgvz2kWQFxmthxEuXrPHoePFjxaHpWCDSkopgxXL3YzlKudk9zmJvLbwqFUS8nhu
AfPjFj7VTuEJOkBjIpXzHrq2LJFItWymWgKa7LZAwmMf6q/aYddCi6ji8Nlr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org