Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/289606-9f5b-4d34-aacf-2fd650cefd21/1/5z8R0iyoanwZIJeZbGjF3viu744.roa
File: 5z8R0iyoanwZIJeZbGjF3viu744.roa (raw, json)
Hash identifier: ROYBSur2w3B6bV9krxqoX9662BqUwJ5pNX8EXrNHmKA=
Subject key identifier: E7:3F:11:D2:2C:A8:6A:7C:19:20:97:99:6C:68:C5:DE:F8:AE:EF:8E
Certificate issuer: /CN=8478b76c69c9915294fdc39135e20dac73762225
Certificate serial: 01856F42AA80841A12B21320D9B2C6DE46D2
Authority key identifier: 84:78:B7:6C:69:C9:91:52:94:FD:C3:91:35:E2:0D:AC:73:76:22:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hHi3bGnJkVKU_cORNeINrHN2IiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/289606-9f5b-4d34-aacf-2fd650cefd21/1/5z8R0iyoanwZIJeZbGjF3viu744.roa
Signing time: Sun 01 Jan 2023 21:35:18 +0000
ROA not before: Sun 01 Jan 2023 21:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204425
IP address blocks: 185.245.224.0/24 maxlen: 24
185.245.224.0/22 maxlen: 22
2a0d:7c80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:aa:80:84:1a:12:b2:13:20:d9:b2:c6:de:46:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8478b76c69c9915294fdc39135e20dac73762225
Validity
Not Before: Jan 1 21:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e73f11d22ca86a7c192097996c68c5def8aeef8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d7:52:2c:d1:23:ce:49:4a:d9:91:16:4a:11:
2f:b4:9b:49:fb:a0:82:59:eb:12:44:6a:48:aa:b5:
0a:80:99:bb:0d:0e:d4:f2:6b:32:c6:6b:28:6e:b4:
36:a8:7b:de:af:93:0a:f1:f8:99:3f:72:98:86:ed:
d0:2b:69:ed:7c:d0:d5:b7:a6:3b:ad:3f:d7:81:98:
19:9d:a9:15:78:46:95:d5:af:5d:d2:45:9a:ff:0e:
71:53:36:54:5a:46:34:71:fe:03:da:ca:84:f5:73:
90:b7:40:03:f7:e4:19:ca:7d:a4:57:29:ae:23:9c:
19:de:d4:c1:b1:5c:76:95:34:b7:1a:41:02:9a:be:
dd:e4:8d:5d:c6:98:d1:dd:31:dc:2c:83:fb:c8:a3:
d9:b3:c4:bc:27:c9:b5:cb:54:3a:5b:9a:2a:5a:e5:
09:99:e5:ee:72:5a:f3:0f:05:59:16:c9:19:e4:aa:
d3:f3:1a:e2:bb:db:ae:0c:c1:43:94:c8:2c:eb:d1:
f0:36:c9:ac:32:10:4f:71:1f:b8:6b:4d:56:ef:69:
6e:0c:23:56:7f:48:d6:08:63:78:3d:7e:fd:f9:44:
28:7a:6c:ba:a4:e0:83:f1:60:f5:0c:01:ed:48:cc:
de:b2:16:a3:22:84:b8:21:22:5a:9b:d9:ef:18:85:
8b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3F:11:D2:2C:A8:6A:7C:19:20:97:99:6C:68:C5:DE:F8:AE:EF:8E
X509v3 Authority Key Identifier:
keyid:84:78:B7:6C:69:C9:91:52:94:FD:C3:91:35:E2:0D:AC:73:76:22:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hHi3bGnJkVKU_cORNeINrHN2IiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/289606-9f5b-4d34-aacf-2fd650cefd21/1/5z8R0iyoanwZIJeZbGjF3viu744.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/289606-9f5b-4d34-aacf-2fd650cefd21/1/hHi3bGnJkVKU_cORNeINrHN2IiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.224.0/22
IPv6:
2a0d:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
28:2d:73:60:59:ad:59:5e:15:b6:48:81:29:27:5f:60:c8:38:
fd:f0:91:43:71:a0:a7:f0:f7:08:ef:ca:a4:6f:11:11:d1:7e:
12:a5:c4:64:db:d2:59:f0:0d:44:a8:d9:41:39:05:2e:92:3d:
66:8b:42:80:e8:73:43:ad:d8:25:37:e1:cd:0e:11:35:f0:46:
12:33:df:08:f7:30:b1:31:98:8b:9a:65:47:19:9f:8c:80:c0:
04:ef:8f:91:03:72:fe:d8:ab:77:26:46:c5:f7:96:73:9c:21:
17:56:a4:ab:96:dc:7d:f4:73:bf:6b:d8:53:45:30:bc:87:b1:
f5:a2:66:97:4e:ae:82:fd:0c:7e:f4:3f:cb:60:97:a2:4a:8b:
e8:91:33:57:94:85:2e:1d:6b:44:b9:f1:be:70:20:33:e3:ce:
3c:20:5b:f5:f5:6b:82:e4:fc:2d:6f:13:76:06:ff:b5:86:f1:
7f:c8:81:ee:80:ba:1e:4a:b8:fb:2f:66:90:bc:93:ca:82:66:
ae:bf:5b:d2:0f:0b:21:7b:5b:18:fb:9c:a4:fd:a1:22:2c:82:
65:3f:28:dd:c5:0f:ab:95:eb:8e:62:77:22:bf:da:e6:65:7f:
7d:7f:77:66:7d:68:fb:5c:ed:35:76:06:6c:4c:06:e0:38:82:
6e:cb:6a:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQqqAhBoSshMg2bLG3kbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NzhiNzZjNjljOTkxNTI5NGZkYzM5MTM1ZTIwZGFjNzM3
NjIyMjUwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNmMTFkMjJjYTg2YTdjMTkyMDk3OTk2YzY4YzVkZWY4YWVlZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA79dSLNEjzklK2ZEWShEvtJtJ+6CC
WesSRGpIqrUKgJm7DQ7U8msyxmsobrQ2qHver5MK8fiZP3KYhu3QK2ntfNDVt6Y7
rT/XgZgZnakVeEaV1a9d0kWa/w5xUzZUWkY0cf4D2sqE9XOQt0AD9+QZyn2kVymu
I5wZ3tTBsVx2lTS3GkECmr7d5I1dxpjR3THcLIP7yKPZs8S8J8m1y1Q6W5oqWuUJ
meXuclrzDwVZFskZ5KrT8xriu9uuDMFDlMgs69HwNsmsMhBPcR+4a01W72luDCNW
f0jWCGN4PX79+UQoemy6pOCD8WD1DAHtSMzeshajIoS4ISJam9nvGIWLwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOc/EdIsqGp8GSCXmWxoxd74ru+OMB8GA1UdIwQY
MBaAFIR4t2xpyZFSlP3DkTXiDaxzdiIlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEhpM2JHbkprVktVX2NPUk5lSU5ySE4ySWlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yODk2MDYtOWY1Yi00ZDM0LWFhY2Yt
MmZkNjUwY2VmZDIxLzEvNXo4UjBpeW9hbndaSUplWmJHakYzdml1NzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yODk2MDYtOWY1Yi00ZDM0LWFhY2YtMmZkNjUwY2VmZDIx
LzEvaEhpM2JHbkprVktVX2NPUk5lSU5ySE4ySWlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufXgMA0E
AgACMAcDBQAqDXyAMA0GCSqGSIb3DQEBCwUAA4IBAQAoLXNgWa1ZXhW2SIEpJ19g
yDj98JFDcaCn8PcI78qkbxER0X4SpcRk29JZ8A1EqNlBOQUukj1mi0KA6HNDrdgl
N+HNDhE18EYSM98I9zCxMZiLmmVHGZ+MgMAE74+RA3L+2Kt3JkbF95ZznCEXVqSr
ltx99HO/a9hTRTC8h7H1omaXTq6C/Qx+9D/LYJeiSovokTNXlIUuHWtEufG+cCAz
4848IFv19WuC5PwtbxN2Bv+1hvF/yIHugLoeSrj7L2aQvJPKgmauv1vSDwshe1sY
+5yk/aEiLIJlPyjdxQ+rleuOYnciv9rmZX99f3dmfWj7XO01dgZsTAbgOIJuy2q2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:42 2024 by rpki-client on console-ams.rpki-client.org