Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/b5VwbdZZ9dk6Ih6HklvGEVZlBvU.roa
File: b5VwbdZZ9dk6Ih6HklvGEVZlBvU.roa (raw, json)
Hash identifier: jzc3+B3jyJeIeIQxYOdtbj1NthflbhSSdOzVGVkGqU0=
Subject key identifier: 6F:95:70:6D:D6:59:F5:D9:3A:22:1E:87:92:5B:C6:11:56:65:06:F5
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 0189F33EADF51CF80682B319E61C94984B91
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/b5VwbdZZ9dk6Ih6HklvGEVZlBvU.roa
Signing time: Mon 14 Aug 2023 08:51:58 +0000
ROA not before: Mon 14 Aug 2023 08:51:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205020
IP address blocks: 80.251.0.0/20 maxlen: 20
85.31.64.0/19 maxlen: 19
5.11.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 22 Aug 2023 12:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:3e:ad:f5:1c:f8:06:82:b3:19:e6:1c:94:98:4b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 14 08:51:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f95706dd659f5d93a221e87925bc611566506f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:23:7e:66:d9:e9:48:f9:db:c1:33:89:31:c4:
28:d5:c3:5d:80:35:3e:6f:3d:67:9d:a8:c5:0b:0d:
aa:90:9d:0d:9e:2c:64:04:c4:fc:52:c7:73:34:54:
2a:14:a6:3b:08:c3:c1:38:5e:50:b9:c8:69:d4:ae:
c5:d0:be:ef:55:f1:df:6b:0e:95:a0:a3:bc:35:8a:
2b:51:cd:66:6c:e2:f6:3c:d2:86:e8:31:35:c4:0c:
36:b6:7d:86:67:46:2b:2a:eb:00:5a:d0:8b:d1:6e:
71:da:be:a1:65:19:b7:04:f3:45:36:fc:54:bc:56:
ac:ec:97:e3:8e:df:77:cf:9a:4b:18:5e:66:27:b2:
77:48:25:52:d6:5c:08:4f:d0:c9:28:82:57:51:58:
da:71:51:a0:d2:34:aa:37:c3:60:aa:bf:f4:f6:72:
60:49:54:b5:38:17:be:99:2f:20:4d:1a:f3:75:60:
68:e4:a5:87:2f:e1:ad:6f:30:d9:72:93:6f:50:8d:
60:e7:78:88:fa:a0:0f:15:10:e8:27:17:e2:a7:af:
72:e8:02:98:c6:06:a8:f1:06:2f:13:8a:48:ca:2f:
ec:ba:a4:c8:59:72:a4:f5:aa:44:e7:8c:00:0e:a1:
f4:76:50:91:1c:c7:29:fa:62:9b:d6:9c:55:42:c2:
cc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:95:70:6D:D6:59:F5:D9:3A:22:1E:87:92:5B:C6:11:56:65:06:F5
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/b5VwbdZZ9dk6Ih6HklvGEVZlBvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.28.0/22
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
25:d9:ba:3c:bd:ce:e7:45:d7:6d:b7:51:78:a6:2a:91:3b:43:
f4:8a:65:1d:b0:61:f5:09:11:81:9c:62:03:7d:2c:02:5e:44:
e6:9a:d1:ff:20:9f:3e:aa:60:cd:67:27:7b:e9:7a:fb:ef:75:
b1:22:c9:ed:73:b1:50:56:15:41:53:49:37:93:62:51:86:5f:
21:b1:ab:4c:6a:b9:72:56:51:27:a5:7b:46:33:af:d9:b2:41:
c0:dd:94:c6:1a:55:1b:00:57:06:96:6f:2d:de:24:64:28:94:
f1:82:a2:65:bc:38:05:40:82:a1:25:cc:64:eb:6c:a4:92:a1:
1b:5c:74:af:a5:c7:b1:a1:b3:c5:11:98:19:c4:79:7c:b2:f2:
f5:30:21:aa:ab:f3:66:27:95:a0:46:29:91:29:0c:76:41:16:
4b:0d:b1:46:71:c5:e5:80:94:24:75:b2:22:e9:94:15:d7:e8:
d4:5e:fa:97:b4:88:06:6d:47:bc:5f:39:14:c5:f3:7c:2d:aa:
fd:10:65:68:ef:01:b6:c6:bc:3e:23:3e:dc:07:b8:fe:79:c9:
f5:ee:1c:0d:62:dc:71:11:12:4c:63:b0:70:16:99:d9:f3:4a:
72:1b:1b:09:95:ef:d2:d0:b7:f7:b8:73:bd:ae:dd:00:df:cb:
f6:f1:1a:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnzPq31HPgGgrMZ5hyUmEuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODE0MDg1MTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjk1NzA2ZGQ2NTlmNWQ5M2EyMjFlODc5MjViYzYxMTU2NjUwNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSN+ZtnpSPnbwTOJMcQo1cNdgDU+
bz1nnajFCw2qkJ0NnixkBMT8UsdzNFQqFKY7CMPBOF5Quchp1K7F0L7vVfHfaw6V
oKO8NYorUc1mbOL2PNKG6DE1xAw2tn2GZ0YrKusAWtCL0W5x2r6hZRm3BPNFNvxU
vFas7Jfjjt93z5pLGF5mJ7J3SCVS1lwIT9DJKIJXUVjacVGg0jSqN8Ngqr/09nJg
SVS1OBe+mS8gTRrzdWBo5KWHL+GtbzDZcpNvUI1g53iI+qAPFRDoJxfip69y6AKY
xgao8QYvE4pIyi/suqTIWXKk9apE54wADqH0dlCRHMcp+mKb1pxVQsLM1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG+VcG3WWfXZOiIeh5JbxhFWZQb1MB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvYjVWd2JkWlo5ZGs2SWg2SGtsdkdFVlpsQnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBQscAwQE
UPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQAl2bo8vc7nRddtt1F4piqRO0P0
imUdsGH1CRGBnGIDfSwCXkTmmtH/IJ8+qmDNZyd76Xr773WxIsntc7FQVhVBU0k3
k2JRhl8hsatMarlyVlEnpXtGM6/ZskHA3ZTGGlUbAFcGlm8t3iRkKJTxgqJlvDgF
QIKhJcxk62ykkqEbXHSvpcexobPFEZgZxHl8svL1MCGqq/NmJ5WgRimRKQx2QRZL
DbFGccXlgJQkdbIi6ZQV1+jUXvqXtIgGbUe8XzkUxfN8Lar9EGVo7wG2xrw+Iz7c
B7j+ecn17hwNYtxxERJMY7BwFpnZ80pyGxsJle/S0Lf3uHO9rt0A38v28Rqu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org