Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/4Z_L4Kdd8pKvrQfI-JbXZRv1aWE.roa
File: 4Z_L4Kdd8pKvrQfI-JbXZRv1aWE.roa (raw, json)
Hash identifier: Mn/p1sOCMWw+JdD337elIuFGmc1S9+IXEOEKzw2eAow=
Subject key identifier: E1:9F:CB:E0:A7:5D:F2:92:AF:AD:07:C8:F8:96:D7:65:1B:F5:69:61
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 018CC7940E9046EAEFC5AC0A5F5CFDD752E0
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/4Z_L4Kdd8pKvrQfI-JbXZRv1aWE.roa
Signing time: Tue 02 Jan 2024 00:30:18 +0000
ROA not before: Tue 02 Jan 2024 00:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51452
IP address blocks: 185.133.68.0/22 maxlen: 22
185.133.68.0/24 maxlen: 24
185.133.69.0/24 maxlen: 24
2a05:2440::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 07 Apr 2024 17:44:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:0e:90:46:ea:ef:c5:ac:0a:5f:5c:fd:d7:52:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Jan 2 00:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e19fcbe0a75df292afad07c8f896d7651bf56961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9b:cf:9b:df:b9:1b:16:a2:e7:0c:dc:1c:0b:
3f:5f:da:69:c4:de:23:0b:b0:f0:cc:2a:cb:b6:02:
d5:d9:3b:d5:51:53:1d:8e:32:8e:b1:e3:74:89:6a:
e8:f6:69:4d:36:8f:56:b9:2b:de:da:5f:9d:96:1d:
5d:20:4b:f3:e2:85:5e:a5:3d:47:57:b8:e4:bd:73:
94:5f:ad:d2:10:3f:2a:8f:ad:96:4f:e4:c0:dd:fa:
26:11:1a:f7:e9:48:38:fc:4f:d4:d9:35:b5:65:6c:
9e:85:2b:bc:bd:47:03:a4:dc:c9:53:77:b6:f8:62:
b4:55:71:ce:28:b1:5e:f5:a8:80:6b:c4:89:f4:e3:
0e:c0:35:da:dc:fa:f8:4a:33:1c:e3:84:30:eb:61:
51:f4:8f:3d:8f:f9:3d:12:b2:25:7e:c2:85:f3:2d:
8b:26:9c:7f:a9:bb:ab:fe:f5:cf:4f:d0:56:73:ee:
0f:ff:91:cd:06:a2:f5:b1:fa:50:4c:ce:96:da:4c:
f2:a9:07:39:f8:13:d5:70:fb:4e:5c:4a:88:31:94:
b1:ea:5f:0d:c6:50:a9:ed:29:76:1f:93:d1:72:b3:
56:3b:68:77:59:33:d1:81:5f:eb:a8:b5:7d:59:da:
61:ee:97:f9:6c:7e:48:a2:c1:82:6b:6d:ea:c2:27:
6d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9F:CB:E0:A7:5D:F2:92:AF:AD:07:C8:F8:96:D7:65:1B:F5:69:61
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/4Z_L4Kdd8pKvrQfI-JbXZRv1aWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
IPv6:
2a05:2440::/29
Signature Algorithm: sha256WithRSAEncryption
62:28:76:da:38:6b:fd:54:b7:70:28:85:ae:ce:1f:ff:c0:17:
74:dd:2e:0b:a1:a4:d3:5a:e2:af:c2:27:18:84:3f:dc:85:15:
ab:b1:52:0e:29:15:9b:a4:7d:39:af:06:f5:d5:47:30:13:03:
ea:9c:d0:e4:31:04:7c:93:94:d8:f8:67:d8:67:be:d2:64:b9:
fe:a8:96:6a:a6:65:59:72:52:9d:73:8c:04:fd:20:ce:0b:df:
d0:d8:52:d9:ce:ea:22:16:83:8f:42:f4:04:ec:60:79:b4:e4:
20:b7:ff:5d:03:58:1f:ef:74:3e:78:79:ea:58:85:9a:93:e6:
5f:30:9f:16:4e:bf:07:ea:fd:c4:8a:00:ec:c8:69:de:6b:46:
41:6d:06:3b:84:41:c4:5b:f0:20:02:e1:8f:a4:4b:22:b2:36:
91:21:06:a6:7f:a5:42:8b:de:b1:ba:54:7c:d5:d7:81:1a:e9:
ac:33:c1:db:42:90:bf:43:31:c1:29:d7:9f:42:10:88:77:41:
81:f3:25:93:86:8a:fb:9f:71:ce:75:56:64:de:c5:f3:30:60:
b0:f1:c9:87:b0:34:9d:78:4a:3f:6a:48:1d:51:e9:7f:47:10:
9d:9f:ff:10:37:73:28:42:9f:f0:cd:cc:7f:40:21:c4:14:2e:
10:4d:47:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlA6QRurvxawKX1z911LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQwMTAyMDAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlmY2JlMGE3NWRmMjkyYWZhZDA3YzhmODk2ZDc2NTFiZjU2OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJvPm9+5Gxai5wzcHAs/X9ppxN4j
C7DwzCrLtgLV2TvVUVMdjjKOseN0iWro9mlNNo9WuSve2l+dlh1dIEvz4oVepT1H
V7jkvXOUX63SED8qj62WT+TA3fomERr36Ug4/E/U2TW1ZWyehSu8vUcDpNzJU3e2
+GK0VXHOKLFe9aiAa8SJ9OMOwDXa3Pr4SjMc44Qw62FR9I89j/k9ErIlfsKF8y2L
Jpx/qbur/vXPT9BWc+4P/5HNBqL1sfpQTM6W2kzyqQc5+BPVcPtOXEqIMZSx6l8N
xlCp7Sl2H5PRcrNWO2h3WTPRgV/rqLV9Wdph7pf5bH5IosGCa23qwidt7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOGfy+CnXfKSr60HyPiW12Ub9WlhMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvNFpfTDRLZGQ4cEt2clFmSS1KYlhaUnYxYVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYVEMA0E
AgACMAcDBQMqBSRAMA0GCSqGSIb3DQEBCwUAA4IBAQBiKHbaOGv9VLdwKIWuzh//
wBd03S4LoaTTWuKvwicYhD/chRWrsVIOKRWbpH05rwb11UcwEwPqnNDkMQR8k5TY
+GfYZ77SZLn+qJZqpmVZclKdc4wE/SDOC9/Q2FLZzuoiFoOPQvQE7GB5tOQgt/9d
A1gf73Q+eHnqWIWak+ZfMJ8WTr8H6v3EigDsyGnea0ZBbQY7hEHEW/AgAuGPpEsi
sjaRIQamf6VCi96xulR81deBGumsM8HbQpC/QzHBKdefQhCId0GB8yWThor7n3HO
dVZk3sXzMGCw8cmHsDSdeEo/akgdUel/RxCdn/8QN3MoQp/wzcx/QCHEFC4QTUdy
-----END CERTIFICATE-----
Generated at Sun Apr 7 20:49:54 2024 by rpki-client on console-ams.rpki-client.org