Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/Et0hcQF7whRZ--y4qQNQngk-_wE.roa
File: Et0hcQF7whRZ--y4qQNQngk-_wE.roa (raw, json)
Hash identifier: KtnyJ9SE967GfPwLjMDg90xuDcxcvfGbXMtv4qFJcok=
Subject key identifier: 12:DD:21:71:01:7B:C2:14:59:FB:EC:B8:A9:03:50:9E:09:3E:FF:01
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 018EB9AC81DE758D28D80E3CEABB28FD9D3C
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/Et0hcQF7whRZ--y4qQNQngk-_wE.roa
Signing time: Sun 07 Apr 2024 17:47:54 +0000
ROA not before: Sun 07 Apr 2024 17:47:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.133.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 13:16:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:ac:81:de:75:8d:28:d8:0e:3c:ea:bb:28:fd:9d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Apr 7 17:47:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12dd2171017bc21459fbecb8a903509e093eff01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:16:a2:81:a5:27:98:61:ac:34:1a:4f:11:83:
d8:c9:56:31:d2:45:fb:61:a2:42:54:4b:72:c1:e9:
dd:4f:0c:55:a0:86:24:13:fc:8a:47:f6:32:d7:16:
c4:cd:bf:9d:d2:77:64:15:00:54:ed:59:81:54:f8:
a7:5d:4c:f7:b3:f8:82:e6:35:3d:3c:77:fc:c3:69:
82:01:e7:be:8d:f3:c9:f2:1e:ea:4f:6f:07:44:8d:
99:63:a2:c6:63:d0:25:f3:fb:1a:b6:62:4d:13:99:
e1:37:b5:c7:e4:af:5b:8b:00:75:63:a3:e4:64:04:
00:81:d9:d5:a9:12:f5:7c:f4:aa:fc:6e:eb:62:24:
26:62:97:61:07:5c:08:ec:49:ff:94:2d:6b:0b:2c:
e7:3b:04:89:cf:02:cc:7c:48:c9:a2:67:ce:ef:d1:
92:8a:e9:d8:33:6f:73:0a:a9:fc:f2:54:f5:a6:6d:
24:96:a2:f8:03:5a:64:02:50:00:13:61:88:3a:27:
96:39:2b:e8:0a:c4:9b:28:54:5d:89:ae:8e:fc:4a:
bf:97:bf:4f:d5:b3:7e:8f:8a:96:ad:08:db:dd:0c:
7b:c1:2b:be:cf:a2:20:85:a5:6a:7a:2d:de:1d:9a:
b0:f6:31:47:99:08:56:09:bb:da:a5:8a:f0:fe:8b:
2e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DD:21:71:01:7B:C2:14:59:FB:EC:B8:A9:03:50:9E:09:3E:FF:01
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/Et0hcQF7whRZ--y4qQNQngk-_wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
Signature Algorithm: sha256WithRSAEncryption
57:ee:ba:5c:5e:52:29:3e:f1:54:1d:99:95:9b:3f:1d:10:8b:
de:ea:d5:98:91:df:1d:28:fa:7f:12:f8:a7:40:5a:d5:61:11:
54:d1:eb:25:f5:86:dd:69:10:b1:35:4a:3e:eb:96:09:e9:a0:
94:c1:e9:62:fb:b0:cf:0e:e6:cb:60:5c:9d:8a:b6:3c:c5:b9:
82:b1:cc:24:0d:eb:13:19:8c:4e:c4:43:2d:b6:f1:88:eb:56:
94:30:25:c3:45:e9:d5:7d:39:f4:5e:59:65:b3:66:14:cb:eb:
d4:28:d2:82:10:a9:a5:c1:33:a4:00:53:60:49:e6:c2:ca:2c:
5a:64:95:ac:6a:85:09:5e:fd:7b:87:b6:7b:40:71:ea:e1:40:
b8:4e:76:b4:84:87:3f:ba:91:d8:14:f8:5d:65:53:9d:cf:65:
81:1f:9a:ba:cd:3f:95:2b:7a:71:63:35:f1:2d:67:5a:fa:28:
45:17:10:73:a4:d9:f2:c0:1c:34:77:35:ca:bf:98:39:3f:b2:
f9:44:fe:b0:7c:9d:4b:0a:8f:b0:f9:6b:b7:c4:80:74:a7:ec:
24:27:dd:77:42:bb:b8:28:fd:d2:fa:83:02:17:2a:78:f2:67:
e4:0f:1d:2b:c6:99:d9:3e:6c:ed:d1:0e:e9:dd:7a:5e:78:85:
8b:ce:b9:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY65rIHedY0o2A486rso/Z08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQwNDA3MTc0NzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmRkMjE3MTAxN2JjMjE0NTlmYmVjYjhhOTAzNTA5ZTA5M2VmZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRaigaUnmGGsNBpPEYPYyVYx0kX7
YaJCVEtywendTwxVoIYkE/yKR/Yy1xbEzb+d0ndkFQBU7VmBVPinXUz3s/iC5jU9
PHf8w2mCAee+jfPJ8h7qT28HRI2ZY6LGY9Al8/satmJNE5nhN7XH5K9biwB1Y6Pk
ZAQAgdnVqRL1fPSq/G7rYiQmYpdhB1wI7En/lC1rCyznOwSJzwLMfEjJomfO79GS
iunYM29zCqn88lT1pm0klqL4A1pkAlAAE2GIOieWOSvoCsSbKFRdia6O/Eq/l79P
1bN+j4qWrQjb3Qx7wSu+z6IghaVqei3eHZqw9jFHmQhWCbvapYrw/osuoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBLdIXEBe8IUWfvsuKkDUJ4JPv8BMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvRXQwaGNRRjd3aFJaLS15NHFRTlFuZ2stX3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYVEMA0G
CSqGSIb3DQEBCwUAA4IBAQBX7rpcXlIpPvFUHZmVmz8dEIve6tWYkd8dKPp/Evin
QFrVYRFU0esl9YbdaRCxNUo+65YJ6aCUweli+7DPDubLYFydirY8xbmCscwkDesT
GYxOxEMttvGI61aUMCXDRenVfTn0Xllls2YUy+vUKNKCEKmlwTOkAFNgSebCyixa
ZJWsaoUJXv17h7Z7QHHq4UC4Tna0hIc/upHYFPhdZVOdz2WBH5q6zT+VK3pxYzXx
LWda+ihFFxBzpNnywBw0dzXKv5g5P7L5RP6wfJ1LCo+w+Wu3xIB0p+wkJ913Qru4
KP3S+oMCFyp48mfkDx0rxpnZPmzt0Q7p3XpeeIWLzrlV
-----END CERTIFICATE-----
Generated at Wed May 1 17:22:17 2024 by rpki-client on console-ams.rpki-client.org