Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/I7uE3FAI4DP7T86gpfzii-B3ZIY.roa
File: I7uE3FAI4DP7T86gpfzii-B3ZIY.roa (raw, json)
Hash identifier: yIE4ma+lLj6HQjLVyKL4DtkM+vVpYd+TbPVOTM0IUCQ=
Subject key identifier: 23:BB:84:DC:50:08:E0:33:FB:4F:CE:A0:A5:FC:E2:8B:E0:77:64:86
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 018EB9AC818E681701FBF4E863258B97B473
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/I7uE3FAI4DP7T86gpfzii-B3ZIY.roa
Signing time: Sun 07 Apr 2024 17:47:54 +0000
ROA not before: Sun 07 Apr 2024 17:47:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.133.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 13:17:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:ac:81:8e:68:17:01:fb:f4:e8:63:25:8b:97:b4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Apr 7 17:47:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23bb84dc5008e033fb4fcea0a5fce28be0776486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:a6:dd:9f:8a:32:f7:24:a7:3e:df:21:b2:
f6:b5:29:6e:c5:94:e7:3c:44:1a:e0:88:4e:ef:d6:
57:49:71:71:e3:e2:8b:04:2d:da:f5:aa:94:01:99:
51:ec:f3:8c:bc:21:e4:19:1a:cc:d0:f7:0d:e3:9a:
5e:a4:a5:d0:64:0c:da:b0:f9:59:e2:5f:c0:77:7d:
22:58:95:42:2d:a6:6f:49:95:13:79:48:f6:be:10:
fe:9d:48:89:04:bd:4b:06:f4:1e:3e:52:f4:0a:56:
6f:b4:86:6a:48:a4:2e:d4:98:73:0c:d2:aa:fe:34:
4b:83:3d:49:96:70:83:a4:ef:49:f8:a7:28:f5:b4:
a3:3d:70:4a:26:e9:23:cc:a4:21:4a:f4:2b:b8:83:
5b:2d:96:73:a9:f0:c5:d4:f8:b7:34:cc:5f:01:c7:
48:f9:26:41:90:63:c0:77:20:59:08:49:b0:a8:c2:
63:33:a4:e3:f1:8c:4b:73:79:0f:e4:11:f1:2f:b5:
a3:cf:e2:fe:17:6f:a7:37:91:39:2c:86:5f:e1:d2:
cc:d9:14:06:7c:52:8b:19:00:ce:e0:fc:02:90:ca:
7d:34:3b:6b:1f:37:3e:c1:9d:8c:bd:72:40:d1:90:
ef:68:ff:33:0c:e6:dd:89:41:f2:cf:1b:f6:1a:86:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BB:84:DC:50:08:E0:33:FB:4F:CE:A0:A5:FC:E2:8B:E0:77:64:86
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/I7uE3FAI4DP7T86gpfzii-B3ZIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:28:88:f2:38:9d:44:a9:14:4d:6e:70:93:f9:db:6e:e2:c7:
f1:01:68:aa:2d:40:f9:9c:38:d8:45:df:f1:63:52:ea:59:39:
d2:bb:5e:6f:c8:b2:55:40:87:01:2f:15:08:0e:50:ab:51:2a:
fa:3a:6f:21:bc:d5:76:cd:b6:8f:7f:a9:06:3c:96:dd:75:90:
d8:5c:2d:a4:9c:cf:79:d0:14:9c:c0:6b:b3:a5:a6:cf:f6:bd:
36:ec:f1:1b:81:eb:78:82:9c:66:48:05:76:59:71:35:8a:a5:
53:9f:c4:0a:c4:dd:3c:b6:cb:19:0c:8a:a3:4b:68:9a:9b:7b:
a9:50:7e:35:f5:61:fd:c1:af:d5:64:76:e9:e1:9a:18:a0:4c:
e2:64:78:5a:9b:f7:8c:d8:11:33:ac:1c:f1:3b:ef:55:58:00:
0e:82:c1:70:71:91:fd:0f:0a:5f:2f:f3:f4:39:81:8b:23:1f:
b2:92:72:f7:f5:29:33:f8:c6:90:f6:f3:62:09:85:b2:9b:6d:
cf:d4:ba:a7:1f:79:1b:b0:9f:8e:55:a1:57:dd:8b:c4:f1:04:
4b:d6:d1:99:e8:51:96:af:d4:b6:3b:a6:a8:66:7f:04:bd:e8:
9e:36:34:08:d8:ee:40:c7:c9:f8:3c:ba:40:0b:48:2d:4e:82:
fa:e6:e2:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY65rIGOaBcB+/ToYyWLl7RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQwNDA3MTc0NzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JiODRkYzUwMDhlMDMzZmI0ZmNlYTBhNWZjZTI4YmUwNzc2NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWam3Z+KMvckpz7fIbL2tSluxZTn
PEQa4IhO79ZXSXFx4+KLBC3a9aqUAZlR7POMvCHkGRrM0PcN45pepKXQZAzasPlZ
4l/Ad30iWJVCLaZvSZUTeUj2vhD+nUiJBL1LBvQePlL0ClZvtIZqSKQu1JhzDNKq
/jRLgz1JlnCDpO9J+Kco9bSjPXBKJukjzKQhSvQruINbLZZzqfDF1Pi3NMxfAcdI
+SZBkGPAdyBZCEmwqMJjM6Tj8YxLc3kP5BHxL7Wjz+L+F2+nN5E5LIZf4dLM2RQG
fFKLGQDO4PwCkMp9NDtrHzc+wZ2MvXJA0ZDvaP8zDObdiUHyzxv2GobUqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCO7hNxQCOAz+0/OoKX84ovgd2SGMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvSTd1RTNGQUk0RFA3VDg2Z3BmemlpLUIzWklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYVEMA0G
CSqGSIb3DQEBCwUAA4IBAQC9KIjyOJ1EqRRNbnCT+dtu4sfxAWiqLUD5nDjYRd/x
Y1LqWTnSu15vyLJVQIcBLxUIDlCrUSr6Om8hvNV2zbaPf6kGPJbddZDYXC2knM95
0BScwGuzpabP9r027PEbget4gpxmSAV2WXE1iqVTn8QKxN08tssZDIqjS2iam3up
UH419WH9wa/VZHbp4ZoYoEziZHham/eM2BEzrBzxO+9VWAAOgsFwcZH9DwpfL/P0
OYGLIx+yknL39Skz+MaQ9vNiCYWym23P1LqnH3kbsJ+OVaFX3YvE8QRL1tGZ6FGW
r9S2O6aoZn8EveieNjQI2O5Ax8n4PLpAC0gtToL65uKa
-----END CERTIFICATE-----
Generated at Wed May 1 17:22:17 2024 by rpki-client on console-ams.rpki-client.org