Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/pnfN5qV4Fub5fnRW0h3J0bJBJVs.roa
File: pnfN5qV4Fub5fnRW0h3J0bJBJVs.roa (raw, json)
Hash identifier: N9kG2jq86+UxQRfwX1sBlTPc9SEch1bB810oBWwc1jo=
Subject key identifier: A6:77:CD:E6:A5:78:16:E6:F9:7E:74:56:D2:1D:C9:D1:B2:41:25:5B
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 018EB95DC59925BD8112DAFE600C2AE4D589
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/pnfN5qV4Fub5fnRW0h3J0bJBJVs.roa
Signing time: Sun 07 Apr 2024 16:21:54 +0000
ROA not before: Sun 07 Apr 2024 16:21:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.133.68.0/22 maxlen: 24
185.133.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Apr 2024 17:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:5d:c5:99:25:bd:81:12:da:fe:60:0c:2a:e4:d5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Apr 7 16:21:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a677cde6a57816e6f97e7456d21dc9d1b241255b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:8f:d6:72:a8:c0:1f:8a:a3:ce:df:0c:01:
64:2e:de:60:be:c1:b0:50:60:6a:09:7b:d5:f1:5f:
f0:90:27:75:3a:68:33:dc:62:12:08:2c:ba:fd:4e:
e8:1a:fe:fd:41:87:d9:b2:e2:16:70:30:24:00:48:
b1:92:14:4b:e1:59:05:c8:17:08:b7:c3:50:ea:a6:
73:d2:56:c9:82:d9:d0:13:a1:91:eb:af:06:13:75:
30:ab:bc:6e:27:44:64:1c:b8:1b:ed:e0:29:d5:c9:
68:23:39:9c:04:84:90:d5:c4:c0:d7:ad:dc:08:cd:
60:d6:4a:4d:56:fa:a2:5f:ef:55:5e:b0:20:f4:61:
19:6b:92:38:21:a1:f8:1d:09:63:14:ed:26:7b:0c:
4f:41:85:3a:6c:8e:2d:51:bf:dc:a5:18:f4:05:e1:
e6:46:51:90:b3:c8:48:0a:4b:61:45:f9:dc:1d:d5:
71:af:bf:ac:1b:04:ee:ad:2b:65:52:ef:72:3e:c7:
87:74:f7:b8:c0:e8:3a:27:95:97:a0:3e:77:2b:c6:
e0:2e:bd:7a:81:89:b2:f3:1e:45:71:db:06:2f:e0:
94:bf:ce:0a:1a:76:bd:1d:f8:86:39:15:0e:0f:75:
0b:7c:d4:95:73:04:56:c9:55:49:93:e2:7d:e7:f1:
45:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:77:CD:E6:A5:78:16:E6:F9:7E:74:56:D2:1D:C9:D1:B2:41:25:5B
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/pnfN5qV4Fub5fnRW0h3J0bJBJVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
Signature Algorithm: sha256WithRSAEncryption
54:bd:0b:95:ec:ae:f9:70:f4:a7:4f:4a:9d:c2:8b:72:c6:5b:
96:3d:e2:a1:bd:20:4e:9b:1d:9d:a9:8a:2c:f7:2f:8a:9a:03:
3b:d5:30:7f:35:64:ce:7c:bd:1a:a3:45:98:60:08:2c:bb:2b:
83:75:a5:07:73:8c:f6:6c:e7:0a:47:1c:fc:20:1c:02:5f:cf:
c6:62:27:4f:7b:d8:c4:53:ba:aa:8c:73:a9:91:2f:0c:0b:e0:
7a:38:43:b1:9d:4f:e8:b8:62:6d:e5:fd:b3:d1:21:55:b3:d2:
25:8d:0c:ea:17:bf:54:c1:a8:8a:ea:9b:1f:b0:67:b4:91:2c:
6d:71:d3:7a:65:bc:21:e1:1b:28:84:d9:d5:fc:78:c7:ec:89:
9f:3b:80:af:84:a2:9d:f7:21:75:58:d6:cb:13:6a:94:d0:fc:
64:84:e6:8f:c6:73:9c:5a:0d:2a:87:49:5a:24:cb:55:97:29:
ac:f9:2c:fb:2b:67:04:db:fc:c5:90:a8:08:49:57:17:a4:22:
04:eb:36:af:53:1f:e8:ab:eb:dd:f9:06:a3:06:66:29:4c:86:
81:fc:69:99:d2:6b:78:11:e6:8b:64:e9:c1:ec:af:6a:6c:ee:
0a:63:52:c8:3e:cd:07:dd:33:21:4c:f0:29:e9:3f:70:f8:e8:
92:fc:e3:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY65XcWZJb2BEtr+YAwq5NWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQwNDA3MTYyMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc3Y2RlNmE1NzgxNmU2Zjk3ZTc0NTZkMjFkYzlkMWIyNDEyNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMKP1nKowB+Ko87fDAFkLt5gvsGw
UGBqCXvV8V/wkCd1Omgz3GISCCy6/U7oGv79QYfZsuIWcDAkAEixkhRL4VkFyBcI
t8NQ6qZz0lbJgtnQE6GR668GE3Uwq7xuJ0RkHLgb7eAp1cloIzmcBISQ1cTA163c
CM1g1kpNVvqiX+9VXrAg9GEZa5I4IaH4HQljFO0mewxPQYU6bI4tUb/cpRj0BeHm
RlGQs8hICkthRfncHdVxr7+sGwTurStlUu9yPseHdPe4wOg6J5WXoD53K8bgLr16
gYmy8x5FcdsGL+CUv84KGna9HfiGORUOD3ULfNSVcwRWyVVJk+J95/FF4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZ3zealeBbm+X50VtIdydGyQSVbMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvcG5mTjVxVjRGdWI1Zm5SVzBoM0owYkpCSlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYVEMA0G
CSqGSIb3DQEBCwUAA4IBAQBUvQuV7K75cPSnT0qdwotyxluWPeKhvSBOmx2dqYos
9y+KmgM71TB/NWTOfL0ao0WYYAgsuyuDdaUHc4z2bOcKRxz8IBwCX8/GYidPe9jE
U7qqjHOpkS8MC+B6OEOxnU/ouGJt5f2z0SFVs9IljQzqF79UwaiK6psfsGe0kSxt
cdN6Zbwh4RsohNnV/HjH7ImfO4CvhKKd9yF1WNbLE2qU0PxkhOaPxnOcWg0qh0la
JMtVlyms+Sz7K2cE2/zFkKgISVcXpCIE6zavUx/oq+vd+QajBmYpTIaB/GmZ0mt4
EeaLZOnB7K9qbO4KY1LIPs0H3TMhTPAp6T9w+OiS/ONV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:25 2024 by rpki-client on console-fra.rpki-client.org