Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/qkOBVohYZpMzfkauT46vYb8BsSM.roa
File: qkOBVohYZpMzfkauT46vYb8BsSM.roa (raw, json)
Hash identifier: 19ONlMVkQx42qn8wRXtZXXPNG3IF9BI13rTRhk+QEBQ=
Subject key identifier: AA:43:81:56:88:58:66:93:33:7E:46:AE:4F:8E:AF:61:BF:01:B1:23
Certificate issuer: /CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Certificate serial: 01856BEEB48B9DA5781435A44723D0CD9B93
Authority key identifier: 5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/qkOBVohYZpMzfkauT46vYb8BsSM.roa
Signing time: Sun 01 Jan 2023 06:04:43 +0000
ROA not before: Sun 01 Jan 2023 06:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199468
IP address blocks: 185.173.8.0/22 maxlen: 22
5.133.42.0/24 maxlen: 24
5.133.40.0/24 maxlen: 24
5.133.43.0/24 maxlen: 24
5.133.40.0/21 maxlen: 21
5.133.41.0/24 maxlen: 24
2a04:ed00::/29 maxlen: 34
Validation: Failed, certificate revoked on Wed 14 Jun 2023 11:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:b4:8b:9d:a5:78:14:35:a4:47:23:d0:cd:9b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57c8f8d9ee5e2ce7043e1ec26bb1693f7f121f
Validity
Not Before: Jan 1 06:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa43815688586693337e46ae4f8eaf61bf01b123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0b:90:d9:8b:91:35:28:8a:70:59:88:c6:52:
8f:ad:4c:c3:64:21:b0:68:80:cf:03:0a:21:a3:53:
4b:e5:97:a5:5a:7f:af:4d:22:19:09:bb:70:a2:aa:
4f:00:88:be:e6:7f:93:3d:90:84:07:cc:40:6e:4a:
5c:eb:41:e3:2d:cc:da:67:78:a0:4b:82:d3:ab:b4:
0f:ea:5d:73:03:f9:5b:4d:78:4d:c1:b2:cc:b3:51:
bd:95:11:b3:45:5a:1b:ce:2e:da:a1:e3:ff:0c:7e:
07:3c:be:14:62:50:0b:dc:e9:fc:f7:2a:a8:15:50:
a9:a4:4d:57:39:32:96:ed:80:0d:95:7b:20:32:93:
35:4c:9a:93:05:65:d6:3b:6c:62:de:2b:13:87:dd:
58:7a:c4:f5:b0:87:90:e2:50:b7:b7:97:25:52:b9:
8b:e1:2b:21:7e:df:15:3c:84:a7:09:48:1e:f5:07:
de:c1:84:ea:1e:ac:57:53:4d:04:3b:21:cf:8c:aa:
5a:c7:46:53:2f:b7:15:3c:a7:5f:f9:c7:c1:ae:3f:
f5:2a:ec:19:89:06:a2:e5:f0:2e:eb:ab:cc:9c:63:
60:34:60:4e:1c:df:a6:78:ad:a3:76:1c:a1:23:44:
80:b9:b9:ba:56:25:bb:6d:2d:eb:39:a5:13:c1:e4:
74:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:43:81:56:88:58:66:93:33:7E:46:AE:4F:8E:AF:61:BF:01:B1:23
X509v3 Authority Key Identifier:
keyid:5C:57:C8:F8:D9:EE:5E:2C:E7:04:3E:1E:C2:6B:B1:69:3F:7F:12:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFfI-NnuXiznBD4ewmuxaT9_Eh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/qkOBVohYZpMzfkauT46vYb8BsSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/29fcb9-305c-406b-a7a4-1f6b2d14f4f9/1/XFfI-NnuXiznBD4ewmuxaT9_Eh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.40.0/21
185.173.8.0/22
IPv6:
2a04:ed00::/29
Signature Algorithm: sha256WithRSAEncryption
49:06:1d:28:b7:cb:d4:52:74:e5:31:7f:62:ea:5b:29:cf:1f:
4c:c5:32:6c:85:5e:9d:3c:0d:c1:60:34:3f:d5:ed:a8:f3:76:
a5:5d:c9:20:bc:53:67:77:80:c4:d7:fe:23:7b:84:e3:c5:5f:
28:a8:b9:12:f8:10:ea:34:71:de:36:0c:6f:44:b4:34:3f:69:
09:eb:35:34:e3:16:7d:34:85:20:cb:23:a9:88:16:b5:23:9c:
2b:fd:98:c9:91:32:32:85:f0:88:26:bb:4b:cd:d9:6b:d3:0f:
8c:18:51:ce:f2:7f:c9:53:16:5a:9c:46:8e:e1:f5:77:09:15:
34:82:c5:bc:3f:8b:1e:0c:a7:31:48:f7:14:1c:61:36:ec:ed:
06:a7:99:14:35:28:c4:0c:e5:cd:be:ee:e2:83:23:09:5b:3b:
3f:1d:c0:57:f9:72:d1:2d:07:fd:90:fd:4f:6e:e9:b2:5d:51:
3a:77:e1:3a:c2:f0:1a:a1:fb:cf:44:14:24:d9:d1:cf:4d:31:
80:9a:1c:c2:31:5e:e5:31:db:38:5d:0e:82:d4:ae:de:f9:2d:
f0:7c:50:a1:a6:23:13:50:d3:88:a4:98:00:49:2e:12:2e:2b:
d5:ef:53:19:07:5a:c3:e1:28:5a:e4:44:3b:f2:53:1d:7f:e1:
16:bd:d7:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr7rSLnaV4FDWkRyPQzZuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNTdjOGY4ZDllZTVlMmNlNzA0M2UxZWMyNmJiMTY5M2Y3
ZjEyMWYwHhcNMjMwMTAxMDYwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQzODE1Njg4NTg2NjkzMzM3ZTQ2YWU0ZjhlYWY2MWJmMDFiMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AuQ2YuRNSiKcFmIxlKPrUzDZCGw
aIDPAwoho1NL5ZelWn+vTSIZCbtwoqpPAIi+5n+TPZCEB8xAbkpc60HjLczaZ3ig
S4LTq7QP6l1zA/lbTXhNwbLMs1G9lRGzRVobzi7aoeP/DH4HPL4UYlAL3On89yqo
FVCppE1XOTKW7YANlXsgMpM1TJqTBWXWO2xi3isTh91YesT1sIeQ4lC3t5clUrmL
4Sshft8VPISnCUge9QfewYTqHqxXU00EOyHPjKpax0ZTL7cVPKdf+cfBrj/1KuwZ
iQai5fAu66vMnGNgNGBOHN+meK2jdhyhI0SAubm6ViW7bS3rOaUTweR0KwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKpDgVaIWGaTM35Grk+Or2G/AbEjMB8GA1UdIwQY
MBaAFFxXyPjZ7l4s5wQ+HsJrsWk/fxIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQt
MWY2YjJkMTRmNGY5LzEvcWtPQlZvaFlacE16ZmthdVQ0NnZZYjhCc1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yOWZjYjktMzA1Yy00MDZiLWE3YTQtMWY2YjJkMTRmNGY5
LzEvWEZmSS1ObnVYaXpuQkQ0ZXdtdXhhVDlfRWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBYUoAwQC
ua0IMA0EAgACMAcDBQMqBO0AMA0GCSqGSIb3DQEBCwUAA4IBAQBJBh0ot8vUUnTl
MX9i6lspzx9MxTJshV6dPA3BYDQ/1e2o83alXckgvFNnd4DE1/4je4TjxV8oqLkS
+BDqNHHeNgxvRLQ0P2kJ6zU04xZ9NIUgyyOpiBa1I5wr/ZjJkTIyhfCIJrtLzdlr
0w+MGFHO8n/JUxZanEaO4fV3CRU0gsW8P4seDKcxSPcUHGE27O0Gp5kUNSjEDOXN
vu7igyMJWzs/HcBX+XLRLQf9kP1PbumyXVE6d+E6wvAaofvPRBQk2dHPTTGAmhzC
MV7lMds4XQ6C1K7e+S3wfFChpiMTUNOIpJgASS4SLivV71MZB1rD4Sha5EQ78lMd
f+EWvdfR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org