Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/S5h1bwokIQwOu_CPBBu7DNHwkyA.roa
File: S5h1bwokIQwOu_CPBBu7DNHwkyA.roa (raw, json)
Hash identifier: /Fz0M+NhjdkP07+kIXsXqAvyZoyTgcPKutoHBbmshVg=
Subject key identifier: 4B:98:75:6F:0A:24:21:0C:0E:BB:F0:8F:04:1B:BB:0C:D1:F0:93:20
Certificate issuer: /CN=05f59aedc28296e291724f7937de788e27216408
Certificate serial: 01857130A704C3EEAB9DA749542E5CD1A3F1
Authority key identifier: 05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/S5h1bwokIQwOu_CPBBu7DNHwkyA.roa
Signing time: Mon 02 Jan 2023 06:34:51 +0000
ROA not before: Mon 02 Jan 2023 06:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198638
IP address blocks: 185.22.20.0/22 maxlen: 22
2a00:5ae0:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:a7:04:c3:ee:ab:9d:a7:49:54:2e:5c:d1:a3:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f59aedc28296e291724f7937de788e27216408
Validity
Not Before: Jan 2 06:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b98756f0a24210c0ebbf08f041bbb0cd1f09320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d7:0f:51:7a:bb:b7:46:e3:c5:ba:19:4c:cd:
6f:86:5d:5c:6a:7a:6c:ef:d2:94:60:9a:c7:ed:06:
c1:12:7f:30:37:de:02:0e:e3:6e:12:59:24:e5:ba:
d8:0e:0e:e8:01:34:ac:f6:7d:b6:cc:19:3d:e6:42:
25:40:08:b9:65:b2:4c:24:69:58:88:7d:d0:41:80:
d4:f9:50:37:c8:a3:79:4a:61:b0:d0:b3:4a:70:0c:
45:ae:d3:32:99:0e:59:68:a1:8c:b9:6c:07:da:df:
fe:92:0c:93:64:79:eb:8f:b3:00:3e:58:54:f4:d4:
73:69:75:4e:87:65:57:cf:ed:fc:15:be:80:0a:a2:
c6:ab:54:6a:fa:be:f5:93:57:2d:65:fe:06:91:e9:
59:02:7b:25:99:44:4c:94:d3:46:fb:55:e5:8b:3e:
56:49:0e:5c:2e:c5:6e:7a:32:6c:13:92:43:24:3d:
b0:76:22:69:69:98:07:29:d0:8e:38:5c:c5:db:ba:
f2:ee:80:1e:b1:1a:6f:14:4d:65:12:28:d2:a5:38:
0c:c8:5e:ec:21:78:de:21:37:4c:77:d0:f8:a4:4c:
17:f2:63:8d:ba:00:0b:20:c6:5b:38:5f:f8:15:69:
83:9c:c3:ca:de:22:f5:04:2f:55:0d:db:29:bd:07:
d1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:98:75:6F:0A:24:21:0C:0E:BB:F0:8F:04:1B:BB:0C:D1:F0:93:20
X509v3 Authority Key Identifier:
keyid:05:F5:9A:ED:C2:82:96:E2:91:72:4F:79:37:DE:78:8E:27:21:64:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfWa7cKCluKRck95N954jichZAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/S5h1bwokIQwOu_CPBBu7DNHwkyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/5e1d42-3575-4ec1-bc7c-d64368208131/1/BfWa7cKCluKRck95N954jichZAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.20.0/22
IPv6:
2a00:5ae0:100::/48
Signature Algorithm: sha256WithRSAEncryption
62:36:41:24:40:c8:af:cb:b8:a1:c6:bf:4e:65:f5:56:7b:d6:
dd:48:9d:e9:60:7b:c3:24:6c:a4:68:0b:af:4c:f7:a0:1e:cb:
9d:d6:6b:30:2f:7b:56:96:69:c3:00:c9:71:96:1f:53:1f:bb:
80:22:c0:68:5e:ac:e8:82:4c:cf:15:07:9a:60:44:39:73:83:
d2:4d:23:7b:6c:e4:85:8a:51:cf:d9:04:bf:83:8b:3a:0d:92:
ae:f8:d5:7e:3e:68:25:5b:5e:2c:8b:4f:71:fd:e4:73:6d:0d:
b1:2f:99:c1:bc:1d:56:0b:5b:92:68:51:21:22:22:f6:2a:58:
59:4c:68:18:47:44:de:6e:10:e8:b3:0d:bc:db:66:cc:db:e3:
d2:32:d5:9b:69:fd:ee:f1:bc:7f:94:cc:6e:37:ac:ab:eb:14:
88:a6:c3:92:f0:30:a7:93:d2:92:dd:00:e2:7c:be:e3:d8:f9:
16:19:9d:85:c5:7a:07:fe:34:64:04:74:c6:c6:6f:b9:48:e8:
3e:f8:4e:4c:4c:b9:f2:bb:89:94:6f:24:ce:e1:55:a4:7f:c3:
7d:f9:b1:ba:cf:5d:1c:b1:ce:63:e0:99:77:c3:a3:6a:4e:a8:
20:83:d9:0e:8f:f7:3e:d4:fd:36:d8:8e:a8:23:9c:7c:d9:52:
21:fe:3e:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxMKcEw+6rnadJVC5c0aPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjU5YWVkYzI4Mjk2ZTI5MTcyNGY3OTM3ZGU3ODhlMjcy
MTY0MDgwHhcNMjMwMTAyMDYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk4NzU2ZjBhMjQyMTBjMGViYmYwOGYwNDFiYmIwY2QxZjA5MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9cPUXq7t0bjxboZTM1vhl1canps
79KUYJrH7QbBEn8wN94CDuNuElkk5brYDg7oATSs9n22zBk95kIlQAi5ZbJMJGlY
iH3QQYDU+VA3yKN5SmGw0LNKcAxFrtMymQ5ZaKGMuWwH2t/+kgyTZHnrj7MAPlhU
9NRzaXVOh2VXz+38Fb6ACqLGq1Rq+r71k1ctZf4GkelZAnslmURMlNNG+1Xliz5W
SQ5cLsVuejJsE5JDJD2wdiJpaZgHKdCOOFzF27ry7oAesRpvFE1lEijSpTgMyF7s
IXjeITdMd9D4pEwX8mONugALIMZbOF/4FWmDnMPK3iL1BC9VDdspvQfRnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEuYdW8KJCEMDrvwjwQbuwzR8JMgMB8GA1UdIwQY
MBaAFAX1mu3CgpbikXJPeTfeeI4nIWQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2Mt
ZDY0MzY4MjA4MTMxLzEvUzVoMWJ3b2tJUXdPdV9DUEJCdTdETkh3a3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81ZTFkNDItMzU3NS00ZWMxLWJjN2MtZDY0MzY4MjA4MTMx
LzEvQmZXYTdjS0NsdUtSY2s5NU45NTRqaWNoWkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuRYUMA8E
AgACMAkDBwAqAFrgAQAwDQYJKoZIhvcNAQELBQADggEBAGI2QSRAyK/LuKHGv05l
9VZ71t1Inelge8MkbKRoC69M96Aey53WazAve1aWacMAyXGWH1Mfu4AiwGherOiC
TM8VB5pgRDlzg9JNI3ts5IWKUc/ZBL+DizoNkq741X4+aCVbXiyLT3H95HNtDbEv
mcG8HVYLW5JoUSEiIvYqWFlMaBhHRN5uEOizDbzbZszb49Iy1Ztp/e7xvH+UzG43
rKvrFIimw5LwMKeT0pLdAOJ8vuPY+RYZnYXFegf+NGQEdMbGb7lI6D74TkxMufK7
iZRvJM7hVaR/w335sbrPXRyxzmPgmXfDo2pOqCCD2Q6P9z7U/TbYjqgjnHzZUiH+
Pk0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:28 2024 by rpki-client on console-ams.rpki-client.org