Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/B5KzXKqcTAnka1wMlVAWDkiJA84.roa
File: B5KzXKqcTAnka1wMlVAWDkiJA84.roa (raw, json)
Hash identifier: CpxyuwnfEW3jU1pWQ0P3G1XwBSt/VoOXNSQRByPoH/U=
Subject key identifier: 07:92:B3:5C:AA:9C:4C:09:E4:6B:5C:0C:95:50:16:0E:48:89:03:CE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018694319FFA15D8D935EDF5744EE0DE3AD2
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/B5KzXKqcTAnka1wMlVAWDkiJA84.roa
Signing time: Mon 27 Feb 2023 18:45:25 +0000
ROA not before: Mon 27 Feb 2023 18:45:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202485
IP address blocks: 92.52.217.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 15:55:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:31:9f:fa:15:d8:d9:35:ed:f5:74:4e:e0:de:3a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Feb 27 18:45:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0792b35caa9c4c09e46b5c0c9550160e488903ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:76:3b:c9:04:57:39:2b:18:83:21:63:21:e3:
a5:21:da:ef:53:73:e2:1a:27:10:34:16:d2:a0:82:
4d:6c:9b:72:a7:09:69:4f:78:93:2f:f5:1c:36:9c:
2e:58:4e:ca:cd:28:82:47:a0:b9:66:34:47:90:2e:
8b:44:af:f3:7d:53:d9:66:a7:8b:d1:6c:12:3d:69:
9e:f2:cf:32:52:7c:32:3a:fc:f7:5e:ae:59:4e:2a:
05:ea:a9:b9:a2:c0:57:13:1b:06:2f:12:62:74:2b:
41:00:2b:a4:d0:8c:15:4c:dc:f8:8e:78:ce:ce:be:
14:2a:82:4d:03:ad:d3:0a:8e:94:59:80:6c:98:d1:
86:cf:01:dd:9d:4d:f1:59:7b:51:48:c8:95:d9:0f:
23:0c:9f:91:1c:6d:53:9a:37:0b:68:e6:60:6f:85:
05:57:cf:da:ed:75:96:c7:bf:a3:7e:9e:3d:ce:a4:
91:a5:59:a3:49:64:21:a8:1c:21:fc:3e:43:8d:f5:
48:ae:c2:96:7e:b3:a7:ff:10:e0:f4:2e:fd:71:d2:
0a:d9:58:83:f7:76:5c:0e:01:d7:3c:92:ee:82:48:
80:c4:3c:cb:87:35:2c:74:06:b2:bd:b5:1b:d2:14:
78:40:6c:fc:a0:f8:60:c7:db:95:52:af:1f:9e:25:
1e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:92:B3:5C:AA:9C:4C:09:E4:6B:5C:0C:95:50:16:0E:48:89:03:CE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/B5KzXKqcTAnka1wMlVAWDkiJA84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.156.0/24
83.137.159.0/24
88.209.254.0/24
92.52.217.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a0:bf:aa:85:61:45:2e:9b:36:1f:e9:cb:9d:57:d6:83:a4:
3e:b4:9c:f3:c4:f3:fa:75:70:16:d7:c8:3c:dc:74:b8:9b:fc:
7d:de:59:0b:6e:a5:69:43:94:a4:ff:f7:62:58:57:55:67:1e:
e4:0e:6f:d9:6d:5f:bd:7e:0a:f0:17:0a:92:68:e1:3f:bb:28:
93:76:b1:e7:a1:92:3a:b6:ea:b2:f4:c3:9d:0f:81:aa:11:2d:
72:4f:14:81:ab:c0:c9:7b:87:11:83:d6:67:a1:4e:fe:f2:a6:
84:e2:aa:f8:35:34:2c:bb:f8:35:2d:90:4a:b1:d1:72:88:ae:
c8:86:ab:cb:33:52:a7:bc:de:07:f1:89:68:7a:20:97:8d:37:
aa:80:13:6e:4e:f8:6c:e2:cf:46:60:a0:ca:f6:29:94:2e:55:
dc:d2:47:94:9b:fe:e3:3a:01:f0:41:83:43:9a:bd:e9:7b:8d:
72:e7:8f:22:10:07:14:f7:5c:4c:05:4f:57:57:9e:70:9c:8c:
2f:fd:97:86:47:7c:78:7e:51:b9:7b:68:56:a8:99:80:7d:d8:
5c:d6:74:d5:65:df:7a:f8:d2:88:6f:2f:8c:fc:4c:3c:3a:8d:
bf:8a:e3:4e:8b:3d:07:66:7c:8e:56:3c:6f:78:a7:39:05:91:
fc:23:80:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaUMZ/6FdjZNe31dE7g3jrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMjI3MTg0NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkyYjM1Y2FhOWM0YzA5ZTQ2YjVjMGM5NTUwMTYwZTQ4ODkwM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHY7yQRXOSsYgyFjIeOlIdrvU3Pi
GicQNBbSoIJNbJtypwlpT3iTL/UcNpwuWE7KzSiCR6C5ZjRHkC6LRK/zfVPZZqeL
0WwSPWme8s8yUnwyOvz3Xq5ZTioF6qm5osBXExsGLxJidCtBACuk0IwVTNz4jnjO
zr4UKoJNA63TCo6UWYBsmNGGzwHdnU3xWXtRSMiV2Q8jDJ+RHG1TmjcLaOZgb4UF
V8/a7XWWx7+jfp49zqSRpVmjSWQhqBwh/D5DjfVIrsKWfrOn/xDg9C79cdIK2ViD
93ZcDgHXPJLugkiAxDzLhzUsdAayvbUb0hR4QGz8oPhgx9uVUq8fniUe5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAeSs1yqnEwJ5GtcDJVQFg5IiQPOMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQjVLelhLcWNUQW5rYTF3TWxWQVdEa2lKQTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU4mcAwQA
U4mfAwQAWNH+AwQAXDTZMA0GCSqGSIb3DQEBCwUAA4IBAQAYoL+qhWFFLps2H+nL
nVfWg6Q+tJzzxPP6dXAW18g83HS4m/x93lkLbqVpQ5Sk//diWFdVZx7kDm/ZbV+9
fgrwFwqSaOE/uyiTdrHnoZI6tuqy9MOdD4GqES1yTxSBq8DJe4cRg9ZnoU7+8qaE
4qr4NTQsu/g1LZBKsdFyiK7IhqvLM1KnvN4H8YloeiCXjTeqgBNuTvhs4s9GYKDK
9imULlXc0keUm/7jOgHwQYNDmr3pe41y548iEAcU91xMBU9XV55wnIwv/ZeGR3x4
flG5e2hWqJmAfdhc1nTVZd96+NKIby+M/Ew8Oo2/iuNOiz0HZnyOVjxveKc5BZH8
I4BX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org