Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/iP5fPhibnyW-OqVYt1q_is8sfdg.roa
File: iP5fPhibnyW-OqVYt1q_is8sfdg.roa (raw, json)
Hash identifier: LvQx9oHh65FkEtxMbfccRE33Uj5iQNYbaSttYxkTRdM=
Subject key identifier: 88:FE:5F:3E:18:9B:9F:25:BE:3A:A5:58:B7:5A:BF:8A:CF:2C:7D:D8
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 0185710C2D4FDEE834983320A5E8721AB6DE
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/iP5fPhibnyW-OqVYt1q_is8sfdg.roa
Signing time: Mon 02 Jan 2023 05:55:01 +0000
ROA not before: Mon 02 Jan 2023 05:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 194.62.244.0/23 maxlen: 23
194.62.246.0/23 maxlen: 23
194.15.114.0/24 maxlen: 24
91.213.8.0/24 maxlen: 24
194.26.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Feb 2023 20:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2d:4f:de:e8:34:98:33:20:a5:e8:72:1a:b6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 2 05:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88fe5f3e189b9f25be3aa558b75abf8acf2c7dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4c:f4:de:64:cc:8d:84:58:fe:80:50:5c:60:
c1:f3:57:5b:5e:56:2d:14:c3:8c:85:86:81:c0:8f:
4e:b1:3d:86:c5:44:d7:02:0b:34:6c:cf:32:ad:35:
ca:70:64:c4:b9:43:fe:71:84:e4:c5:dc:12:d6:73:
4c:6b:63:ce:00:8e:c9:1a:0e:3f:84:a1:36:3e:4d:
75:c9:da:45:52:bc:ad:8e:d9:09:bc:67:ac:20:90:
74:0c:d0:d3:c2:18:fd:3e:b9:c5:e7:84:f7:70:75:
fd:b5:ad:a1:a1:a8:87:70:85:68:6a:fa:20:11:88:
24:3b:0b:bc:ec:19:5a:5e:a5:b9:fd:c2:73:1c:00:
9c:a8:be:eb:21:2c:9b:41:b9:d3:29:dc:90:05:4d:
f1:cb:f4:58:0a:de:29:e2:0c:d9:1e:d3:0d:43:7c:
ab:50:4e:45:ed:b3:a2:df:5c:cb:e6:14:d8:97:db:
ea:dd:67:04:f2:2b:9b:13:0e:f6:bc:a7:3f:a2:36:
16:80:c0:36:6f:9a:60:34:eb:f6:55:c4:d0:d1:5b:
c3:22:55:75:41:74:74:0b:e5:f8:4c:ec:c0:72:47:
4c:b5:f8:0a:75:27:df:93:ca:84:ce:11:28:07:1b:
b3:6c:7d:83:d9:66:71:84:5c:66:c7:2d:a2:b1:a3:
ef:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FE:5F:3E:18:9B:9F:25:BE:3A:A5:58:B7:5A:BF:8A:CF:2C:7D:D8
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/iP5fPhibnyW-OqVYt1q_is8sfdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.8.0/24
194.15.114.0/24
194.26.18.0/24
194.62.244.0/22
Signature Algorithm: sha256WithRSAEncryption
02:ef:44:40:6e:55:22:7a:78:87:82:8f:17:5e:71:b4:80:77:
d4:dc:91:83:86:f3:19:63:f6:e1:09:ae:80:3d:90:b4:e7:ad:
5b:3f:f0:bf:1d:15:d2:1b:4b:a4:71:31:3a:cf:03:da:58:36:
17:c0:fa:23:9d:da:b6:50:5c:5b:8f:41:c0:96:e2:8b:04:60:
4c:3d:3f:5a:97:d3:7f:9a:f0:67:c3:6f:f8:e6:07:5b:bc:99:
fa:84:55:d0:aa:d5:98:4c:fa:29:fb:71:6f:c2:c7:56:cd:55:
bb:54:d6:a3:c7:f4:ff:b8:3c:31:87:0b:d9:1d:7e:16:45:2d:
53:e6:73:75:97:60:e2:3b:6a:e8:60:1c:84:c0:26:99:f6:9a:
01:2c:38:f7:76:8c:16:86:f8:2f:41:9b:c1:7b:22:62:0a:cd:
00:23:5f:af:2b:9a:3c:ce:f5:6c:fe:77:40:5f:90:1c:2f:0c:
7b:96:e5:40:41:f8:32:23:90:a9:84:78:ad:ec:a7:cb:a8:27:
eb:7a:37:1f:c4:81:25:d9:13:6f:55:2b:84:05:8f:12:be:73:
24:ba:0b:a1:74:34:03:58:f3:f1:cf:5f:4f:25:f7:a7:51:4a:
20:38:bf:55:47:59:dc:5c:2c:7c:81:78:87:bd:99:20:ae:4f:
c1:68:61:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxDC1P3ug0mDMgpehyGrbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZlNWYzZTE4OWI5ZjI1YmUzYWE1NThiNzVhYmY4YWNmMmM3ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkz03mTMjYRY/oBQXGDB81dbXlYt
FMOMhYaBwI9OsT2GxUTXAgs0bM8yrTXKcGTEuUP+cYTkxdwS1nNMa2POAI7JGg4/
hKE2Pk11ydpFUrytjtkJvGesIJB0DNDTwhj9PrnF54T3cHX9ta2hoaiHcIVoavog
EYgkOwu87BlaXqW5/cJzHACcqL7rISybQbnTKdyQBU3xy/RYCt4p4gzZHtMNQ3yr
UE5F7bOi31zL5hTYl9vq3WcE8iubEw72vKc/ojYWgMA2b5pgNOv2VcTQ0VvDIlV1
QXR0C+X4TOzAckdMtfgKdSffk8qEzhEoBxuzbH2D2WZxhFxmxy2isaPvCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIj+Xz4Ym58lvjqlWLdav4rPLH3YMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEvaVA1ZlBoaWJueVctT3FWWXQxcV9pczhzZmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9UIAwQA
wg9yAwQAwhoSAwQCwj70MA0GCSqGSIb3DQEBCwUAA4IBAQAC70RAblUieniHgo8X
XnG0gHfU3JGDhvMZY/bhCa6APZC0561bP/C/HRXSG0ukcTE6zwPaWDYXwPojndq2
UFxbj0HAluKLBGBMPT9al9N/mvBnw2/45gdbvJn6hFXQqtWYTPop+3FvwsdWzVW7
VNajx/T/uDwxhwvZHX4WRS1T5nN1l2DiO2roYByEwCaZ9poBLDj3dowWhvgvQZvB
eyJiCs0AI1+vK5o8zvVs/ndAX5AcLwx7luVAQfgyI5CphHit7KfLqCfrejcfxIEl
2RNvVSuEBY8SvnMkuguhdDQDWPPxz19PJfenUUogOL9VR1ncXCx8gXiHvZkgrk/B
aGGF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org