Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/59681b-ef84-4cfd-80f4-b653a6c414a0/1/hVU4usq3N32p-rOSZEI-kKI9dOk.roa
File: hVU4usq3N32p-rOSZEI-kKI9dOk.roa (raw, json)
Hash identifier: LZusrlibVcuyTvV/yVMxcE0jtOkJInT4KIPRFY/vvHg=
Subject key identifier: 85:55:38:BA:CA:B7:37:7D:A9:FA:B3:92:64:42:3E:90:A2:3D:74:E9
Certificate issuer: /CN=125bb4f41fa8a9912a0c356ccc274c75332ab244
Certificate serial: 0185703964041B5BA3F026FFB4272146CB95
Authority key identifier: 12:5B:B4:F4:1F:A8:A9:91:2A:0C:35:6C:CC:27:4C:75:33:2A:B2:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Elu09B-oqZEqDDVszCdMdTMqskQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/59681b-ef84-4cfd-80f4-b653a6c414a0/1/hVU4usq3N32p-rOSZEI-kKI9dOk.roa
Signing time: Mon 02 Jan 2023 02:04:47 +0000
ROA not before: Mon 02 Jan 2023 02:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199644
IP address blocks: 185.5.14.0/24 maxlen: 24
185.5.15.0/24 maxlen: 24
185.5.12.0/22 maxlen: 24
2a02:c740::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:64:04:1b:5b:a3:f0:26:ff:b4:27:21:46:cb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=125bb4f41fa8a9912a0c356ccc274c75332ab244
Validity
Not Before: Jan 2 02:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=855538bacab7377da9fab39264423e90a23d74e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d2:73:b7:4c:22:89:70:24:e6:93:d5:e4:a2:
8d:4d:72:10:f6:ac:ca:dd:67:ad:c3:ee:e2:94:31:
f3:7b:f3:c2:73:4a:56:32:8c:b4:89:60:82:bb:20:
88:47:a8:2a:e0:22:51:d9:f8:e7:48:c8:8b:0a:c6:
96:2e:61:f3:79:94:f7:a5:1f:ad:5e:71:72:12:cb:
4f:a4:85:a3:71:a1:63:98:5c:31:73:c3:07:16:66:
e8:f3:65:51:0b:7f:99:1b:0f:df:d3:b3:ec:c8:18:
c6:af:ed:8a:1e:6c:27:e1:e2:bf:0f:a4:a0:40:f3:
b3:47:e0:d6:9b:f8:eb:fd:88:d1:9d:f5:f3:7b:df:
67:b1:28:5e:a4:3f:da:49:bf:c2:28:dc:8d:6c:f5:
0b:0a:50:2c:0a:32:12:9c:79:96:3b:cc:4f:13:95:
cf:46:97:85:90:91:15:dd:4e:ea:cc:9d:53:51:ec:
98:24:12:ea:23:78:3e:98:09:1f:16:91:c4:7c:6c:
2a:8d:65:14:5f:7e:0d:e5:11:e4:fe:35:06:2a:4b:
ef:67:51:9f:7b:c8:50:71:67:1e:4d:17:7c:d9:fa:
3e:51:04:d2:1d:fa:2c:7d:cf:6e:e6:02:12:d0:2c:
48:db:59:20:6e:9c:48:48:3c:ff:ff:c2:22:41:61:
82:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:55:38:BA:CA:B7:37:7D:A9:FA:B3:92:64:42:3E:90:A2:3D:74:E9
X509v3 Authority Key Identifier:
keyid:12:5B:B4:F4:1F:A8:A9:91:2A:0C:35:6C:CC:27:4C:75:33:2A:B2:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Elu09B-oqZEqDDVszCdMdTMqskQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/59681b-ef84-4cfd-80f4-b653a6c414a0/1/hVU4usq3N32p-rOSZEI-kKI9dOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/59681b-ef84-4cfd-80f4-b653a6c414a0/1/Elu09B-oqZEqDDVszCdMdTMqskQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.12.0/22
IPv6:
2a02:c740::/29
Signature Algorithm: sha256WithRSAEncryption
17:6e:9e:ea:40:b4:b8:e8:54:7d:16:7b:c8:20:06:54:09:22:
99:11:e3:65:fd:fa:9d:89:d9:3b:31:87:18:6f:22:df:28:4c:
fb:7f:7e:28:2f:82:fa:a9:ae:5d:ea:b2:f7:6c:94:d3:ff:1e:
0f:bc:65:9a:bd:f5:95:d5:db:e5:e9:2f:7d:99:7b:70:b9:6c:
2c:fa:cf:d7:dc:93:5f:5f:cc:bb:e9:d7:15:64:d3:b1:ac:cd:
d2:09:1c:81:9d:e0:95:86:2c:cf:4e:9c:89:9d:d8:42:44:88:
d4:37:74:3d:9a:68:a4:93:d3:be:eb:3f:1d:3c:e8:51:08:12:
87:a5:29:56:fb:db:6e:2b:b4:dc:50:ec:70:ac:ab:d1:cc:89:
3d:a5:e7:17:cc:44:fa:44:63:7a:58:e2:a0:33:e8:4d:1b:03:
bd:a9:8b:de:c5:25:19:f5:2e:c0:08:4e:07:39:d2:ae:25:85:
53:7f:31:1a:c7:f4:3a:ce:4d:23:1c:01:b4:9c:d9:b9:31:5e:
2b:75:2e:96:40:dd:52:34:73:14:80:f6:1b:83:a9:ba:68:fe:
63:b9:ea:b8:68:e2:b0:22:ba:b2:c4:82:11:c1:33:6f:a9:ee:
77:72:bb:a6:28:5e:98:f3:de:ab:f8:df:55:3d:89:1c:15:d7:
f0:4c:d8:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwOWQEG1uj8Cb/tCchRsuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNWJiNGY0MWZhOGE5OTEyYTBjMzU2Y2NjMjc0Yzc1MzMy
YWIyNDQwHhcNMjMwMTAyMDIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU1MzhiYWNhYjczNzdkYTlmYWIzOTI2NDQyM2U5MGEyM2Q3NGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdJzt0wiiXAk5pPV5KKNTXIQ9qzK
3Wetw+7ilDHze/PCc0pWMoy0iWCCuyCIR6gq4CJR2fjnSMiLCsaWLmHzeZT3pR+t
XnFyEstPpIWjcaFjmFwxc8MHFmbo82VRC3+ZGw/f07PsyBjGr+2KHmwn4eK/D6Sg
QPOzR+DWm/jr/YjRnfXze99nsShepD/aSb/CKNyNbPULClAsCjISnHmWO8xPE5XP
RpeFkJEV3U7qzJ1TUeyYJBLqI3g+mAkfFpHEfGwqjWUUX34N5RHk/jUGKkvvZ1Gf
e8hQcWceTRd82fo+UQTSHfosfc9u5gIS0CxI21kgbpxISDz//8IiQWGCCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIVVOLrKtzd9qfqzkmRCPpCiPXTpMB8GA1UdIwQY
MBaAFBJbtPQfqKmRKgw1bMwnTHUzKrJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWx1MDlCLW9xWkVxRERWc3pDZE1kVE1xc2tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81OTY4MWItZWY4NC00Y2ZkLTgwZjQt
YjY1M2E2YzQxNGEwLzEvaFZVNHVzcTNOMzJwLXJPU1pFSS1rS0k5ZE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81OTY4MWItZWY4NC00Y2ZkLTgwZjQtYjY1M2E2YzQxNGEw
LzEvRWx1MDlCLW9xWkVxRERWc3pDZE1kVE1xc2tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQUMMA0E
AgACMAcDBQMqAsdAMA0GCSqGSIb3DQEBCwUAA4IBAQAXbp7qQLS46FR9FnvIIAZU
CSKZEeNl/fqdidk7MYcYbyLfKEz7f34oL4L6qa5d6rL3bJTT/x4PvGWavfWV1dvl
6S99mXtwuWws+s/X3JNfX8y76dcVZNOxrM3SCRyBneCVhizPTpyJndhCRIjUN3Q9
mmikk9O+6z8dPOhRCBKHpSlW+9tuK7TcUOxwrKvRzIk9pecXzET6RGN6WOKgM+hN
GwO9qYvexSUZ9S7ACE4HOdKuJYVTfzEax/Q6zk0jHAG0nNm5MV4rdS6WQN1SNHMU
gPYbg6m6aP5jueq4aOKwIrqyxIIRwTNvqe53crumKF6Y896r+N9VPYkcFdfwTNhC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:37 2024 by rpki-client on console-ams.rpki-client.org