Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/m5NUf4aLym4UlVG2aa3TVb5__2w.roa
File: m5NUf4aLym4UlVG2aa3TVb5__2w.roa (raw, json)
Hash identifier: YDQcahqbHPJa3Qvu6M0rKy9JpX1hfJ6cmmdeCzg5RX0=
Subject key identifier: 9B:93:54:7F:86:8B:CA:6E:14:95:51:B6:69:AD:D3:55:BE:7F:FF:6C
Certificate issuer: /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Certificate serial: 01856F9DC208231164E400840FA0BE7BE64A
Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/m5NUf4aLym4UlVG2aa3TVb5__2w.roa
Signing time: Sun 01 Jan 2023 23:14:47 +0000
ROA not before: Sun 01 Jan 2023 23:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25400
IP address blocks: 185.197.211.0/24 maxlen: 24
2a0c:1bc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c2:08:23:11:64:e4:00:84:0f:a0:be:7b:e6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Validity
Not Before: Jan 1 23:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b93547f868bca6e149551b669add355be7fff6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0f:c1:06:61:b4:61:b9:ee:66:d4:1f:2d:ed:
49:2e:fc:af:8a:ca:f8:cc:3d:05:18:42:b4:fc:7e:
ac:e9:75:e8:ee:7e:2d:2a:1f:72:18:46:ff:ce:37:
cc:fb:e5:6d:ba:6f:8e:ab:45:c1:8b:cc:68:bc:fa:
f5:a0:32:ff:a6:b3:9e:22:0f:48:a8:04:6b:8c:3f:
60:61:04:d4:59:ef:d3:a7:0c:2f:37:9c:b5:80:13:
34:a0:a0:f8:52:16:c9:52:65:6f:08:ac:46:86:e0:
26:e9:17:96:84:da:02:72:2c:9f:c2:40:59:17:a2:
25:20:af:6c:73:db:8f:d4:ef:6e:12:32:42:8d:c9:
98:84:93:e8:6b:08:ec:2d:5e:61:7c:d6:1a:a7:3f:
b5:f7:c5:23:37:67:51:19:a3:25:fc:57:aa:38:7b:
26:c6:bf:87:a5:79:b8:dd:af:d3:59:e8:8b:00:19:
1e:1a:3e:7f:d6:8e:2f:84:03:d6:94:07:87:03:3f:
80:bb:be:ee:9f:fd:92:5b:09:ea:20:ba:63:ac:22:
b4:9c:47:86:5b:93:77:33:c2:54:77:eb:11:6c:ce:
68:ee:54:1f:cb:34:6c:c1:66:9f:f4:9b:76:f3:3c:
c5:39:c7:cb:31:fb:21:73:fd:67:40:32:46:41:28:
36:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:93:54:7F:86:8B:CA:6E:14:95:51:B6:69:AD:D3:55:BE:7F:FF:6C
X509v3 Authority Key Identifier:
keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/m5NUf4aLym4UlVG2aa3TVb5__2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.211.0/24
IPv6:
2a0c:1bc0::/32
Signature Algorithm: sha256WithRSAEncryption
42:20:63:3f:9a:b9:78:9c:5c:70:67:d0:12:22:dc:03:a2:e4:
63:f0:ae:d4:6b:97:b9:67:80:69:ee:cc:1e:91:7b:3a:3f:d9:
31:5c:ac:ce:87:78:8f:77:0d:42:a4:a7:9d:72:c8:66:b0:dd:
37:1e:55:c4:b4:7e:de:9c:ba:a3:21:96:a8:6f:f0:b2:f4:af:
12:65:35:30:e4:e2:42:7e:1c:f1:4e:7d:56:1c:8c:59:6d:d4:
a9:7e:db:7e:f3:ba:23:c8:db:4c:60:c3:27:f3:d7:17:33:b4:
5f:fa:33:d3:67:79:49:42:23:25:28:fe:74:5c:84:ae:93:e5:
d9:c5:8b:09:fa:54:8e:79:b9:d9:3d:de:9c:a9:92:60:94:25:
45:61:b0:46:bc:e1:3d:74:88:47:be:f2:03:d2:08:8e:b4:68:
65:ae:89:a1:49:79:9c:94:62:c7:eb:a6:ee:60:b1:e9:6a:e1:
bb:43:fc:19:8c:ff:1c:e4:b1:34:b4:24:e1:69:21:46:6e:03:
31:63:4c:1a:01:25:80:32:44:e9:a4:12:e3:52:64:5b:58:27:
e5:62:2c:d0:68:7a:d6:a1:5a:5b:f3:31:60:1d:52:69:4d:17:
eb:47:d9:00:05:36:34:54:81:ee:46:d4:9b:55:fb:8b:d3:cd:
ff:9c:c0:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvncIIIxFk5ACED6C+e+ZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw
NGVlM2YwHhcNMjMwMTAxMjMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjkzNTQ3Zjg2OGJjYTZlMTQ5NTUxYjY2OWFkZDM1NWJlN2ZmZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw/BBmG0YbnuZtQfLe1JLvyvisr4
zD0FGEK0/H6s6XXo7n4tKh9yGEb/zjfM++Vtum+Oq0XBi8xovPr1oDL/prOeIg9I
qARrjD9gYQTUWe/TpwwvN5y1gBM0oKD4UhbJUmVvCKxGhuAm6ReWhNoCciyfwkBZ
F6IlIK9sc9uP1O9uEjJCjcmYhJPoawjsLV5hfNYapz+198UjN2dRGaMl/FeqOHsm
xr+HpXm43a/TWeiLABkeGj5/1o4vhAPWlAeHAz+Au77un/2SWwnqILpjrCK0nEeG
W5N3M8JUd+sRbM5o7lQfyzRswWaf9Jt28zzFOcfLMfshc/1nQDJGQSg2WwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJuTVH+Gi8puFJVRtmmt01W+f/9sMB8GA1UdIwQY
MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct
OTRiZWRiNWQwMzM0LzEvbTVOVWY0YUx5bTRVbFZHMmFhM1RWYjVfXzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0
LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucXTMA0E
AgACMAcDBQAqDBvAMA0GCSqGSIb3DQEBCwUAA4IBAQBCIGM/mrl4nFxwZ9ASItwD
ouRj8K7Ua5e5Z4Bp7swekXs6P9kxXKzOh3iPdw1CpKedcshmsN03HlXEtH7enLqj
IZaob/Cy9K8SZTUw5OJCfhzxTn1WHIxZbdSpftt+87ojyNtMYMMn89cXM7Rf+jPT
Z3lJQiMlKP50XISuk+XZxYsJ+lSOebnZPd6cqZJglCVFYbBGvOE9dIhHvvID0giO
tGhlromhSXmclGLH66buYLHpauG7Q/wZjP8c5LE0tCThaSFGbgMxY0waASWAMkTp
pBLjUmRbWCflYizQaHrWoVpb8zFgHVJpTRfrR9kABTY0VIHuRtSbVfuL083/nMAa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:56 2024 by rpki-client on console-fra.rpki-client.org