Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/XdRpWrYDfKD0IzjNEp8X5__bY54.roa
File: XdRpWrYDfKD0IzjNEp8X5__bY54.roa (raw, json)
Hash identifier: 1xQL2W4xg7bwicew+cAha6VvKJqH8SxSwv8IMRUr1O0=
Subject key identifier: 5D:D4:69:5A:B6:03:7C:A0:F4:23:38:CD:12:9F:17:E7:FF:DB:63:9E
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018A2CC715E6F8AD67F8F2A8B0A1907F34BA
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/XdRpWrYDfKD0IzjNEp8X5__bY54.roa
Signing time: Fri 25 Aug 2023 12:59:19 +0000
ROA not before: Fri 25 Aug 2023 12:59:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.85.78.0/24 maxlen: 24
185.85.79.0/24 maxlen: 24
91.190.168.0/24 maxlen: 24
91.190.169.0/24 maxlen: 24
91.190.171.0/24 maxlen: 24
91.190.172.0/24 maxlen: 24
91.190.173.0/24 maxlen: 24
91.190.174.0/24 maxlen: 24
91.190.175.0/24 maxlen: 24
5.63.24.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:c7:15:e6:f8:ad:67:f8:f2:a8:b0:a1:90:7f:34:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Aug 25 12:59:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dd4695ab6037ca0f42338cd129f17e7ffdb639e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a2:e3:92:91:e2:8f:3d:98:96:3f:ff:63:bb:
dc:c5:e3:58:36:36:b3:bf:02:91:70:4e:e5:a8:8a:
ea:c2:51:28:95:d1:cb:85:cd:87:00:fe:ee:1f:87:
70:7e:6b:c9:9c:7a:bc:fb:e8:99:88:0a:e5:70:ff:
7a:6b:ea:d1:8b:6f:c3:c6:be:14:7a:a8:03:1c:fc:
f3:ab:a9:5a:98:9d:2c:21:4e:02:49:84:74:ea:82:
7b:1d:b4:fe:9a:1c:11:39:3d:7b:17:3a:01:67:67:
e9:7c:ee:c5:e0:ce:92:3b:b3:e2:33:f4:c0:17:c0:
9e:a4:6e:0c:f9:2a:97:4c:45:9c:9f:63:91:33:10:
6f:47:33:a7:c0:60:9a:e8:05:f8:46:3c:e4:89:15:
57:25:82:c3:51:2b:ce:bc:ec:4b:d4:b6:4c:6b:6b:
a2:dc:28:f1:f4:d2:98:9b:9e:3b:40:33:3a:f7:f5:
70:da:df:5d:90:6b:ef:53:9c:57:52:08:40:dc:09:
8b:4f:56:f1:38:26:b6:56:f5:7d:a8:c2:32:9b:70:
e8:77:0f:09:10:ee:e1:80:95:1a:67:b4:8f:ca:b6:
6f:8c:87:0e:29:74:5e:95:da:2e:fd:2d:50:70:1d:
6a:44:97:d8:2f:72:fa:e3:ee:a3:f2:ec:55:ed:4f:
67:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D4:69:5A:B6:03:7C:A0:F4:23:38:CD:12:9F:17:E7:FF:DB:63:9E
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/XdRpWrYDfKD0IzjNEp8X5__bY54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0-5.63.28.255
91.190.168.0/23
91.190.171.0-91.190.175.255
185.85.78.0/23
Signature Algorithm: sha256WithRSAEncryption
47:8b:7a:94:2e:18:86:23:b9:78:b7:6b:52:75:50:6a:f1:dc:
9b:16:f3:71:12:b6:45:b9:ed:c5:16:07:c1:22:9f:97:7f:d9:
02:77:4a:66:28:d6:e8:4b:99:39:ea:d9:1a:bc:45:27:44:e2:
1f:a4:b3:51:43:df:ba:94:61:6d:bb:fc:a0:46:0e:2b:e4:f2:
3e:88:d7:82:60:08:4c:58:1d:69:70:16:91:8c:4d:7a:50:59:
ea:b5:24:85:04:24:3f:0b:e4:b7:36:a0:16:7d:f8:e5:c9:1d:
5b:a4:70:90:3d:71:3e:70:d3:fe:87:80:e5:2a:6e:d5:f8:a6:
ac:03:dd:a7:41:4e:74:ff:cb:58:45:35:32:7c:68:74:d1:0c:
66:f8:bc:66:16:46:d4:c0:94:21:4e:47:8c:78:16:a2:1c:37:
62:a2:82:a6:90:24:5d:c2:e9:ab:55:62:69:1c:62:52:a3:e3:
a1:80:47:4e:40:ff:d1:d7:a5:93:b5:a7:db:d4:ff:d4:a1:c7:
4e:f0:01:f0:02:3e:e5:14:c6:7a:1b:40:50:d3:16:b3:27:6c:
56:7a:30:f2:11:c4:c1:e0:54:0a:1a:70:ea:92:81:03:6a:bf:
e2:18:78:89:73:81:cb:63:b6:00:ec:42:69:d9:b8:99:78:a2:
54:6e:8f:29
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYosxxXm+K1n+PKosKGQfzS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwODI1MTI1OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ0Njk1YWI2MDM3Y2EwZjQyMzM4Y2QxMjlmMTdlN2ZmZGI2MzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaLjkpHijz2Ylj//Y7vcxeNYNjaz
vwKRcE7lqIrqwlEoldHLhc2HAP7uH4dwfmvJnHq8++iZiArlcP96a+rRi2/Dxr4U
eqgDHPzzq6lamJ0sIU4CSYR06oJ7HbT+mhwROT17FzoBZ2fpfO7F4M6SO7PiM/TA
F8CepG4M+SqXTEWcn2ORMxBvRzOnwGCa6AX4RjzkiRVXJYLDUSvOvOxL1LZMa2ui
3Cjx9NKYm547QDM69/Vw2t9dkGvvU5xXUghA3AmLT1bxOCa2VvV9qMIym3Dodw8J
EO7hgJUaZ7SPyrZvjIcOKXReldou/S1QcB1qRJfYL3L64+6j8uxV7U9nhwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF3UaVq2A3yg9CM4zRKfF+f/22OeMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvWGRScFdyWURmS0QwSXpqTkVwOFg1X19iWTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAMFPxgD
BAAFPxwDBAFbvqgwDAMEAFu+qwMEBFu+oAMEAblVTjANBgkqhkiG9w0BAQsFAAOC
AQEAR4t6lC4YhiO5eLdrUnVQavHcmxbzcRK2RbntxRYHwSKfl3/ZAndKZijW6EuZ
OerZGrxFJ0TiH6SzUUPfupRhbbv8oEYOK+TyPojXgmAITFgdaXAWkYxNelBZ6rUk
hQQkPwvktzagFn345ckdW6RwkD1xPnDT/oeA5Spu1fimrAPdp0FOdP/LWEU1Mnxo
dNEMZvi8ZhZG1MCUIU5HjHgWohw3YqKCppAkXcLpq1ViaRxiUqPjoYBHTkD/0del
k7Wn29T/1KHHTvAB8AI+5RTGehtAUNMWsydsVnow8hHEweBUChpw6pKBA2q/4hh4
iXOBy2O2AOxCadm4mXiiVG6PKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:28 2024 by rpki-client on console-ams.rpki-client.org