Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/mIyrlge7Qgh6tMcGesLQGJdWLck.roa
File: mIyrlge7Qgh6tMcGesLQGJdWLck.roa (raw, json)
Hash identifier: jQTYhiusdX94bQVNXCzUNX7ZWbeECSwMjogo5kYX/Vw=
Subject key identifier: 98:8C:AB:96:07:BB:42:08:7A:B4:C7:06:7A:C2:D0:18:97:56:2D:C9
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018572D5BE1FBE579537509FC5CCEDFDC23F
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/mIyrlge7Qgh6tMcGesLQGJdWLck.roa
Signing time: Mon 02 Jan 2023 14:14:48 +0000
ROA not before: Mon 02 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31688
IP address blocks: 185.85.76.0/22 maxlen: 22
185.85.76.0/23 maxlen: 23
185.85.78.0/24 maxlen: 24
5.63.24.0/21 maxlen: 21
91.190.168.0/21 maxlen: 21
5.63.31.0/24 maxlen: 24
2a02:798::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:be:1f:be:57:95:37:50:9f:c5:cc:ed:fd:c2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 2 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=988cab9607bb42087ab4c7067ac2d01897562dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d9:c9:0c:9d:33:4a:35:7a:8b:6d:6a:7b:e3:
bc:81:0c:d8:c7:bc:57:c6:aa:a4:47:bd:db:eb:7a:
fd:4d:cd:e4:91:9a:ca:42:e5:6d:ce:9e:f7:90:3c:
dc:de:bd:57:a8:23:cf:73:d0:8a:a3:67:2b:ce:47:
f3:1f:96:bf:1d:48:38:25:31:ea:ed:ca:67:34:70:
46:67:40:c9:29:bd:c4:13:5b:f9:b0:39:b5:3c:d6:
d0:43:25:2e:97:a5:8d:2e:a0:39:5c:2e:54:11:ad:
dc:86:5e:af:d7:32:47:f3:0e:2f:63:70:4a:9e:58:
d4:67:ac:27:7a:3c:0a:6f:7d:4c:76:be:52:f1:e3:
93:c5:f4:f8:ae:1b:56:a2:40:14:00:c8:a8:6b:7d:
0a:25:95:54:a8:7b:db:60:3b:92:45:dc:56:9b:38:
a8:79:2f:9e:9d:2a:e3:e0:28:d8:74:67:1d:e4:37:
9c:4b:dc:7c:8f:5e:98:61:0c:c8:38:a5:e3:e7:7e:
18:d9:09:64:75:93:a1:22:df:6b:b1:14:a5:35:4c:
d8:49:06:8d:00:8c:04:1d:fc:ac:bf:bd:0d:19:20:
0c:23:87:ec:c2:48:e2:f3:f8:03:44:fc:b5:42:bc:
4d:db:36:00:5a:b4:fd:9e:81:31:57:b4:21:ea:33:
f9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8C:AB:96:07:BB:42:08:7A:B4:C7:06:7A:C2:D0:18:97:56:2D:C9
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/mIyrlge7Qgh6tMcGesLQGJdWLck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
85:8f:ae:68:da:f9:02:f9:99:bf:c8:59:c0:a5:92:ad:99:3a:
bf:dc:35:1b:12:0b:d5:31:ee:a0:b6:a1:84:82:24:de:b2:4d:
19:b6:91:af:20:95:e6:b1:72:fa:b4:8b:ff:42:a8:6b:14:c6:
4e:a7:0b:0c:d7:4f:e3:8a:32:17:a9:89:20:79:73:5d:30:8a:
25:73:26:31:eb:ec:d8:02:25:41:33:fe:54:6d:91:64:5d:4d:
ef:ef:cc:7c:05:d2:49:63:d8:00:64:22:1c:29:50:76:00:c2:
8a:2d:92:74:8e:d0:72:0d:da:a7:f7:07:ee:ad:6a:bf:3c:7d:
ae:6c:3d:21:79:d4:64:4e:cd:3e:0b:be:0e:ea:8b:f1:72:59:
c1:9a:47:1e:b9:ff:88:12:07:89:aa:37:a4:7a:7d:18:99:ce:
e0:d0:ae:16:9f:a3:7d:e2:bf:bd:68:00:90:26:92:3c:b6:9c:
f2:e6:6c:9b:7b:a5:9e:4c:8c:1a:d4:47:58:68:ce:ad:14:b0:
77:89:a9:00:12:f6:61:97:dc:7a:f8:ed:40:0d:8a:02:51:ce:
1c:c5:b9:9d:f2:e0:bb:21:09:35:cf:c1:51:34:0a:46:61:91:
0d:2d:38:94:bb:01:e6:c0:a0:d4:95:f3:ec:52:23:7d:fd:23:
27:bc:e1:8c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy1b4fvleVN1Cfxczt/cI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwMTAyMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhjYWI5NjA3YmI0MjA4N2FiNGM3MDY3YWMyZDAxODk3NTYyZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9nJDJ0zSjV6i21qe+O8gQzYx7xX
xqqkR73b63r9Tc3kkZrKQuVtzp73kDzc3r1XqCPPc9CKo2crzkfzH5a/HUg4JTHq
7cpnNHBGZ0DJKb3EE1v5sDm1PNbQQyUul6WNLqA5XC5UEa3chl6v1zJH8w4vY3BK
nljUZ6wnejwKb31Mdr5S8eOTxfT4rhtWokAUAMioa30KJZVUqHvbYDuSRdxWmzio
eS+enSrj4CjYdGcd5DecS9x8j16YYQzIOKXj534Y2QlkdZOhIt9rsRSlNUzYSQaN
AIwEHfysv70NGSAMI4fswkji8/gDRPy1QrxN2zYAWrT9noExV7Qh6jP5QQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJiMq5YHu0IIerTHBnrC0BiXVi3JMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvbUl5cmxnZTdRZ2g2dE1jR2VzTFFHSmRXTGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD
W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQCFj65o
2vkC+Zm/yFnApZKtmTq/3DUbEgvVMe6gtqGEgiTesk0ZtpGvIJXmsXL6tIv/Qqhr
FMZOpwsM10/jijIXqYkgeXNdMIolcyYx6+zYAiVBM/5UbZFkXU3v78x8BdJJY9gA
ZCIcKVB2AMKKLZJ0jtByDdqn9wfurWq/PH2ubD0hedRkTs0+C74O6ovxclnBmkce
uf+IEgeJqjeken0Ymc7g0K4Wn6N94r+9aACQJpI8tpzy5mybe6WeTIwa1EdYaM6t
FLB3iakAEvZhl9x6+O1ADYoCUc4cxbmd8uC7IQk1z8FRNApGYZENLTiUuwHmwKDU
lfPsUiN9/SMnvOGM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:53 2024 by rpki-client on console-fra.rpki-client.org