Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/6B51lmFk-El7HPs-r8_nxQN1uPc.roa
File: 6B51lmFk-El7HPs-r8_nxQN1uPc.roa (raw, json)
Hash identifier: PGvKHfBnsm4CUC7lkM17kVxvV9wlHDLRyp6iCHDyB3A=
Subject key identifier: E8:1E:75:96:61:64:F8:49:7B:1C:FB:3E:AF:CF:E7:C5:03:75:B8:F7
Certificate issuer: /CN=133cd7c1a9c79c82eee5c86a423c17c1d63c3413
Certificate serial: 018572D5BD0A04C2BC51BA66E94EC2360C2F
Authority key identifier: 13:3C:D7:C1:A9:C7:9C:82:EE:E5:C8:6A:42:3C:17:C1:D6:3C:34:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzzXwanHnILu5chqQjwXwdY8NBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/6B51lmFk-El7HPs-r8_nxQN1uPc.roa
Signing time: Mon 02 Jan 2023 14:14:48 +0000
ROA not before: Mon 02 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 185.5.44.0/24 maxlen: 24
185.5.46.0/24 maxlen: 24
185.5.47.0/24 maxlen: 24
2a02:7ac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:bd:0a:04:c2:bc:51:ba:66:e9:4e:c2:36:0c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133cd7c1a9c79c82eee5c86a423c17c1d63c3413
Validity
Not Before: Jan 2 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e81e75966164f8497b1cfb3eafcfe7c50375b8f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:6d:59:f1:bd:ec:89:50:8e:31:fd:a6:c7:
56:8b:d7:b2:f4:9d:63:84:c1:70:ed:94:e9:aa:ec:
66:75:9f:35:25:64:ce:6a:59:f4:42:34:90:8a:e8:
2e:92:1e:31:bc:b5:b4:5a:57:10:c1:fe:f7:7a:97:
56:66:fa:11:67:3e:da:76:03:eb:e0:be:c7:37:4b:
f9:08:f1:25:a3:0a:0f:f2:dd:b9:cc:9f:ac:6c:2f:
1a:4d:ff:b7:a1:c8:40:a4:bb:f9:30:31:6d:ed:ab:
c8:18:bd:cf:81:7e:61:e8:bc:b4:46:d1:0d:96:85:
08:7d:7b:07:fa:a4:3c:e6:b0:68:0d:71:6e:95:00:
1b:75:1d:84:31:d5:60:a1:18:57:df:29:27:24:6f:
ed:b2:47:85:1a:0a:cc:0f:36:b1:a3:5f:74:9a:da:
46:8d:4d:11:03:a6:92:68:15:7e:b0:d9:b5:d8:0f:
d8:63:d1:01:5f:84:7f:3b:1a:d6:ba:71:5f:f3:59:
80:41:94:0c:73:7c:2c:74:01:d9:de:3e:e7:f1:78:
f4:71:f8:63:e9:ba:7d:d7:58:cb:b4:5e:42:56:ed:
53:87:85:09:09:15:dc:53:bf:4e:3c:9f:2f:7b:a8:
cd:5a:a5:1e:16:0b:21:82:1b:b3:02:5d:f4:22:f9:
b3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1E:75:96:61:64:F8:49:7B:1C:FB:3E:AF:CF:E7:C5:03:75:B8:F7
X509v3 Authority Key Identifier:
keyid:13:3C:D7:C1:A9:C7:9C:82:EE:E5:C8:6A:42:3C:17:C1:D6:3C:34:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzzXwanHnILu5chqQjwXwdY8NBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/6B51lmFk-El7HPs-r8_nxQN1uPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/82c0a2-804b-446d-ab24-4f38c656b256/1/EzzXwanHnILu5chqQjwXwdY8NBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.44.0/24
185.5.46.0/23
IPv6:
2a02:7ac0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:b2:80:91:9c:14:ed:f1:72:3e:79:f9:d4:ea:d1:bf:d8:88:
0c:3a:8d:93:2b:2c:75:89:dd:14:a1:57:00:a8:0a:7f:7f:27:
c0:4d:1f:03:cf:a1:c6:72:72:52:fc:24:dd:0f:3c:e3:66:14:
e0:d7:88:7c:b6:82:78:4b:a0:70:6c:56:5e:e7:eb:fe:08:46:
1b:4d:90:fe:89:12:9d:15:10:5d:d8:37:76:1c:95:b8:7d:d8:
69:7b:14:d4:db:39:d4:40:55:99:d2:7e:1f:c2:19:da:44:dd:
d8:ad:97:e1:30:eb:bb:f9:f2:1e:9a:a8:f9:09:38:77:bd:8d:
98:95:8c:59:02:27:78:7c:a9:f1:2f:dc:92:73:ed:cc:6f:98:
fb:f9:26:72:56:b7:ee:b1:af:0f:7f:a0:34:86:b7:c4:cf:cf:
ee:4d:c2:55:e6:51:02:6a:ef:77:f0:22:94:5d:c3:9c:cd:b5:
07:ca:c9:b6:f7:2c:f7:d8:54:d2:9c:57:8e:5a:b3:37:9d:cf:
cc:8a:f8:97:5f:1d:11:7c:7c:59:6d:bb:79:dd:b9:2e:cf:30:
4c:6a:2a:78:1e:f0:9e:63:4c:d6:6c:3f:71:cb:ee:f7:62:de:
60:84:c0:86:7f:53:98:23:28:18:e7:79:40:51:3b:83:ec:ad:
88:94:73:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVy1b0KBMK8Ubpm6U7CNgwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzM2NkN2MxYTljNzljODJlZWU1Yzg2YTQyM2MxN2MxZDYz
YzM0MTMwHhcNMjMwMTAyMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODFlNzU5NjYxNjRmODQ5N2IxY2ZiM2VhZmNmZTdjNTAzNzViOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKxtWfG97IlQjjH9psdWi9ey9J1j
hMFw7ZTpquxmdZ81JWTOaln0QjSQiugukh4xvLW0WlcQwf73epdWZvoRZz7adgPr
4L7HN0v5CPElowoP8t25zJ+sbC8aTf+3ochApLv5MDFt7avIGL3PgX5h6Ly0RtEN
loUIfXsH+qQ85rBoDXFulQAbdR2EMdVgoRhX3yknJG/tskeFGgrMDzaxo190mtpG
jU0RA6aSaBV+sNm12A/YY9EBX4R/OxrWunFf81mAQZQMc3wsdAHZ3j7n8Xj0cfhj
6bp911jLtF5CVu1Th4UJCRXcU79OPJ8ve6jNWqUeFgshghuzAl30IvmzAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOgedZZhZPhJexz7Pq/P58UDdbj3MB8GA1UdIwQY
MBaAFBM818Gpx5yC7uXIakI8F8HWPDQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXp6WHdhbkhuSUx1NWNocVFqd1h3ZFk4TkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84MmMwYTItODA0Yi00NDZkLWFiMjQt
NGYzOGM2NTZiMjU2LzEvNkI1MWxtRmstRWw3SFBzLXI4X254UU4xdVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84MmMwYTItODA0Yi00NDZkLWFiMjQtNGYzOGM2NTZiMjU2
LzEvRXp6WHdhbkhuSUx1NWNocVFqd1h3ZFk4TkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQUsAwQB
uQUuMA0EAgACMAcDBQAqAnrAMA0GCSqGSIb3DQEBCwUAA4IBAQCMsoCRnBTt8XI+
efnU6tG/2IgMOo2TKyx1id0UoVcAqAp/fyfATR8Dz6HGcnJS/CTdDzzjZhTg14h8
toJ4S6BwbFZe5+v+CEYbTZD+iRKdFRBd2Dd2HJW4fdhpexTU2znUQFWZ0n4fwhna
RN3YrZfhMOu7+fIemqj5CTh3vY2YlYxZAid4fKnxL9ySc+3Mb5j7+SZyVrfusa8P
f6A0hrfEz8/uTcJV5lECau938CKUXcOczbUHysm29yz32FTSnFeOWrM3nc/MiviX
Xx0RfHxZbbt53bkuzzBMaip4HvCeY0zWbD9xy+73Yt5ghMCGf1OYIygY53lAUTuD
7K2IlHN5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:08 2024 by rpki-client on console-fra.rpki-client.org