Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/5Xxw5cnqERam2odpqZrWcrnSTxc.roa
File: 5Xxw5cnqERam2odpqZrWcrnSTxc.roa (raw, json)
Hash identifier: ZHkedBxYfiIRgftrpH+YwMSa4WpLBRGde9TTcGXqbOg=
Subject key identifier: E5:7C:70:E5:C9:EA:11:16:A6:DA:87:69:A9:9A:D6:72:B9:D2:4F:17
Certificate issuer: /CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Certificate serial: 01857139C404A023075B1593D3D43D286C01
Authority key identifier: 2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/5Xxw5cnqERam2odpqZrWcrnSTxc.roa
Signing time: Mon 02 Jan 2023 06:44:49 +0000
ROA not before: Mon 02 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202008
IP address blocks: 185.53.188.0/22 maxlen: 24
2a02:4060::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c4:04:a0:23:07:5b:15:93:d3:d4:3d:28:6c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa8202b4d0c5c111d374f1e98b73db4924d64b1
Validity
Not Before: Jan 2 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e57c70e5c9ea1116a6da8769a99ad672b9d24f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:de:aa:b0:61:91:98:be:b2:2c:3b:f4:89:26:
d1:ee:96:4b:90:58:01:5c:08:ec:d7:cd:97:a1:6d:
5c:18:ef:1e:50:39:db:64:49:4a:4f:7c:4b:ef:fe:
90:01:e9:b9:92:00:82:dc:e0:76:11:81:4a:92:a5:
16:cc:ef:c1:58:40:14:eb:8b:22:94:4f:d3:8c:cc:
7c:09:8e:ff:a8:9a:6d:6f:bd:3b:14:c5:5a:dd:43:
dd:e5:e5:b6:a2:a5:22:ce:79:36:f8:f0:20:2f:54:
9f:68:e5:66:a7:26:ac:3c:bc:43:ad:4c:05:a8:e3:
44:1d:ff:a8:16:2d:07:5f:00:9a:43:b4:58:d2:8a:
78:1d:f0:e3:93:f6:02:ab:a7:f0:5a:92:ec:c6:08:
3d:78:45:1f:1f:27:95:68:57:03:08:fb:8c:f6:52:
e0:5f:ae:59:85:30:58:c2:00:01:71:1c:75:6b:ba:
b9:88:7a:95:79:26:3d:f7:13:0a:c8:1d:b6:d6:91:
84:a3:13:77:5f:6a:a1:c2:ee:2b:fd:9c:9b:85:5a:
f5:ec:c1:78:e7:bb:a4:3c:96:b0:75:e9:98:70:ab:
9f:aa:08:f0:18:ab:0c:88:26:51:b6:e4:4e:ca:d9:
39:38:b7:4d:29:63:74:9f:b3:5d:c1:58:c1:cb:7a:
c9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:7C:70:E5:C9:EA:11:16:A6:DA:87:69:A9:9A:D6:72:B9:D2:4F:17
X509v3 Authority Key Identifier:
keyid:2A:A8:20:2B:4D:0C:5C:11:1D:37:4F:1E:98:B7:3D:B4:92:4D:64:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqggK00MXBEdN08emLc9tJJNZLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/5Xxw5cnqERam2odpqZrWcrnSTxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/27b3b3-4b22-4740-a65a-6e7bae5ff898/1/KqggK00MXBEdN08emLc9tJJNZLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.188.0/22
IPv6:
2a02:4060::/29
Signature Algorithm: sha256WithRSAEncryption
ba:ce:7c:4a:ba:b1:fe:b1:41:48:59:8c:80:99:d5:fd:60:99:
e6:e4:84:af:b3:a0:1b:89:39:f2:43:79:4c:9d:0a:05:94:ec:
a0:1b:ba:f0:86:5b:46:0e:b1:e0:92:75:45:50:43:0f:ee:12:
72:96:84:58:8b:e3:cb:f4:30:e7:07:36:59:2b:2c:39:be:0d:
06:a4:1c:8d:87:55:f2:7a:7b:7a:97:2d:8e:fc:81:08:20:b5:
f0:c7:a5:5e:b4:f8:78:80:99:12:f0:c3:1b:07:ff:ec:5b:5f:
9b:ba:0c:cc:38:24:22:b5:91:96:0e:7d:31:44:9c:df:e2:c7:
d6:6d:b8:eb:5c:7e:f2:58:d9:0a:03:b1:c3:25:c3:6a:82:ec:
db:f5:8c:4e:66:da:a9:e6:1c:43:d7:b9:e0:3d:d7:5c:25:66:
22:c6:89:2a:d8:d2:45:aa:91:70:bf:24:12:a7:4d:5b:bc:1e:
8b:57:66:a0:da:1b:ea:3f:4e:7b:df:36:68:98:c9:91:e2:62:
e6:c6:c8:f8:9d:64:e4:fa:5e:49:46:91:ae:b2:d1:c6:3a:95:
3f:0a:f3:5f:68:3f:2a:a6:1c:fe:47:5c:00:70:d3:f5:42:76:
88:1d:b8:c2:42:9c:ce:5e:01:d6:25:d3:70:e1:c4:0e:34:b8:
92:0d:a8:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxOcQEoCMHWxWT09Q9KGwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTgyMDJiNGQwYzVjMTExZDM3NGYxZTk4YjczZGI0OTI0
ZDY0YjEwHhcNMjMwMTAyMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTdjNzBlNWM5ZWExMTE2YTZkYTg3NjlhOTlhZDY3MmI5ZDI0ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot6qsGGRmL6yLDv0iSbR7pZLkFgB
XAjs182XoW1cGO8eUDnbZElKT3xL7/6QAem5kgCC3OB2EYFKkqUWzO/BWEAU64si
lE/TjMx8CY7/qJptb707FMVa3UPd5eW2oqUiznk2+PAgL1SfaOVmpyasPLxDrUwF
qONEHf+oFi0HXwCaQ7RY0op4HfDjk/YCq6fwWpLsxgg9eEUfHyeVaFcDCPuM9lLg
X65ZhTBYwgABcRx1a7q5iHqVeSY99xMKyB221pGEoxN3X2qhwu4r/ZybhVr17MF4
57ukPJawdemYcKufqgjwGKsMiCZRtuROytk5OLdNKWN0n7NdwVjBy3rJ3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOV8cOXJ6hEWptqHaama1nK50k8XMB8GA1UdIwQY
MBaAFCqoICtNDFwRHTdPHpi3PbSSTWSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEt
NmU3YmFlNWZmODk4LzEvNVh4dzVjbnFFUmFtMm9kcHFacldjcm5TVHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8yN2IzYjMtNGIyMi00NzQwLWE2NWEtNmU3YmFlNWZmODk4
LzEvS3FnZ0swME1YQkVkTjA4ZW1MYzl0SkpOWkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTW8MA0E
AgACMAcDBQMqAkBgMA0GCSqGSIb3DQEBCwUAA4IBAQC6znxKurH+sUFIWYyAmdX9
YJnm5ISvs6AbiTnyQ3lMnQoFlOygG7rwhltGDrHgknVFUEMP7hJyloRYi+PL9DDn
BzZZKyw5vg0GpByNh1Xyent6ly2O/IEIILXwx6VetPh4gJkS8MMbB//sW1+bugzM
OCQitZGWDn0xRJzf4sfWbbjrXH7yWNkKA7HDJcNqguzb9YxOZtqp5hxD17ngPddc
JWYixokq2NJFqpFwvyQSp01bvB6LV2ag2hvqP0573zZomMmR4mLmxsj4nWTk+l5J
RpGustHGOpU/CvNfaD8qphz+R1wAcNP1QnaIHbjCQpzOXgHWJdNw4cQONLiSDagv
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:14 2024 by rpki-client on console-fra.rpki-client.org