Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/st5p02ykPdCfcPbGmJadqrmg6b4.roa
File: st5p02ykPdCfcPbGmJadqrmg6b4.roa (raw, json)
Hash identifier: xm4UWMk2OyTYc9BoMU9IkCxqfi3ogWpOHZnXKPehnCM=
Subject key identifier: B2:DE:69:D3:6C:A4:3D:D0:9F:70:F6:C6:98:96:9D:AA:B9:A0:E9:BE
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0186A6AC37642DED908B51A0883CC3E82B2F
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/st5p02ykPdCfcPbGmJadqrmg6b4.roa
Signing time: Fri 03 Mar 2023 08:52:29 +0000
ROA not before: Fri 03 Mar 2023 08:52:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 188.68.0.0/23 maxlen: 32
45.67.0.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:ac:37:64:2d:ed:90:8b:51:a0:88:3c:c3:e8:2b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 3 08:52:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2de69d36ca43dd09f70f6c698969daab9a0e9be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:97:b9:cd:88:11:8f:c0:2c:a7:46:29:e4:6c:
b8:11:21:70:e5:98:f7:fc:35:72:87:64:0c:98:5b:
bc:d2:eb:2a:58:3c:d4:e7:fa:20:c1:3b:1e:8a:3a:
a7:61:b3:9c:79:28:9a:04:1d:a4:82:c2:b0:17:f8:
1f:09:54:5e:9a:ef:26:7d:87:92:e4:88:bb:77:dc:
5e:86:58:7c:92:af:6f:ac:87:f7:63:ca:36:92:99:
d0:a2:aa:c2:45:1a:a9:dd:3e:18:9a:9e:be:5e:21:
7c:7d:90:c2:3d:e1:39:d4:bd:e2:ba:32:a9:54:d8:
81:89:5c:e6:5b:09:54:6f:8e:f5:57:fb:a9:47:98:
c0:15:6c:d8:82:05:43:76:d1:0b:89:5f:42:d4:f5:
cd:c1:44:15:7f:e0:90:ce:16:3a:af:bc:f4:24:a4:
d1:5b:b6:06:c0:26:ca:1d:b5:cf:8c:a0:21:76:84:
a8:fe:b3:29:bb:17:1f:eb:23:7b:a0:2d:f6:74:56:
81:51:86:67:13:5f:65:f2:a3:bf:21:b9:88:06:5f:
9e:9f:93:13:34:9d:45:d2:42:71:c7:a7:86:fa:0d:
e9:f9:9d:b9:0d:68:89:16:26:e5:89:0d:e8:6a:92:
20:84:6b:61:53:4f:9a:9c:5d:97:a5:80:23:7c:c8:
a6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DE:69:D3:6C:A4:3D:D0:9F:70:F6:C6:98:96:9D:AA:B9:A0:E9:BE
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/st5p02ykPdCfcPbGmJadqrmg6b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.0.0/22
188.68.0.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:f1:f1:2d:71:c7:96:1b:2a:61:6c:b3:69:7f:b5:be:cc:0e:
c7:ae:0b:92:0b:a6:1d:8f:e2:8d:f6:dc:02:a9:3e:5a:16:d9:
fa:aa:ce:ea:f7:c1:03:07:5a:e4:0d:74:d6:e6:ee:27:d3:3f:
75:70:cc:91:85:77:7b:64:65:4a:06:d5:1a:82:59:05:26:82:
c4:86:77:34:16:9f:05:35:82:13:dc:20:e5:01:3e:fe:40:9d:
a2:20:34:88:fc:62:48:03:a0:6f:b6:93:a3:97:92:40:6c:f5:
a1:c1:a1:5d:0e:0b:5b:c6:47:8b:0f:0e:c6:f6:4f:a5:59:4c:
9f:75:00:bc:b1:65:ad:4f:f8:f8:52:77:91:83:a6:50:00:81:
f6:45:dd:7e:68:c7:4b:59:20:ff:70:de:0e:b5:89:e1:67:f2:
7f:63:22:19:25:71:20:f9:ff:f5:05:a5:46:8b:ac:b3:a1:1f:
25:47:a9:12:14:c3:3a:7a:72:fd:77:6b:8d:5a:7e:4b:c2:80:
9c:e5:f9:1a:f8:a7:91:25:ce:25:16:71:95:d9:56:78:a6:f0:
3a:9c:dc:55:59:13:bb:37:e2:fa:b0:6e:9a:35:f0:f3:66:e4:
c2:b7:bf:01:e9:54:7a:8b:81:46:98:dd:f9:09:d2:b3:6d:75:
bf:4f:db:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYamrDdkLe2Qi1GgiDzD6CsvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMzAzMDg1MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRlNjlkMzZjYTQzZGQwOWY3MGY2YzY5ODk2OWRhYWI5YTBlOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJe5zYgRj8Asp0Yp5Gy4ESFw5Zj3
/DVyh2QMmFu80usqWDzU5/ogwTseijqnYbOceSiaBB2kgsKwF/gfCVRemu8mfYeS
5Ii7d9xehlh8kq9vrIf3Y8o2kpnQoqrCRRqp3T4Ymp6+XiF8fZDCPeE51L3iujKp
VNiBiVzmWwlUb471V/upR5jAFWzYggVDdtELiV9C1PXNwUQVf+CQzhY6r7z0JKTR
W7YGwCbKHbXPjKAhdoSo/rMpuxcf6yN7oC32dFaBUYZnE19l8qO/IbmIBl+en5MT
NJ1F0kJxx6eG+g3p+Z25DWiJFibliQ3oapIghGthU0+anF2XpYAjfMimcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLeadNspD3Qn3D2xpiWnaq5oOm+MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvc3Q1cDAyeWtQZENmY1BiR21KYWRxcm1nNmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUMAAwQB
vEQAMA0GCSqGSIb3DQEBCwUAA4IBAQC78fEtcceWGyphbLNpf7W+zA7HrguSC6Yd
j+KN9twCqT5aFtn6qs7q98EDB1rkDXTW5u4n0z91cMyRhXd7ZGVKBtUaglkFJoLE
hnc0Fp8FNYIT3CDlAT7+QJ2iIDSI/GJIA6BvtpOjl5JAbPWhwaFdDgtbxkeLDw7G
9k+lWUyfdQC8sWWtT/j4UneRg6ZQAIH2Rd1+aMdLWSD/cN4OtYnhZ/J/YyIZJXEg
+f/1BaVGi6yzoR8lR6kSFMM6enL9d2uNWn5LwoCc5fka+KeRJc4lFnGV2VZ4pvA6
nNxVWRO7N+L6sG6aNfDzZuTCt78B6VR6i4FGmN35CdKzbXW/T9u0
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:31:03 2024 by rpki-client on console-ams.rpki-client.org