Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/5pD2XfVMbXkZCruvhyhG38k-P0g.roa
File: 5pD2XfVMbXkZCruvhyhG38k-P0g.roa (raw, json)
Hash identifier: o4CrkFcEWqLoB6vKq4EQMavCn7KS81MyCe/PmRuLU+4=
Subject key identifier: E6:90:F6:5D:F5:4C:6D:79:19:0A:BB:AF:87:28:46:DF:C9:3E:3F:48
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 01862AC0E3191792F11F8D68265DB261A880
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/5pD2XfVMbXkZCruvhyhG38k-P0g.roa
Signing time: Tue 07 Feb 2023 07:22:09 +0000
ROA not before: Tue 07 Feb 2023 07:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203217
IP address blocks: 144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.216.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
93.180.217.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
195.133.220.0/23 maxlen: 23
185.20.198.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.196.0/23 maxlen: 23
185.20.197.0/24 maxlen: 24
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 07 Feb 2023 08:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2a:c0:e3:19:17:92:f1:1f:8d:68:26:5d:b2:61:a8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Feb 7 07:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e690f65df54c6d79190abbaf872846dfc93e3f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:52:e4:40:eb:f2:d2:8a:cf:fe:63:ee:bd:9d:
0b:8c:25:91:ed:08:6e:46:a3:3d:a4:60:69:66:b4:
35:19:da:e6:c7:30:21:01:ef:2d:26:7c:90:32:66:
c4:25:22:05:78:a5:6d:a7:80:c7:cb:89:40:22:fa:
d7:d3:e6:24:5a:59:bb:c2:c7:14:14:fd:f2:f9:f4:
f9:14:38:15:21:9f:4f:42:7a:57:41:f4:4d:fa:24:
62:41:e4:9e:26:b3:c5:e8:ee:1d:fb:d7:eb:aa:00:
c1:30:a1:25:99:38:3c:a5:72:2b:06:0f:81:b2:df:
5c:97:ba:58:32:f9:91:e3:a6:fa:58:33:d0:6f:9f:
71:70:51:3d:00:05:bb:0e:45:f8:67:f9:26:2d:8e:
68:c1:46:26:81:42:e6:1b:5d:bc:98:f2:db:1d:60:
1d:4a:d1:d5:90:b1:98:61:6b:f6:f5:c8:55:7e:3e:
4e:14:3e:7f:36:a0:3c:ca:ba:cf:6a:b9:36:82:c3:
89:93:d2:e7:e1:8a:81:d0:75:ce:a2:3a:92:ed:42:
17:4a:a9:5a:b8:a0:32:e2:89:f3:0d:d6:d2:70:59:
c3:db:0a:4d:31:77:3d:3e:6f:ac:59:50:fa:fd:86:
3a:a8:8d:34:a8:d0:f7:fe:ea:37:69:c0:90:6a:c0:
4b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:90:F6:5D:F5:4C:6D:79:19:0A:BB:AF:87:28:46:DF:C9:3E:3F:48
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/5pD2XfVMbXkZCruvhyhG38k-P0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.13.0/24
185.254.15.0/24
195.133.220.0/22
IPv6:
2a0b:1880::/47
Signature Algorithm: sha256WithRSAEncryption
4e:12:07:31:c8:a3:c5:ae:97:f2:6a:a6:f6:62:f1:d9:ac:20:
df:60:75:b0:57:37:02:1d:04:d2:ef:fd:59:31:c6:84:e2:b7:
63:99:36:09:99:99:72:ce:a3:7c:29:29:c3:26:1c:a5:7c:80:
89:f8:80:c3:2e:4d:f0:10:57:28:28:24:8f:8c:98:f7:3c:0a:
68:d4:78:d6:0b:ac:0f:67:06:02:8c:95:34:f9:9a:6f:44:cb:
cc:e1:59:5b:d0:6d:7f:d5:40:e2:51:c9:e8:db:f8:74:3d:b1:
fa:4e:1d:52:89:a3:d0:a4:85:7d:17:1e:a8:5a:03:58:75:c6:
df:82:37:2e:d1:84:0a:7c:db:df:20:20:97:a6:0b:bd:3d:91:
d4:d1:90:ec:37:51:bc:38:3e:e8:ce:08:de:d7:c4:2e:b4:f3:
f6:f1:39:47:96:37:e5:f2:4a:3a:d9:02:43:0e:8d:4f:66:58:
1c:df:16:46:b8:41:93:8c:a5:0a:d5:89:37:ed:92:0a:6e:ac:
47:d5:c5:dd:76:0f:c3:7b:44:2d:73:37:29:de:30:16:22:70:
93:0b:05:13:fb:64:2c:2e:a3:0f:a1:af:13:67:40:b6:b4:74:
73:95:e2:8d:94:80:d6:b8:b0:ca:e9:40:23:47:f0:03:3a:10:
bf:6e:a7:46
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYYqwOMZF5LxH41oJl2yYaiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjMwMjA3MDcyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjkwZjY1ZGY1NGM2ZDc5MTkwYWJiYWY4NzI4NDZkZmM5M2UzZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1LkQOvy0orP/mPuvZ0LjCWR7Qhu
RqM9pGBpZrQ1GdrmxzAhAe8tJnyQMmbEJSIFeKVtp4DHy4lAIvrX0+YkWlm7wscU
FP3y+fT5FDgVIZ9PQnpXQfRN+iRiQeSeJrPF6O4d+9frqgDBMKElmTg8pXIrBg+B
st9cl7pYMvmR46b6WDPQb59xcFE9AAW7DkX4Z/kmLY5owUYmgULmG128mPLbHWAd
StHVkLGYYWv29chVfj5OFD5/NqA8yrrPark2gsOJk9Ln4YqB0HXOojqS7UIXSqla
uKAy4onzDdbScFnD2wpNMXc9Pm+sWVD6/YY6qI00qND3/uo3acCQasBLywIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOaQ9l31TG15GQq7r4coRt/JPj9IMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvNXBEMlhmVk1iWGtaQ3J1dmh5aEczOGstUDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4AwQAuf4NAwQAuf4PAwQCw4XcMA8EAgACMAkDBwEqCxiA
AAAwDQYJKoZIhvcNAQELBQADggEBAE4SBzHIo8Wul/JqpvZi8dmsIN9gdbBXNwId
BNLv/VkxxoTit2OZNgmZmXLOo3wpKcMmHKV8gIn4gMMuTfAQVygoJI+MmPc8CmjU
eNYLrA9nBgKMlTT5mm9Ey8zhWVvQbX/VQOJRyejb+HQ9sfpOHVKJo9CkhX0XHqha
A1h1xt+CNy7RhAp8298gIJemC709kdTRkOw3Ubw4PujOCN7XxC608/bxOUeWN+Xy
SjrZAkMOjU9mWBzfFka4QZOMpQrViTftkgpurEfVxd12D8N7RC1zNyneMBYicJML
BRP7ZCwuow+hrxNnQLa0dHOV4o2UgNa4sMrpQCNH8AM6EL9up0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:50 2024 by rpki-client on console-fra.rpki-client.org