Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7vdx6Om75TuGz4UysN4izGdaui8.roa
File: 7vdx6Om75TuGz4UysN4izGdaui8.roa (raw, json)
Hash identifier: VN2XakBlyAlSOJEFxVaiH76ZUFE8LoPEvTzKmUSCpJY=
Subject key identifier: EE:F7:71:E8:E9:BB:E5:3B:86:CF:85:32:B0:DE:22:CC:67:5A:BA:2F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018FCC33A5C2A1C496861D393C97C446B30D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7vdx6Om75TuGz4UysN4izGdaui8.roa
Signing time: Fri 31 May 2024 01:11:27 +0000
ROA not before: Fri 31 May 2024 01:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.8.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
103.25.86.0/23 maxlen: 24
188.214.236.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Jun 2024 01:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cc:33:a5:c2:a1:c4:96:86:1d:39:3c:97:c4:46:b3:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 31 01:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eef771e8e9bbe53b86cf8532b0de22cc675aba2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:91:94:f7:57:8c:c9:f4:01:8f:02:c8:b8:b3:
fa:2a:fb:60:72:c4:5c:6b:51:2a:74:82:81:b1:95:
9b:85:34:a6:ab:db:6e:b5:85:3c:2d:a2:0f:3b:e4:
11:12:86:63:4d:b6:f2:d7:32:da:84:39:46:33:45:
41:b9:65:e7:64:38:f4:d3:23:83:8e:ee:04:75:d2:
9c:c5:91:34:6c:3b:f4:ef:27:81:1f:7e:c7:1d:ab:
15:2e:d5:96:bf:39:c8:4d:bd:0a:3d:57:a5:a3:c4:
d0:2c:35:f7:d7:4e:fe:7b:50:dc:1a:04:fd:cd:3e:
14:d2:d9:4d:e5:9f:d9:4b:81:ac:88:18:64:fa:c1:
ac:fb:cb:41:52:d9:2c:35:f8:42:75:55:c0:69:86:
22:52:28:4c:59:65:8a:a5:13:74:73:7d:e3:ab:be:
40:3f:c4:62:d5:d6:19:74:31:ee:5b:ff:c7:66:a5:
8b:a5:6e:1a:10:fa:a6:1a:af:c2:39:0b:ef:e5:e1:
f7:38:63:9c:20:dc:e2:6b:cc:8b:0b:70:47:b2:8f:
5e:c1:9b:a0:b5:47:46:32:0b:1e:44:29:0d:c5:ff:
55:63:aa:71:92:cb:c3:40:b3:8f:e4:74:85:4a:aa:
4d:5c:39:08:d1:cd:d0:b1:fa:4b:3f:2c:ab:01:7e:
a1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F7:71:E8:E9:BB:E5:3B:86:CF:85:32:B0:DE:22:CC:67:5A:BA:2F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/7vdx6Om75TuGz4UysN4izGdaui8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.8.0/24
89.251.10.0/24
103.25.86.0/23
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
66:31:5c:d6:7a:2c:09:ea:93:d7:7c:ab:97:61:2c:d0:57:37:
db:48:e9:3a:20:26:8b:5e:40:41:9a:b9:1f:67:bc:87:a1:fb:
16:29:1e:62:8b:cc:75:ee:05:96:32:44:c9:e7:8f:19:27:0f:
55:e5:5b:b7:ad:c6:2d:48:c9:36:6b:6f:f3:85:e1:14:19:9f:
22:99:2b:78:bd:32:21:f7:27:f2:0e:c0:50:49:df:0b:84:3b:
fc:35:86:fa:bf:97:66:51:0e:3d:65:b7:27:bd:b6:d1:6e:a1:
ab:f9:a2:0c:b1:16:53:48:d9:a0:fe:1c:e9:72:97:79:12:f1:
b2:40:7b:2b:e7:dc:ab:2d:0c:22:41:e7:66:69:f2:f1:de:a5:
84:fd:24:02:a3:30:98:a9:9c:be:4f:61:83:17:3a:4b:e3:32:
34:f8:c3:24:46:d2:4a:88:bd:a9:b4:6c:6f:78:a2:ff:7c:81:
d7:90:43:37:e5:74:da:1d:46:a0:ff:71:13:91:4a:55:f6:38:
37:d7:24:de:85:1b:1c:f2:be:85:8a:d4:4f:2c:c9:8e:18:1c:
4e:b0:52:04:ad:03:28:f2:35:1a:61:33:af:b7:4f:1a:8a:7f:
66:23:d7:76:3b:f1:ca:db:44:be:e0:67:62:19:25:83:59:be:
bb:a4:64:b1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY/MM6XCocSWhh05PJfERrMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTMxMDExMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWY3NzFlOGU5YmJlNTNiODZjZjg1MzJiMGRlMjJjYzY3NWFiYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJGU91eMyfQBjwLIuLP6KvtgcsRc
a1EqdIKBsZWbhTSmq9tutYU8LaIPO+QREoZjTbby1zLahDlGM0VBuWXnZDj00yOD
ju4EddKcxZE0bDv07yeBH37HHasVLtWWvznITb0KPVelo8TQLDX3107+e1DcGgT9
zT4U0tlN5Z/ZS4GsiBhk+sGs+8tBUtksNfhCdVXAaYYiUihMWWWKpRN0c33jq75A
P8Ri1dYZdDHuW//HZqWLpW4aEPqmGq/COQvv5eH3OGOcINzia8yLC3BHso9ewZug
tUdGMgseRCkNxf9VY6pxksvDQLOP5HSFSqpNXDkI0c3QsfpLPyyrAX6hrQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFO73cejpu+U7hs+FMrDeIsxnWrovMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvN3ZkeDZPbTc1VHVHejRVeXNONGl6R2RhdWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDBSLQAwQA
UnMIAwQAWfsKAwQBZxlWAwQCvNbsAwQDvP0IAwQByoVaAwQC1a0gMA0GCSqGSIb3
DQEBCwUAA4IBAQBmMVzWeiwJ6pPXfKuXYSzQVzfbSOk6ICaLXkBBmrkfZ7yHofsW
KR5ii8x17gWWMkTJ548ZJw9V5Vu3rcYtSMk2a2/zheEUGZ8imSt4vTIh9yfyDsBQ
Sd8LhDv8NYb6v5dmUQ49ZbcnvbbRbqGr+aIMsRZTSNmg/hzpcpd5EvGyQHsr59yr
LQwiQedmafLx3qWE/SQCozCYqZy+T2GDFzpL4zI0+MMkRtJKiL2ptGxveKL/fIHX
kEM35XTaHUag/3ETkUpV9jg31yTehRsc8r6FitRPLMmOGBxOsFIErQMo8jUaYTOv
t08ain9mI9d2O/HK20S+4GdiGSWDWb67pGSx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org