Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/5GEGkax_ErTKoEEttxxxSDPbHPM.roa
File: 5GEGkax_ErTKoEEttxxxSDPbHPM.roa (raw, json)
Hash identifier: /w3DIvgHOp+hDzGkSPo8f36f09xSM3MOrSiktqFGzuA=
Subject key identifier: E4:61:06:91:AC:7F:12:B4:CA:A0:41:2D:B7:1C:71:48:33:DB:1C:F3
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018997FB0BAA80D5242FAD605E6312B48C72
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/5GEGkax_ErTKoEEttxxxSDPbHPM.roa
Signing time: Thu 27 Jul 2023 15:32:39 +0000
ROA not before: Thu 27 Jul 2023 15:32:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58305
IP address blocks: 198.105.124.0/23 maxlen: 24
45.43.64.0/19 maxlen: 24
45.43.66.0/23 maxlen: 24
45.43.74.0/23 maxlen: 24
45.43.76.0/22 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.116.0/23 maxlen: 24
155.254.32.0/22 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.62.0/24 maxlen: 24
107.161.160.0/24 maxlen: 24
107.161.161.0/24 maxlen: 24
107.161.162.0/24 maxlen: 24
107.161.168.0/24 maxlen: 24
107.161.169.0/24 maxlen: 24
107.161.170.0/24 maxlen: 24
107.161.171.0/24 maxlen: 24
107.181.128.0/19 maxlen: 24
107.181.138.0/23 maxlen: 24
107.181.144.0/23 maxlen: 24
162.220.240.0/24 maxlen: 24
162.220.242.0/24 maxlen: 24
162.220.240.0/21 maxlen: 24
162.220.241.0/24 maxlen: 24
113.20.156.0/22 maxlen: 24
107.161.174.0/23 maxlen: 24
162.217.250.0/24 maxlen: 24
162.217.251.0/24 maxlen: 24
2a05:9f40::/29 maxlen: 48
2a07:9944:20::/48 maxlen: 48
2a07:9942:39d7::/48 maxlen: 48
2a07:9940::/29 maxlen: 48
2a07:9944:10::/48 maxlen: 48
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:fb:0b:aa:80:d5:24:2f:ad:60:5e:63:12:b4:8c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 27 15:32:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4610691ac7f12b4caa0412db71c714833db1cf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ba:97:30:dc:12:ac:9a:a3:2d:c4:80:04:c9:
4c:d2:54:85:ab:a6:62:25:0f:b6:b8:a1:3b:7f:48:
c8:8e:80:50:04:eb:28:06:b8:90:d8:56:b1:0c:09:
ba:e6:0b:49:5a:ed:30:97:da:fb:9d:c6:62:bd:4e:
cb:67:b7:58:ce:a8:30:74:91:ee:8e:8e:f9:95:bd:
a6:91:53:8e:39:07:95:2e:05:f6:6c:70:1c:47:3a:
42:88:7e:a4:39:5a:8b:63:c9:5e:bb:8e:55:40:d1:
05:20:fd:98:9c:1c:ad:f4:19:75:c1:ce:b9:e0:05:
53:39:db:c7:0d:6e:6c:f1:6a:f7:18:8d:28:4a:03:
58:90:9e:01:39:d5:cc:f7:1d:61:d7:cb:6c:ae:5f:
bf:cd:f5:2b:8b:11:c0:27:39:75:c0:36:b4:e0:12:
52:3c:fb:7c:5d:95:95:22:68:6d:a5:da:71:e5:09:
21:6a:f6:9f:36:bc:fe:84:aa:6e:23:b6:86:7c:02:
d2:7e:67:29:b1:2c:48:b2:af:e0:8c:4d:03:9b:b8:
36:f5:ed:46:2d:e5:ce:22:90:d9:04:88:5d:af:83:
58:f2:c3:e1:74:ee:79:0d:54:d2:91:f5:4a:02:95:
f2:e3:b0:1f:ca:1f:c8:8e:aa:59:28:2d:ef:71:86:
c2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:61:06:91:AC:7F:12:B4:CA:A0:41:2D:B7:1C:71:48:33:DB:1C:F3
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/5GEGkax_ErTKoEEttxxxSDPbHPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.161.160.0-107.161.162.255
107.161.168.0/22
107.161.174.0/23
107.181.128.0/19
113.20.156.0/22
155.254.32.0/19
162.217.250.0/23
162.220.240.0/21
198.105.96.0/19
IPv6:
2a02:2ca0::/29
2a05:9f40::/29
2a07:9940::/29
Signature Algorithm: sha256WithRSAEncryption
0b:0c:b0:a8:4d:38:5d:f3:4c:44:a6:c4:fa:c9:7c:4b:27:ba:
f8:eb:ff:53:5a:fb:3f:11:f0:28:e8:84:34:63:e8:c0:e2:47:
ad:a1:ea:f7:03:1d:65:f2:26:59:0a:e1:48:c5:40:38:30:5b:
26:cb:3a:8f:fb:1a:64:f0:5b:4c:78:70:0b:48:d7:b9:f0:d6:
40:55:c9:d2:77:ea:0c:01:d5:d4:8b:41:2b:f2:d2:31:c9:6c:
ed:96:b7:0a:d1:82:56:fa:38:12:a6:8c:27:38:77:50:5e:03:
0e:cd:9d:c1:f0:c1:c2:7b:e1:e5:c6:17:de:11:e6:5e:ce:a9:
5e:6e:0a:98:9a:6d:24:c6:7f:b1:2c:3f:d4:f4:8d:61:67:5d:
7c:fb:37:b3:0b:73:e2:76:b9:85:ab:ae:46:d7:74:04:2e:23:
7b:52:91:b4:4e:f5:11:f2:b5:b3:98:04:ec:14:ab:82:1b:d0:
af:cc:a4:ad:22:c3:19:9a:58:24:f5:50:e6:32:0e:c6:21:68:
c3:37:e9:08:88:4f:4c:2a:93:bb:72:9f:52:9d:6c:13:fb:f7:
ce:72:2f:83:89:90:83:d5:3c:e2:9a:ce:e7:d0:aa:85:a7:26:
8a:56:bc:0a:92:96:82:b7:1a:8f:62:42:02:0d:1b:44:f3:79:
ce:33:4f:c6
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYmX+wuqgNUkL61gXmMStIxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzI3MTUzMjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDYxMDY5MWFjN2YxMmI0Y2FhMDQxMmRiNzFjNzE0ODMzZGIxY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLqXMNwSrJqjLcSABMlM0lSFq6Zi
JQ+2uKE7f0jIjoBQBOsoBriQ2FaxDAm65gtJWu0wl9r7ncZivU7LZ7dYzqgwdJHu
jo75lb2mkVOOOQeVLgX2bHAcRzpCiH6kOVqLY8leu45VQNEFIP2YnByt9Bl1wc65
4AVTOdvHDW5s8Wr3GI0oSgNYkJ4BOdXM9x1h18tsrl+/zfUrixHAJzl1wDa04BJS
PPt8XZWVImhtpdpx5QkhavafNrz+hKpuI7aGfALSfmcpsSxIsq/gjE0Dm7g29e1G
LeXOIpDZBIhdr4NY8sPhdO55DVTSkfVKApXy47Afyh/IjqpZKC3vcYbCsQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFORhBpGsfxK0yqBBLbcccUgz2xzzMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvNUdFR2theF9FclRLb0VFdHR4eHhTRFBiSFBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBKBAIAATBEAwQFLStAMAwD
BAVroaADBABroaIDBAJroagDBAFroa4DBAVrtYADBAJxFJwDBAWb/iADBAGi2foD
BAOi3PADBAXGaWAwGwQCAAIwFQMFAyoCLKADBQMqBZ9AAwUDKgeZQDANBgkqhkiG
9w0BAQsFAAOCAQEACwywqE04XfNMRKbE+sl8Sye6+Ov/U1r7PxHwKOiENGPowOJH
raHq9wMdZfImWQrhSMVAODBbJss6j/saZPBbTHhwC0jXufDWQFXJ0nfqDAHV1ItB
K/LSMcls7Za3CtGCVvo4EqaMJzh3UF4DDs2dwfDBwnvh5cYX3hHmXs6pXm4KmJpt
JMZ/sSw/1PSNYWddfPs3swtz4na5hauuRtd0BC4je1KRtE71EfK1s5gE7BSrghvQ
r8ykrSLDGZpYJPVQ5jIOxiFowzfpCIhPTCqTu3KfUp1sE/v3znIvg4mQg9U84prO
59Cqhacmila8CpKWgrcaj2JCAg0bRPN5zjNPxg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:08 2024 by rpki-client on console-fra.rpki-client.org