Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/c5e0UnEFhWftrrBshhLS2i1VZKw.roa
File: c5e0UnEFhWftrrBshhLS2i1VZKw.roa (raw, json)
Hash identifier: 9vRKhVr3Y6fLzH9Ie4qE+8oVbvHCKS7OoMda4vIOWfs=
Subject key identifier: 73:97:B4:52:71:05:85:67:ED:AE:B0:6C:86:12:D2:DA:2D:55:64:AC
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018956EB0D48A7BDF8E426F9DCAC370B8D37
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/c5e0UnEFhWftrrBshhLS2i1VZKw.roa
Signing time: Sat 15 Jul 2023 00:19:52 +0000
ROA not before: Sat 15 Jul 2023 00:19:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 155.254.63.0/24 maxlen: 24
107.161.166.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.173.0/24 maxlen: 24
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
2a07:9942:39d6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:56:eb:0d:48:a7:bd:f8:e4:26:f9:dc:ac:37:0b:8d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 15 00:19:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7397b45271058567edaeb06c8612d2da2d5564ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:cc:a2:41:c7:0a:2c:c0:f5:c4:bb:cc:4d:
b7:2b:45:c2:a2:8e:37:26:2a:ca:9c:92:90:20:91:
73:3b:83:07:cc:70:fa:53:ed:b9:c0:f9:6c:a3:99:
21:c4:5b:27:82:45:7d:03:7f:f0:e3:0c:06:32:f5:
19:4b:24:f6:c2:05:9b:d1:a1:d3:80:30:c0:7c:c3:
47:13:69:88:b7:e6:f2:c0:5c:17:ed:93:9f:44:86:
56:e5:e9:e9:b0:29:30:74:28:0b:0c:b4:52:9c:be:
a3:d4:34:58:7d:86:87:56:ce:78:6b:8e:9b:2d:34:
26:ce:c9:b4:bb:4c:7b:3b:4e:79:4c:d5:fc:e9:d6:
0f:b8:1d:6d:cb:03:65:39:96:a6:99:45:0f:52:48:
fe:3c:09:c8:28:a1:b3:48:81:be:98:c7:f2:a1:0e:
4c:75:40:70:17:7c:42:21:ea:07:d1:a9:f8:59:e8:
e7:b1:6c:c7:35:c7:a7:84:85:7e:c6:fc:37:a9:c6:
fc:ae:ac:4a:c2:96:f3:70:95:89:84:e4:21:6d:fb:
f4:3f:d1:2d:f7:e3:70:3b:d7:d0:97:a0:ef:44:8b:
82:8f:48:a8:c6:0a:4a:e5:29:95:bc:34:88:9c:8f:
6e:be:4f:71:25:c0:58:40:46:a7:af:11:2d:6b:62:
82:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:97:B4:52:71:05:85:67:ED:AE:B0:6C:86:12:D2:DA:2D:55:64:AC
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/c5e0UnEFhWftrrBshhLS2i1VZKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
107.161.172.0/23
155.254.63.0/24
IPv6:
2a07:9942:39d6::/48
2a07:9944:40::/48
2a07:9945:45::/48
Signature Algorithm: sha256WithRSAEncryption
4d:99:c3:fd:b9:69:77:9a:8e:9f:74:87:06:81:d5:04:04:3d:
b2:a4:ed:ad:13:7e:bb:97:e9:a8:7e:ae:02:f2:04:a9:0f:3a:
57:65:36:62:a5:2d:c9:78:c1:5c:4a:d1:e9:36:e0:14:4b:86:
75:b9:c6:a3:74:21:62:d3:5f:bc:16:0a:5c:a5:99:0c:16:cb:
66:41:1b:6c:d1:6f:1b:ec:7c:be:65:3c:39:39:e8:8c:f5:a4:
64:f3:a1:ee:6c:40:b7:01:09:4a:02:d0:6b:be:9c:cf:a6:b9:
9d:9e:91:7e:18:b8:22:23:ab:ea:37:4e:e4:63:88:53:cf:f8:
3f:54:6c:cd:ff:b4:6f:f9:f9:c2:c8:b8:2d:57:0c:df:7f:90:
53:1f:0b:11:d3:d9:12:f9:ec:ab:94:bd:b8:f9:eb:bd:41:91:
62:fc:ea:73:5c:c7:e9:f0:f5:80:47:98:44:7f:13:f5:c2:19:
26:a0:3c:73:36:90:fc:05:f1:f7:f6:ac:25:79:6f:ca:bd:64:
fd:fe:f2:53:eb:52:b6:76:e6:1d:ed:c1:e1:3d:03:66:6b:04:
8c:b8:10:7d:0b:bb:9c:29:b0:5c:8d:33:f3:af:a1:46:2d:4e:
e4:f9:5b:67:65:99:a2:d2:9a:76:5c:1f:7f:76:a3:87:14:72:
d6:ae:b8:89
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYlW6w1Ip7345Cb53Kw3C403MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzE1MDAxOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzk3YjQ1MjcxMDU4NTY3ZWRhZWIwNmM4NjEyZDJkYTJkNTU2NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZDMokHHCizA9cS7zE23K0XCoo43
JirKnJKQIJFzO4MHzHD6U+25wPlso5khxFsngkV9A3/w4wwGMvUZSyT2wgWb0aHT
gDDAfMNHE2mIt+bywFwX7ZOfRIZW5enpsCkwdCgLDLRSnL6j1DRYfYaHVs54a46b
LTQmzsm0u0x7O055TNX86dYPuB1tywNlOZammUUPUkj+PAnIKKGzSIG+mMfyoQ5M
dUBwF3xCIeoH0an4WejnsWzHNcenhIV+xvw3qcb8rqxKwpbzcJWJhOQhbfv0P9Et
9+NwO9fQl6DvRIuCj0ioxgpK5SmVvDSInI9uvk9xJcBYQEanrxEta2KC9QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFHOXtFJxBYVn7a6wbIYS0totVWSsMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvYzVlMFVuRUZoV2Z0cnJCc2hoTFMyaTFWWkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAgBAIAATAaMAwDBABroaMD
BANroaADBAFroawDBACb/j8wIQQCAAIwGwMHACoHmUI51gMHACoHmUQAQAMHACoH
mUUARTANBgkqhkiG9w0BAQsFAAOCAQEATZnD/blpd5qOn3SHBoHVBAQ9sqTtrRN+
u5fpqH6uAvIEqQ86V2U2YqUtyXjBXErR6TbgFEuGdbnGo3QhYtNfvBYKXKWZDBbL
ZkEbbNFvG+x8vmU8OTnojPWkZPOh7mxAtwEJSgLQa76cz6a5nZ6Rfhi4IiOr6jdO
5GOIU8/4P1Rszf+0b/n5wsi4LVcM33+QUx8LEdPZEvnsq5S9uPnrvUGRYvzqc1zH
6fD1gEeYRH8T9cIZJqA8czaQ/AXx9/asJXlvyr1k/f7yU+tStnbmHe3B4T0DZmsE
jLgQfQu7nCmwXI0z86+hRi1O5PlbZ2WZotKadlwff3ajhxRy1q64iQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:16 2024 by rpki-client on console-ams.rpki-client.org