Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/5iSYGSzBEtPE-WMMT53ldtQ8sgg.roa
File: 5iSYGSzBEtPE-WMMT53ldtQ8sgg.roa (raw, json)
Hash identifier: kKbpMYCQnDXM3BVWdYSWQOCO1DqSBYavyuzYA4HDGnU=
Subject key identifier: E6:24:98:19:2C:C1:12:D3:C4:F9:63:0C:4F:9D:E5:76:D4:3C:B2:08
Certificate issuer: /CN=ccd7947ec83136ef9446316235686a9102562c44
Certificate serial: 01856DC1A10D02E944892502D42F989A4791
Authority key identifier: CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/5iSYGSzBEtPE-WMMT53ldtQ8sgg.roa
Signing time: Sun 01 Jan 2023 14:34:44 +0000
ROA not before: Sun 01 Jan 2023 14:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202617
IP address blocks: 185.159.0.0/24 maxlen: 24
185.159.1.0/24 maxlen: 24
185.159.0.0/22 maxlen: 22
185.159.2.0/24 maxlen: 24
93.113.103.0/24 maxlen: 24
93.113.109.0/24 maxlen: 24
2a07:b0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:a1:0d:02:e9:44:89:25:02:d4:2f:98:9a:47:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd7947ec83136ef9446316235686a9102562c44
Validity
Not Before: Jan 1 14:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e62498192cc112d3c4f9630c4f9de576d43cb208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:63:ed:5a:b9:94:91:c5:27:6f:03:0d:05:4f:
83:19:78:c1:16:c6:fe:b5:6e:c7:9d:26:57:ca:c5:
97:78:f7:7c:f9:f2:08:7b:ac:98:34:23:b1:1c:c2:
f7:b3:3c:d8:2d:f6:66:1a:3f:85:99:a5:69:ec:a7:
06:ae:7a:c3:ee:16:48:bb:a3:73:76:bc:d0:c5:e9:
5e:57:0c:24:5f:27:c6:53:35:ce:4f:a5:39:8b:ab:
0e:fd:c0:77:2b:63:e7:da:7a:fd:4d:31:59:3c:d3:
60:ee:78:f7:e1:2f:84:c4:fb:2b:d0:0e:82:db:34:
fd:99:4d:9a:ed:df:6b:4d:b4:33:a1:48:eb:94:b7:
1e:da:92:67:28:1a:f9:8b:62:70:77:ca:d3:89:f5:
86:1f:0d:7a:e1:9b:5b:61:74:b2:a8:0b:52:fd:c4:
c3:1b:e2:d1:33:5d:9a:ed:35:73:61:d2:8e:10:b6:
37:fb:a0:b4:d0:58:92:06:08:ee:ae:3d:2c:db:ea:
e2:f2:99:b9:95:3c:14:50:c0:3a:93:f0:21:60:f8:
76:bf:19:ba:34:08:3d:c7:2b:8b:f5:74:6b:b8:fe:
e1:9d:61:5b:88:fc:80:c3:c2:25:5a:29:2d:e8:e4:
f2:3b:c3:7e:7f:d9:60:9e:14:48:89:62:77:d0:aa:
a7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:24:98:19:2C:C1:12:D3:C4:F9:63:0C:4F:9D:E5:76:D4:3C:B2:08
X509v3 Authority Key Identifier:
keyid:CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/5iSYGSzBEtPE-WMMT53ldtQ8sgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/zNeUfsgxNu-URjFiNWhqkQJWLEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.103.0/24
93.113.109.0/24
185.159.0.0/22
IPv6:
2a07:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:9c:7d:f9:1c:ee:2a:47:e8:d4:f0:e0:7d:9f:a0:3e:06:ee:
0c:c6:80:c3:ca:61:43:30:7f:51:37:4c:56:7f:51:57:56:19:
e4:cf:49:b6:94:f7:c1:f4:d6:63:52:fd:da:f3:2d:f2:81:f1:
fa:4b:ce:80:61:2e:fb:82:bd:53:06:04:07:0a:81:04:c1:58:
89:6a:a2:d3:52:34:1f:d1:cb:be:9b:03:61:20:1a:27:33:41:
e4:fe:7e:70:ce:1a:dc:0c:9e:cb:8a:8d:da:3b:fe:fe:58:d2:
7e:c1:41:d6:67:9b:ae:52:c2:e8:bf:77:b4:4e:d1:9b:56:dc:
47:45:69:af:29:92:98:bb:2d:33:03:99:c6:b7:6a:9e:c6:22:
f1:bc:0c:91:ea:67:ff:02:4d:49:63:8c:48:00:13:ee:2c:56:
d0:26:52:0a:6a:0d:2d:a3:b2:63:53:9d:a6:2e:d9:20:c2:88:
db:72:b3:82:a4:b2:a2:20:49:85:25:f1:36:45:21:17:dc:57:
ee:dd:65:29:44:4f:be:32:14:e5:e6:1e:e1:6a:ce:0f:8b:e7:
db:ec:69:e4:7d:1d:f3:52:6e:4e:5b:91:38:b1:26:35:33:f3:
35:37:88:9f:22:79:3e:08:65:bd:9f:b0:6d:aa:30:d6:08:5d:
51:76:c5:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtwaENAulEiSUC1C+YmkeRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc5NDdlYzgzMTM2ZWY5NDQ2MzE2MjM1Njg2YTkxMDI1
NjJjNDQwHhcNMjMwMTAxMTQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjI0OTgxOTJjYzExMmQzYzRmOTYzMGM0ZjlkZTU3NmQ0M2NiMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWPtWrmUkcUnbwMNBU+DGXjBFsb+
tW7HnSZXysWXePd8+fIIe6yYNCOxHML3szzYLfZmGj+FmaVp7KcGrnrD7hZIu6Nz
drzQxeleVwwkXyfGUzXOT6U5i6sO/cB3K2Pn2nr9TTFZPNNg7nj34S+ExPsr0A6C
2zT9mU2a7d9rTbQzoUjrlLce2pJnKBr5i2Jwd8rTifWGHw164ZtbYXSyqAtS/cTD
G+LRM12a7TVzYdKOELY3+6C00FiSBgjurj0s2+ri8pm5lTwUUMA6k/AhYPh2vxm6
NAg9xyuL9XRruP7hnWFbiPyAw8IlWikt6OTyO8N+f9lgnhRIiWJ30KqnwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOYkmBkswRLTxPljDE+d5XbUPLIIMB8GA1UdIwQY
MBaAFMzXlH7IMTbvlEYxYjVoapECVixEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5lVWZzZ3hOdS1VUmpGaU5XaHFrUUpXTEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9lYWI3N2QtODMxYS00M2JjLThjYmUt
Mjg4NzY2MDYxZDk4LzEvNWlTWUdTekJFdFBFLVdNTVQ1M2xkdFE4c2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9lYWI3N2QtODMxYS00M2JjLThjYmUtMjg4NzY2MDYxZDk4
LzEvek5lVWZzZ3hOdS1VUmpGaU5XaHFrUUpXTEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXXFnAwQA
XXFtAwQCuZ8AMA0EAgACMAcDBQMqB7DAMA0GCSqGSIb3DQEBCwUAA4IBAQARnH35
HO4qR+jU8OB9n6A+Bu4MxoDDymFDMH9RN0xWf1FXVhnkz0m2lPfB9NZjUv3a8y3y
gfH6S86AYS77gr1TBgQHCoEEwViJaqLTUjQf0cu+mwNhIBonM0Hk/n5wzhrcDJ7L
io3aO/7+WNJ+wUHWZ5uuUsLov3e0TtGbVtxHRWmvKZKYuy0zA5nGt2qexiLxvAyR
6mf/Ak1JY4xIABPuLFbQJlIKag0to7JjU52mLtkgwojbcrOCpLKiIEmFJfE2RSEX
3Ffu3WUpRE++MhTl5h7has4Pi+fb7GnkfR3zUm5OW5E4sSY1M/M1N4ifInk+CGW9
n7BtqjDWCF1RdsVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:55 2024 by rpki-client on console-fra.rpki-client.org