Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5KwyXrmbSjas4sBy_7IbFQq32YQ.roa
File: 5KwyXrmbSjas4sBy_7IbFQq32YQ.roa (raw, json)
Hash identifier: /xT+8l5bYer5ottUxjCE081hlwbbQgTDVd8WcMm7h3M=
Subject key identifier: E4:AC:32:5E:B9:9B:4A:36:AC:E2:C0:72:FF:B2:1B:15:0A:B7:D9:84
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AEFF830FC9DC6D43D46DFBDEB2F2D2BD8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5KwyXrmbSjas4sBy_7IbFQq32YQ.roa
Signing time: Mon 02 Oct 2023 10:38:54 +0000
ROA not before: Mon 02 Oct 2023 10:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 62.76.227.0/24 maxlen: 24
194.85.250.0/24 maxlen: 24
195.133.39.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:f8:30:fc:9d:c6:d4:3d:46:df:bd:eb:2f:2d:2b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 2 10:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4ac325eb99b4a36ace2c072ffb21b150ab7d984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:7f:2a:33:a9:78:5f:7d:c8:55:67:1c:0f:
63:03:16:ee:26:a6:d9:65:8e:d1:cd:18:15:40:50:
2d:b5:2d:11:95:1f:42:a7:9f:8a:34:24:e1:1a:a1:
c2:e1:3e:db:01:a2:84:32:41:9d:c1:6a:83:b6:f1:
79:f0:f2:18:38:c8:5e:f5:2e:79:74:4b:23:1c:d3:
0d:32:c9:ac:bc:b5:b3:2d:d5:dd:20:09:9f:3c:c4:
e2:e3:dc:54:05:8c:3a:aa:51:01:f6:4f:ec:76:6e:
f9:17:8c:b2:53:76:af:64:de:8a:f3:29:6a:8f:6a:
d5:48:21:a0:62:38:9d:8a:2f:51:43:ba:fd:56:71:
5f:41:1a:22:e2:52:2e:1e:6a:3e:78:80:3d:e8:30:
6f:97:88:69:f5:04:8d:b4:d5:b4:ef:7c:d2:fb:8c:
14:09:3b:e0:15:ef:f1:bd:05:fe:e7:e8:4f:50:50:
b1:34:ce:c0:e7:6f:9e:0d:eb:8f:c3:ae:d3:87:bb:
b6:2b:a0:3b:ab:69:44:8f:47:51:70:18:60:a4:da:
45:b5:8e:5d:90:f4:dc:e1:5c:ee:18:f2:b4:f3:94:
12:1e:eb:58:38:11:79:a3:d8:1d:ba:90:a3:02:d0:
af:6b:0e:ac:ae:bd:17:fc:6d:a4:51:87:6c:90:45:
32:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AC:32:5E:B9:9B:4A:36:AC:E2:C0:72:FF:B2:1B:15:0A:B7:D9:84
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5KwyXrmbSjas4sBy_7IbFQq32YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.227.0/24
194.85.250.0/24
195.133.39.0/24
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
72:e6:ce:cf:6e:62:9d:3e:8c:d2:43:b0:9f:05:39:f5:8e:03:
f1:15:41:b7:42:38:05:4c:f6:5e:a0:c7:71:bb:0d:e2:fa:e8:
b7:d3:b8:7c:bb:67:fa:0c:12:07:ba:c3:42:95:7a:1b:8a:93:
95:2e:92:be:b5:c5:8f:3f:10:37:2b:e2:2a:1f:18:27:07:50:
42:59:2f:9c:86:6d:e2:bb:57:43:1c:27:3a:d3:65:9a:89:79:
1d:d2:2b:56:73:2e:86:c4:43:9e:8b:ee:f5:97:aa:ab:a3:be:
a3:58:cf:5c:d1:1d:b0:98:bf:e2:0c:d5:69:e8:a6:f9:30:ee:
76:bc:31:4d:27:a9:78:fd:8a:cf:9b:6d:bc:51:ea:3d:66:7d:
6c:b8:31:e2:01:30:23:ee:a5:33:b5:6b:98:0e:c5:03:cf:e2:
4d:ca:ea:32:66:45:a3:69:27:d9:ad:2a:03:e8:14:9f:2e:79:
30:2a:21:41:d0:d3:68:b2:5b:71:c0:be:13:29:f1:29:13:eb:
5c:3c:b5:53:81:11:07:76:4a:c9:cf:01:08:08:22:54:57:f3:
97:f6:d8:65:66:38:40:2a:b1:61:25:53:96:37:53:f3:3f:e2:
5e:41:2e:a7:6c:9f:11:30:fa:ff:87:e6:79:4f:10:7a:cc:82:
47:32:b6:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrv+DD8ncbUPUbfvesvLSvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDAyMTAzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFjMzI1ZWI5OWI0YTM2YWNlMmMwNzJmZmIyMWIxNTBhYjdkOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPJ/KjOpeF99yFVnHA9jAxbuJqbZ
ZY7RzRgVQFAttS0RlR9Cp5+KNCThGqHC4T7bAaKEMkGdwWqDtvF58PIYOMhe9S55
dEsjHNMNMsmsvLWzLdXdIAmfPMTi49xUBYw6qlEB9k/sdm75F4yyU3avZN6K8ylq
j2rVSCGgYjidii9RQ7r9VnFfQRoi4lIuHmo+eIA96DBvl4hp9QSNtNW073zS+4wU
CTvgFe/xvQX+5+hPUFCxNM7A52+eDeuPw67Th7u2K6A7q2lEj0dRcBhgpNpFtY5d
kPTc4VzuGPK085QSHutYOBF5o9gdupCjAtCvaw6srr0X/G2kUYdskEUynwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOSsMl65m0o2rOLAcv+yGxUKt9mEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNUt3eVhybWJTamFzNHNCeV83SWJGUXEzMllRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkzjAwQA
wlX6AwQAw4UnAwQA1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQBy5s7PbmKdPozSQ7Cf
BTn1jgPxFUG3QjgFTPZeoMdxuw3i+ui307h8u2f6DBIHusNClXobipOVLpK+tcWP
PxA3K+IqHxgnB1BCWS+chm3iu1dDHCc602WaiXkd0itWcy6GxEOei+71l6qro76j
WM9c0R2wmL/iDNVp6Kb5MO52vDFNJ6l4/YrPm228Ueo9Zn1suDHiATAj7qUztWuY
DsUDz+JNyuoyZkWjaSfZrSoD6BSfLnkwKiFB0NNosltxwL4TKfEpE+tcPLVTgREH
dkrJzwEICCJUV/OX9thlZjhAKrFhJVOWN1PzP+JeQS6nbJ8RMPr/h+Z5TxB6zIJH
Mrb3
-----END CERTIFICATE-----
Generated at Tue Oct 24 14:10:45 2023 by rpki-client on console-ams.rpki-client.org