Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5bW5dYOVHYA7oPJ7-AxUeraBymg.roa
File: 5bW5dYOVHYA7oPJ7-AxUeraBymg.roa (raw, json)
Hash identifier: amvoieod79vZXunsQU/cAbN+78qIEB+NTMXYYPf24+U=
Subject key identifier: E5:B5:B9:75:83:95:1D:80:3B:A0:F2:7B:F8:0C:54:7A:B6:81:CA:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186BA4A5D2A47234AC4DDB720B2C22F700C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5bW5dYOVHYA7oPJ7-AxUeraBymg.roa
Signing time: Tue 07 Mar 2023 04:18:00 +0000
ROA not before: Tue 07 Mar 2023 04:18:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 194.87.205.0/24 maxlen: 24
194.87.207.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.161.0/24 maxlen: 24
194.58.46.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
193.124.205.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ba:4a:5d:2a:47:23:4a:c4:dd:b7:20:b2:c2:2f:70:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 7 04:18:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5b5b97583951d803ba0f27bf80c547ab681ca68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:4d:3f:e1:c7:5e:53:89:5b:1f:75:25:01:70:
bb:87:ae:c6:5c:4b:02:27:5f:a5:9c:16:3c:07:f3:
94:bd:06:1e:99:70:5c:42:b5:5b:52:e8:37:c0:e4:
ae:62:d9:8c:2c:a1:2e:94:e1:22:2b:1e:03:0b:27:
9b:a2:8f:7a:f6:42:14:ca:b1:21:f7:3c:5e:ee:84:
9c:b5:e4:96:0e:b7:c8:d2:a7:f8:d2:be:af:cb:e7:
33:8f:f3:56:f1:b7:b3:6d:ff:50:0f:3b:50:86:d5:
0f:c8:8b:ca:47:62:ea:45:52:a0:c5:6f:72:f1:d6:
d2:fe:0e:20:f4:c1:a1:77:f0:dd:2a:06:ef:31:eb:
ba:41:b1:bc:9a:0a:80:a4:ee:37:73:ae:56:1c:6a:
4e:db:30:97:09:be:06:71:cd:bb:34:b5:a2:63:47:
cd:11:fb:ad:ce:84:11:99:0c:49:8f:86:30:4a:69:
d9:0d:b1:93:03:9b:35:a0:17:84:cb:f0:e6:6d:e7:
93:6f:6c:c7:62:61:a8:69:d5:43:40:4d:58:df:b9:
e5:cd:cc:93:57:51:90:2a:9f:13:85:83:ac:eb:d6:
b3:ab:2c:a4:d8:35:97:ed:10:70:02:9b:46:ce:c1:
02:4c:55:59:02:cd:da:02:73:37:1c:2d:8f:6e:b9:
c6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B5:B9:75:83:95:1D:80:3B:A0:F2:7B:F8:0C:54:7A:B6:81:CA:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5bW5dYOVHYA7oPJ7-AxUeraBymg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.18.0/24
193.124.41.0/24
193.124.47.0/24
193.124.205.0/24
194.58.43.0/24
194.58.46.0/24
194.58.155.0/24
194.87.30.0/24
194.87.64.0/24
194.87.108.0/24
194.87.161.0/24
194.87.163.0/24
194.87.205.0/24
194.87.207.0/24
195.133.12.0/24
212.192.7.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e4:0a:90:52:7b:ca:35:18:a1:62:5a:7f:7c:b0:3b:55:f1:
15:2f:ee:70:ae:36:2a:c6:c9:74:45:1d:e2:cf:62:87:4c:9a:
4d:19:c5:3a:d8:bb:cc:81:35:6f:36:66:c7:a4:83:c8:08:f2:
8b:09:84:39:1f:36:ed:ae:3e:39:ec:8f:46:cd:40:8e:87:2a:
18:66:83:7d:86:41:fc:89:ab:13:70:ff:2b:53:ea:99:5f:de:
99:3c:71:f6:c8:ea:de:8c:fa:d0:46:fa:8e:65:c3:4f:ba:6a:
db:a7:ff:5c:9d:90:d3:f1:c1:f8:30:2d:13:26:46:01:3e:1b:
74:7a:ab:b8:6c:8d:8c:b4:25:44:46:ec:13:93:f0:af:3a:60:
08:4e:25:46:04:17:da:df:18:7d:7d:56:11:8b:d2:b7:32:f0:
25:24:c1:90:06:38:44:71:df:b4:b3:bf:7d:c7:b2:3c:3e:7f:
80:5e:3f:41:ef:4a:db:f4:f4:e0:81:c9:5f:87:52:02:9a:74:
f6:a0:0c:c5:e5:43:dc:7b:6d:e7:28:bc:c4:64:f6:2f:64:9f:
f4:6d:ac:c2:64:cd:63:f9:77:b8:d5:c4:05:7f:38:c1:0a:96:
c9:14:18:2e:e3:9a:59:0c:d6:5b:62:d6:1b:d5:0e:00:a5:6b:
94:18:f3:34
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYa6Sl0qRyNKxN23ILLCL3AMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA3MDQxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWI1Yjk3NTgzOTUxZDgwM2JhMGYyN2JmODBjNTQ3YWI2ODFjYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9E0/4cdeU4lbH3UlAXC7h67GXEsC
J1+lnBY8B/OUvQYemXBcQrVbUug3wOSuYtmMLKEulOEiKx4DCyeboo969kIUyrEh
9zxe7oScteSWDrfI0qf40r6vy+czj/NW8bezbf9QDztQhtUPyIvKR2LqRVKgxW9y
8dbS/g4g9MGhd/DdKgbvMeu6QbG8mgqApO43c65WHGpO2zCXCb4Gcc27NLWiY0fN
EfutzoQRmQxJj4YwSmnZDbGTA5s1oBeEy/DmbeeTb2zHYmGoadVDQE1Y37nlzcyT
V1GQKp8ThYOs69azqyyk2DWX7RBwAptGzsECTFVZAs3aAnM3HC2PbrnG6wIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOW1uXWDlR2AO6Dye/gMVHq2gcpoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNWJXNWRZT1ZIWUE3b1BKNy1BeFVlcmFCeW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAwXwSAwQA
wXwpAwQAwXwvAwQAwXzNAwQAwjorAwQAwjouAwQAwjqbAwQAwlceAwQAwldAAwQA
wldsAwQAwlehAwQAwlejAwQAwlfNAwQAwlfPAwQAw4UMAwQA1MAHAwQA1MAeMA0G
CSqGSIb3DQEBCwUAA4IBAQBf5AqQUnvKNRihYlp/fLA7VfEVL+5wrjYqxsl0RR3i
z2KHTJpNGcU62LvMgTVvNmbHpIPICPKLCYQ5Hzbtrj457I9GzUCOhyoYZoN9hkH8
iasTcP8rU+qZX96ZPHH2yOrejPrQRvqOZcNPumrbp/9cnZDT8cH4MC0TJkYBPht0
equ4bI2MtCVERuwTk/CvOmAITiVGBBfa3xh9fVYRi9K3MvAlJMGQBjhEcd+0s799
x7I8Pn+AXj9B70rb9PTggclfh1ICmnT2oAzF5UPce23nKLzEZPYvZJ/0bazCZM1j
+Xe41cQFfzjBCpbJFBgu45pZDNZbYtYb1Q4ApWuUGPM0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-ams.rpki-client.org