Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pb5-oDOLXxMOSPkUiNjsV9h1lik.roa
File: pb5-oDOLXxMOSPkUiNjsV9h1lik.roa (raw, json)
Hash identifier: mDi0rzS04LlIxvMPNmwKyOVcSUsYs0FJm3f0rX/9Pr8=
Subject key identifier: A5:BE:7E:A0:33:8B:5F:13:0E:48:F9:14:88:D8:EC:57:D8:75:96:29
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188330EEA76067ED9D4F654E5BF5723B485
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pb5-oDOLXxMOSPkUiNjsV9h1lik.roa
Signing time: Fri 19 May 2023 08:09:55 +0000
ROA not before: Fri 19 May 2023 08:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 109.206.242.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:0e:ea:76:06:7e:d9:d4:f6:54:e5:bf:57:23:b4:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 08:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5be7ea0338b5f130e48f91488d8ec57d8759629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:69:cf:c4:94:d6:ed:06:e3:c5:f4:c5:c2:df:
ae:16:e6:3d:e7:7f:30:29:58:cf:74:64:be:f0:50:
c0:55:11:6e:81:55:53:61:e2:e6:97:b2:e3:d3:ff:
75:7d:56:17:bb:4e:d9:70:6e:ae:38:31:16:96:ad:
85:93:be:91:c5:03:25:f7:01:59:60:6c:55:8b:fb:
ec:5e:dc:b8:80:14:34:99:05:53:e6:2d:5f:8d:75:
54:72:fa:3d:f2:0e:30:94:43:4f:1d:ae:f7:bc:d7:
90:be:ee:3d:2a:aa:19:92:f0:7d:ad:3d:50:ab:84:
02:bd:63:fa:23:85:26:b0:32:ae:5e:3a:c9:09:d3:
f3:c2:5a:11:a3:14:af:e2:da:7f:18:21:cf:64:a4:
70:2d:5c:dc:f4:97:bd:96:00:5e:3a:d2:c4:ea:8c:
37:f8:ca:d1:a5:b8:13:a9:2c:d5:70:89:4a:fd:b5:
fd:56:f8:1d:58:94:e3:72:87:6b:d3:25:46:60:1e:
9d:e4:aa:2c:96:6b:d1:9d:da:33:15:65:e9:e7:bc:
2d:ec:95:8c:7a:8e:e4:dd:b3:61:9c:76:8c:25:07:
51:50:46:2a:85:22:a4:9f:60:8b:b9:d4:d1:af:97:
65:37:e6:0e:a1:1d:d6:d6:36:65:7e:d0:26:3f:d3:
90:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BE:7E:A0:33:8B:5F:13:0E:48:F9:14:88:D8:EC:57:D8:75:96:29
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pb5-oDOLXxMOSPkUiNjsV9h1lik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
93.123.84.0/24
109.206.237.0/24
109.206.242.0/24
185.216.69.0/24
185.218.138.0/24
185.246.222.0/24
193.37.41.0/24
194.59.30.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:e1:46:72:21:83:e9:ab:e6:22:64:2c:61:7d:b2:0f:fb:c0:
78:f8:07:64:3b:4c:12:c3:ab:64:25:91:c4:89:40:ea:3c:4b:
59:3c:55:50:b1:c6:27:25:d0:18:0e:36:e1:4f:b2:b6:aa:cf:
e3:66:c1:c8:33:d5:e6:89:ee:9d:19:6c:b5:c6:26:9f:8d:0f:
91:f7:2b:f5:0b:1b:ef:b0:e4:5b:d4:7a:ef:e9:27:0f:14:8f:
e9:c3:0f:69:82:80:0d:9f:61:4c:99:e3:fe:af:b3:17:1e:c8:
27:f2:db:87:bf:0a:2d:ee:bc:e4:3a:f3:b2:22:ed:69:83:a7:
24:6f:bc:12:de:2e:ee:f1:7a:75:5a:cf:f0:f7:10:ee:c6:dd:
39:32:a9:55:bf:54:26:76:2f:ec:d1:20:9d:8a:61:75:a7:25:
05:8f:ec:08:73:c9:a9:21:2a:a4:85:35:70:17:7d:17:33:5f:
9d:07:f1:47:7f:d3:0e:9f:31:7b:b3:d6:50:59:32:03:38:ca:
4c:51:6e:07:4e:7f:41:76:86:ee:cb:b1:a7:22:f4:ef:83:23:
32:eb:33:23:ac:fc:65:26:72:f8:25:4b:45:62:d3:bd:18:08:
21:fa:70:8b:bc:a8:d0:a1:99:91:b7:00:89:77:08:3b:d7:21:
98:17:63:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYgzDup2Bn7Z1PZU5b9XI7SFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDgwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJlN2VhMDMzOGI1ZjEzMGU0OGY5MTQ4OGQ4ZWM1N2Q4NzU5NjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmnPxJTW7QbjxfTFwt+uFuY9538w
KVjPdGS+8FDAVRFugVVTYeLml7Lj0/91fVYXu07ZcG6uODEWlq2Fk76RxQMl9wFZ
YGxVi/vsXty4gBQ0mQVT5i1fjXVUcvo98g4wlENPHa73vNeQvu49KqoZkvB9rT1Q
q4QCvWP6I4UmsDKuXjrJCdPzwloRoxSv4tp/GCHPZKRwLVzc9Je9lgBeOtLE6ow3
+MrRpbgTqSzVcIlK/bX9VvgdWJTjcodr0yVGYB6d5KoslmvRndozFWXp57wt7JWM
eo7k3bNhnHaMJQdRUEYqhSKkn2CLudTRr5dlN+YOoR3W1jZlftAmP9OQ9QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKW+fqAzi18TDkj5FIjY7FfYdZYpMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcGI1LW9ET0xYeE1PU1BrVWlOanNWOWgxbGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUEwzAwQA
XXtUAwQAbc7tAwQAbc7yAwQAudhFAwQAudqKAwQAufbeAwQAwSUpAwQAwjseMA0G
CSqGSIb3DQEBCwUAA4IBAQA74UZyIYPpq+YiZCxhfbIP+8B4+AdkO0wSw6tkJZHE
iUDqPEtZPFVQscYnJdAYDjbhT7K2qs/jZsHIM9Xmie6dGWy1xiafjQ+R9yv1Cxvv
sORb1Hrv6ScPFI/pww9pgoANn2FMmeP+r7MXHsgn8tuHvwot7rzkOvOyIu1pg6ck
b7wS3i7u8Xp1Ws/w9xDuxt05MqlVv1Qmdi/s0SCdimF1pyUFj+wIc8mpISqkhTVw
F30XM1+dB/FHf9MOnzF7s9ZQWTIDOMpMUW4HTn9Bdobuy7GnIvTvgyMy6zMjrPxl
JnL4JUtFYtO9GAgh+nCLvKjQoZmRtwCJdwg71yGYF2Ol
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org