Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/5iN_G35lzMNwT_nkxVzGD1ssPX4.roa
File: 5iN_G35lzMNwT_nkxVzGD1ssPX4.roa (raw, json)
Hash identifier: FV9/mVWxNoxMZL8oxJcf899yEzRppoT/APHfPtEy5uI=
Subject key identifier: E6:23:7F:1B:7E:65:CC:C3:70:4F:F9:E4:C5:5C:C6:0F:5B:2C:3D:7E
Certificate issuer: /CN=7ba77362e314586d0d21884d01a85adb77665b74
Certificate serial: 018CC493603AEF6BADE5DA252886829DA8F0
Authority key identifier: 7B:A7:73:62:E3:14:58:6D:0D:21:88:4D:01:A8:5A:DB:77:66:5B:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/5iN_G35lzMNwT_nkxVzGD1ssPX4.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206837
IP address blocks: 176.98.211.0/24 maxlen: 24
176.98.208.0/24 maxlen: 24
176.98.208.0/22 maxlen: 24
176.98.210.0/24 maxlen: 24
176.98.209.0/24 maxlen: 24
185.127.54.0/23 maxlen: 23
185.127.55.0/24 maxlen: 24
185.127.54.0/24 maxlen: 24
185.127.52.0/22 maxlen: 22
185.127.53.0/24 maxlen: 24
185.127.52.0/23 maxlen: 23
185.127.52.0/24 maxlen: 24
157.97.85.0/24 maxlen: 24
157.97.84.0/22 maxlen: 24
157.97.84.0/24 maxlen: 24
157.97.87.0/24 maxlen: 24
157.97.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 10:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:60:3a:ef:6b:ad:e5:da:25:28:86:82:9d:a8:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba77362e314586d0d21884d01a85adb77665b74
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6237f1b7e65ccc3704ff9e4c55cc60f5b2c3d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c8:15:0e:cb:7c:bb:12:45:f4:92:11:72:d6:
46:b7:45:d0:b0:8e:5e:d7:0b:c0:e4:c9:68:de:26:
b1:1e:63:2e:04:57:ae:1f:64:e6:8a:d3:88:3f:92:
87:be:ea:f0:05:6a:b3:54:01:a0:92:70:0f:67:2c:
b4:19:4c:48:97:de:8a:be:0f:df:a6:c7:08:d7:19:
85:f9:2b:4f:2e:b8:e1:1d:f2:3d:2c:10:22:69:32:
88:bb:de:93:0a:45:b1:65:c6:13:f2:98:11:82:34:
20:87:02:fc:ea:9e:8c:d1:7f:16:2d:13:7b:2f:87:
75:e1:cf:a3:7d:95:8c:f8:2a:7f:c6:5f:c8:40:2d:
08:45:07:82:0b:56:9f:5c:2d:59:d8:14:38:eb:d4:
9b:4c:78:7c:79:55:c7:29:bb:f5:9c:0a:81:d8:ab:
1f:dd:72:57:44:d8:a7:32:6f:f6:03:12:2c:e1:36:
6c:62:e7:3e:e6:6b:4d:96:08:c7:3e:5e:de:b3:d2:
70:af:bd:aa:a6:70:0e:76:3a:83:21:28:39:86:4b:
1b:5e:18:13:01:75:74:8f:6c:03:8b:a2:e8:a5:af:
34:e3:b1:95:0c:dc:22:e9:30:af:84:14:05:0c:f5:
d2:1e:8f:84:f6:4e:f2:64:d7:fa:9d:4b:74:80:85:
2f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:23:7F:1B:7E:65:CC:C3:70:4F:F9:E4:C5:5C:C6:0F:5B:2C:3D:7E
X509v3 Authority Key Identifier:
keyid:7B:A7:73:62:E3:14:58:6D:0D:21:88:4D:01:A8:5A:DB:77:66:5B:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/5iN_G35lzMNwT_nkxVzGD1ssPX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/e6dzYuMUWG0NIYhNAaha23dmW3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.84.0/22
176.98.208.0/22
185.127.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:e2:4c:1e:45:2d:7e:fc:be:70:47:5e:fb:a2:e5:5d:92:08:
84:03:d5:62:30:a6:88:c4:72:0b:8b:b2:b4:33:78:50:aa:0f:
08:e0:03:8d:3f:64:4c:11:cd:bd:d4:56:94:fe:56:dd:bf:fc:
a4:db:84:26:54:10:12:2e:86:96:b4:cf:c0:03:ba:8c:f2:9e:
6f:2a:2e:2e:f3:ae:07:12:be:3c:89:7b:20:25:a9:6d:96:21:
ef:c2:d6:9b:f7:81:e4:aa:cf:9e:e8:64:e7:cc:63:1a:67:df:
0b:05:56:c9:93:e2:26:10:d4:3b:3a:6a:9e:81:b1:3b:c1:f9:
cd:fa:97:cd:51:8d:20:78:94:b9:0d:e8:35:5f:88:28:88:e1:
ee:a3:3b:ff:6c:27:a0:4e:14:08:e8:a0:d5:f4:94:05:83:1f:
a4:27:03:5b:0e:62:ab:5f:28:ac:c2:b1:63:49:5c:3c:4a:1e:
90:73:84:ce:5a:89:4b:9c:a5:44:dc:c1:dc:1c:4e:17:5d:9b:
a2:44:13:be:94:b7:86:28:2a:e6:0c:46:56:fa:05:9c:66:70:
f8:db:1a:99:73:bd:be:9a:de:24:04:df:9e:8b:0a:9e:83:e0:
89:60:12:c6:4f:dc:5d:04:77:77:c9:35:0c:2a:f3:65:d6:27:
9e:c6:e6:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEk2A672ut5dolKIaCnajwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTc3MzYyZTMxNDU4NmQwZDIxODg0ZDAxYTg1YWRiNzc2
NjViNzQwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjIzN2YxYjdlNjVjY2MzNzA0ZmY5ZTRjNTVjYzYwZjViMmMzZDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcgVDst8uxJF9JIRctZGt0XQsI5e
1wvA5Mlo3iaxHmMuBFeuH2TmitOIP5KHvurwBWqzVAGgknAPZyy0GUxIl96Kvg/f
pscI1xmF+StPLrjhHfI9LBAiaTKIu96TCkWxZcYT8pgRgjQghwL86p6M0X8WLRN7
L4d14c+jfZWM+Cp/xl/IQC0IRQeCC1afXC1Z2BQ469SbTHh8eVXHKbv1nAqB2Ksf
3XJXRNinMm/2AxIs4TZsYuc+5mtNlgjHPl7es9Jwr72qpnAOdjqDISg5hksbXhgT
AXV0j2wDi6Lopa8047GVDNwi6TCvhBQFDPXSHo+E9k7yZNf6nUt0gIUvZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOYjfxt+ZczDcE/55MVcxg9bLD1+MB8GA1UdIwQY
MBaAFHunc2LjFFhtDSGITQGoWtt3Zlt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZkell1TVVXRzBOSVloTkFhaGEyM2RtVzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYTY5OGUtZTZhOC00MWY0LTg2OWMt
OTYxZjQzNzEzNWM2LzEvNWlOX0czNWx6TU53VF9ua3hWekdEMXNzUFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYTY5OGUtZTZhOC00MWY0LTg2OWMtOTYxZjQzNzEzNWM2
LzEvZTZkell1TVVXRzBOSVloTkFhaGEyM2RtVzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnWFUAwQC
sGLQAwQCuX80MA0GCSqGSIb3DQEBCwUAA4IBAQBN4kweRS1+/L5wR177ouVdkgiE
A9ViMKaIxHILi7K0M3hQqg8I4AONP2RMEc291FaU/lbdv/yk24QmVBASLoaWtM/A
A7qM8p5vKi4u864HEr48iXsgJaltliHvwtab94Hkqs+e6GTnzGMaZ98LBVbJk+Im
ENQ7OmqegbE7wfnN+pfNUY0geJS5Deg1X4goiOHuozv/bCegThQI6KDV9JQFgx+k
JwNbDmKrXyiswrFjSVw8Sh6Qc4TOWolLnKVE3MHcHE4XXZuiRBO+lLeGKCrmDEZW
+gWcZnD42xqZc72+mt4kBN+eiwqeg+CJYBLGT9xdBHd3yTUMKvNl1ieexuZN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:36 2024 by rpki-client on console-ams.rpki-client.org