Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/4EZvaA5r0G3vs89DSG9kKvQora4.roa
File: 4EZvaA5r0G3vs89DSG9kKvQora4.roa (raw, json)
Hash identifier: 5FFv7fBIhw4g+WESn6NcUsvuhlBwSJLwgOvr8jJchwY=
Subject key identifier: E0:46:6F:68:0E:6B:D0:6D:EF:B3:CF:43:48:6F:64:2A:F4:28:AD:AE
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01860D1173B17D52C0B2DFFCCC4D9647F1E0
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/4EZvaA5r0G3vs89DSG9kKvQora4.roa
Signing time: Wed 01 Feb 2023 13:01:32 +0000
ROA not before: Wed 01 Feb 2023 13:01:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43444
IP address blocks: 5.188.216.0/24 maxlen: 24
5.188.218.0/24 maxlen: 24
5.188.219.0/24 maxlen: 24
37.9.40.0/24 maxlen: 24
37.9.41.0/24 maxlen: 24
37.9.42.0/24 maxlen: 24
37.9.43.0/24 maxlen: 24
37.9.44.0/24 maxlen: 24
37.9.45.0/24 maxlen: 24
37.9.46.0/24 maxlen: 24
37.9.47.0/24 maxlen: 24
146.185.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:11:73:b1:7d:52:c0:b2:df:fc:cc:4d:96:47:f1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Feb 1 13:01:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0466f680e6bd06defb3cf43486f642af428adae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:13:5e:fc:75:d9:4d:a8:49:ff:1f:30:fc:
db:47:1f:06:58:f2:fe:64:54:1b:73:34:c2:37:33:
d8:30:aa:c9:88:eb:fc:cc:3e:25:37:09:42:92:95:
75:87:a4:a6:be:54:46:c2:74:ce:b5:3b:b9:8f:c6:
f5:01:b5:bb:40:a5:eb:79:03:46:22:72:4e:2b:48:
c6:6d:69:fc:f1:41:5d:4e:43:02:a4:f0:91:76:ab:
f8:4d:c7:7c:3c:12:5a:e2:5b:c9:ca:ca:1f:84:98:
76:0b:45:d9:6d:de:67:f0:80:b8:d9:d2:17:b4:56:
a0:f2:f4:71:07:11:2a:1d:e8:c2:02:3b:62:0f:15:
03:08:dd:f4:5b:3e:ce:1b:0c:fa:04:e6:40:49:a6:
74:eb:83:31:43:c8:54:a4:f7:02:01:79:52:c8:25:
00:44:23:67:07:e5:ea:7d:76:63:91:44:1b:a5:84:
d5:c1:32:ad:f6:05:e2:d9:ed:b0:59:54:c1:20:b6:
08:1e:3d:b9:66:95:53:71:a2:73:fe:57:16:24:04:
fb:72:f3:91:98:7a:58:49:4b:ea:93:47:7b:0a:d9:
92:b0:c7:18:6b:da:23:de:16:2c:a2:4f:46:43:27:
fc:bf:a5:57:4b:ae:9c:66:2d:59:4a:92:98:66:d6:
48:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:46:6F:68:0E:6B:D0:6D:EF:B3:CF:43:48:6F:64:2A:F4:28:AD:AE
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/4EZvaA5r0G3vs89DSG9kKvQora4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.216.0/24
5.188.218.0/23
37.9.40.0/21
146.185.207.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f7:72:f9:2e:c4:13:b0:cf:1f:4a:e6:62:d6:47:85:d9:40:
e3:ad:c5:fa:e5:82:ab:92:84:28:b9:3f:82:25:27:c8:16:be:
57:a5:50:7b:d1:08:ac:76:c4:f2:bc:bd:91:65:7d:3a:b7:2b:
32:c1:61:62:d7:25:3c:88:95:6c:7c:ff:44:6a:f1:8d:6d:12:
56:3c:f6:97:68:14:13:2f:0b:ff:7d:9f:57:a5:e5:30:fd:f0:
59:f9:02:7c:1c:bc:a0:db:f7:d9:cc:0c:70:5f:40:6e:a4:7b:
93:12:90:b5:01:bf:8e:f6:66:2b:06:94:d5:51:56:1c:bd:29:
46:9e:03:06:5e:86:cd:04:17:1c:aa:08:30:b4:ce:50:a8:62:
ed:4f:64:9e:58:29:ff:ae:66:02:91:c8:7a:14:ee:93:9b:d9:
7c:64:29:65:d2:19:97:a1:5a:36:8b:b4:7c:09:f7:d4:42:f7:
d5:42:c0:da:8e:d9:3a:f4:f1:1a:41:54:c0:65:de:0b:fa:fc:
d7:7b:1a:91:ff:62:e0:f2:3d:ee:ee:79:ad:29:b8:9c:94:c5:
a7:96:2e:ed:14:5b:6b:dc:48:86:34:f9:cb:0e:62:e5:61:e8:
a8:2c:74:07:a3:c5:d5:0e:9c:da:63:1c:df:e2:af:cf:84:fc:
0e:bd:17:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYNEXOxfVLAst/8zE2WR/HgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMjAxMTMwMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQ2NmY2ODBlNmJkMDZkZWZiM2NmNDM0ODZmNjQyYWY0MjhhZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM4TXvx12U2oSf8fMPzbRx8GWPL+
ZFQbczTCNzPYMKrJiOv8zD4lNwlCkpV1h6SmvlRGwnTOtTu5j8b1AbW7QKXreQNG
InJOK0jGbWn88UFdTkMCpPCRdqv4Tcd8PBJa4lvJysofhJh2C0XZbd5n8IC42dIX
tFag8vRxBxEqHejCAjtiDxUDCN30Wz7OGwz6BOZASaZ064MxQ8hUpPcCAXlSyCUA
RCNnB+XqfXZjkUQbpYTVwTKt9gXi2e2wWVTBILYIHj25ZpVTcaJz/lcWJAT7cvOR
mHpYSUvqk0d7CtmSsMcYa9oj3hYsok9GQyf8v6VXS66cZi1ZSpKYZtZIOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOBGb2gOa9Bt77PPQ0hvZCr0KK2uMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvNEVadmFBNXIwRzN2czg5RFNHOWtLdlFvcmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbzYAwQB
BbzaAwQDJQkoAwQAkrnPMA0GCSqGSIb3DQEBCwUAA4IBAQCQ93L5LsQTsM8fSuZi
1keF2UDjrcX65YKrkoQouT+CJSfIFr5XpVB70QisdsTyvL2RZX06tysywWFi1yU8
iJVsfP9EavGNbRJWPPaXaBQTLwv/fZ9XpeUw/fBZ+QJ8HLyg2/fZzAxwX0BupHuT
EpC1Ab+O9mYrBpTVUVYcvSlGngMGXobNBBccqggwtM5QqGLtT2SeWCn/rmYCkch6
FO6Tm9l8ZCll0hmXoVo2i7R8CffUQvfVQsDajtk69PEaQVTAZd4L+vzXexqR/2Lg
8j3u7nmtKbiclMWnli7tFFtr3EiGNPnLDmLlYeioLHQHo8XVDpzaYxzf4q/PhPwO
vReq
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org