Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/DgGPjK3UtViJeUVj7zN9wpoufVc.roa
File: DgGPjK3UtViJeUVj7zN9wpoufVc.roa (raw, json)
Hash identifier: QBx6ljO2FgfA2+C/XlZZnIx9w19n2a5WmLESoJIzEoM=
Subject key identifier: 0E:01:8F:8C:AD:D4:B5:58:89:79:45:63:EF:33:7D:C2:9A:2E:7D:57
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0185724702A131BF96D91E1AB3D4DAECA9F0
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/DgGPjK3UtViJeUVj7zN9wpoufVc.roa
Signing time: Mon 02 Jan 2023 11:38:54 +0000
ROA not before: Mon 02 Jan 2023 11:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41909
IP address blocks: 5.8.88.0/22 maxlen: 24
5.8.0.0/21 maxlen: 22
5.188.68.0/23 maxlen: 24
5.188.88.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:02:a1:31:bf:96:d9:1e:1a:b3:d4:da:ec:a9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e018f8cadd4b55889794563ef337dc29a2e7d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:59:c6:26:27:05:ff:fa:bb:d4:5a:16:eb:da:
a2:e4:a4:2a:9a:86:d2:22:69:56:c6:72:a5:88:fc:
6a:6a:83:c5:33:00:59:0f:4e:38:e3:6f:f0:05:fc:
32:db:fd:5f:4f:d4:11:3b:fc:de:e5:70:5d:24:e2:
b2:a2:90:8b:2c:0b:66:68:03:d7:4f:44:c3:6c:0c:
56:be:19:1b:10:1e:a3:df:ef:f1:32:5d:05:39:15:
b5:bf:ca:5b:4a:df:99:d7:0a:0f:59:e6:37:d0:ee:
d6:d9:4f:83:a8:06:7b:09:5b:93:f4:8c:42:c3:87:
db:cc:4b:b3:7b:e3:df:3c:c3:91:db:9c:19:66:70:
54:30:b7:9e:8b:e5:0c:7c:d0:ce:44:18:0d:37:bc:
2b:d4:8e:42:d7:b1:db:75:50:39:3c:97:d7:5c:ac:
88:d5:3d:73:ac:9d:30:94:35:b9:48:99:66:12:b6:
d4:4e:2c:f5:6e:b7:ee:58:b2:01:70:2b:c1:d0:33:
14:02:5d:fa:14:db:87:49:d5:aa:32:31:ed:3f:83:
fe:97:58:98:b8:84:f2:35:d6:43:e2:f2:88:4e:86:
cb:da:a0:a8:c5:12:d0:85:94:57:67:d2:1d:4e:fd:
a0:49:4a:91:a7:51:ae:fe:03:11:58:e1:ae:e7:9e:
4e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:01:8F:8C:AD:D4:B5:58:89:79:45:63:EF:33:7D:C2:9A:2E:7D:57
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/DgGPjK3UtViJeUVj7zN9wpoufVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.0.0/21
5.8.88.0/22
5.188.68.0/23
5.188.88.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:b5:a8:8b:c8:a4:09:0c:c5:ad:20:1f:99:b3:72:e2:8f:9f:
24:12:a0:b4:e2:19:e0:11:3d:cc:3f:04:12:a3:0d:8c:4d:80:
27:b5:9c:fc:56:5d:12:ab:00:9f:f2:de:cb:32:62:d5:6d:c9:
97:a7:3d:a5:46:28:fb:4d:9b:4c:bb:0e:15:15:29:35:71:60:
d2:47:ca:08:85:30:95:18:3c:42:d3:a7:6b:5d:41:5b:d1:a6:
8d:da:a9:e1:be:d8:b8:33:65:cb:0d:ac:57:11:d3:7d:89:ec:
9c:7f:a9:55:ce:91:f5:c5:66:f1:f4:6b:4f:32:84:b8:7d:a8:
35:18:6f:bc:2b:db:4b:71:a9:e2:17:9b:f4:12:a1:67:9f:58:
25:1a:c1:95:b0:1c:49:5a:22:5c:49:20:67:52:e8:e3:28:8b:
77:b6:b3:bd:e5:11:1e:f4:7b:f5:59:6b:3b:00:f9:7c:50:7f:
a2:70:7d:61:cc:53:14:da:c8:53:db:ac:9e:69:1e:52:83:88:
fe:58:54:4c:95:69:03:ed:72:02:f4:2a:d7:c5:86:da:9a:41:
6a:e3:66:25:11:da:d6:c5:72:3a:fc:c5:c3:e3:6e:cb:23:20:
98:fa:c9:48:f2:f6:87:19:6e:3d:4d:b7:4c:a2:d9:6d:10:d0:
7f:83:d1:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyRwKhMb+W2R4as9Ta7KnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTAxOGY4Y2FkZDRiNTU4ODk3OTQ1NjNlZjMzN2RjMjlhMmU3ZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1nGJicF//q71FoW69qi5KQqmobS
ImlWxnKliPxqaoPFMwBZD04442/wBfwy2/1fT9QRO/ze5XBdJOKyopCLLAtmaAPX
T0TDbAxWvhkbEB6j3+/xMl0FORW1v8pbSt+Z1woPWeY30O7W2U+DqAZ7CVuT9IxC
w4fbzEuze+PfPMOR25wZZnBUMLeei+UMfNDORBgNN7wr1I5C17HbdVA5PJfXXKyI
1T1zrJ0wlDW5SJlmErbUTiz1brfuWLIBcCvB0DMUAl36FNuHSdWqMjHtP4P+l1iY
uITyNdZD4vKITobL2qCoxRLQhZRXZ9IdTv2gSUqRp1Gu/gMRWOGu555OhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA4Bj4yt1LVYiXlFY+8zfcKaLn1XMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvRGdHUGpLM1V0VmlKZVVWajd6Tjl3cG91ZlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQgAAwQC
BQhYAwQBBbxEAwQCBbxYMA0GCSqGSIb3DQEBCwUAA4IBAQC3taiLyKQJDMWtIB+Z
s3Lij58kEqC04hngET3MPwQSow2MTYAntZz8Vl0SqwCf8t7LMmLVbcmXpz2lRij7
TZtMuw4VFSk1cWDSR8oIhTCVGDxC06drXUFb0aaN2qnhvti4M2XLDaxXEdN9ieyc
f6lVzpH1xWbx9GtPMoS4fag1GG+8K9tLcaniF5v0EqFnn1glGsGVsBxJWiJcSSBn
UujjKIt3trO95REe9Hv1WWs7APl8UH+icH1hzFMU2shT26yeaR5Sg4j+WFRMlWkD
7XIC9CrXxYbamkFq42YlEdrWxXI6/MXD427LIyCY+slI8vaHGW49TbdMotltENB/
g9E7
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:25 2024 by rpki-client on console-fra.rpki-client.org