Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/dI5j1RGG8Sv0Qw7afptqcfms-zs.roa
File: dI5j1RGG8Sv0Qw7afptqcfms-zs.roa (raw, json)
Hash identifier: OO8k2qaoalQVo+NITbG8qcsugSH89wcsstNBoUgZKNM=
Subject key identifier: 74:8E:63:D5:11:86:F1:2B:F4:43:0E:DA:7E:9B:6A:71:F9:AC:FB:3B
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0187FACD71103FE3D349C543853BAD8ED462
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/dI5j1RGG8Sv0Qw7afptqcfms-zs.roa
Signing time: Mon 08 May 2023 09:59:40 +0000
ROA not before: Mon 08 May 2023 09:59:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209813
IP address blocks: 46.161.31.0/24 maxlen: 24
5.8.66.0/24 maxlen: 24
5.8.67.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.194.0/24 maxlen: 24
5.188.195.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:cd:71:10:3f:e3:d3:49:c5:43:85:3b:ad:8e:d4:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 8 09:59:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=748e63d51186f12bf4430eda7e9b6a71f9acfb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ae:ed:09:d3:22:bb:92:4d:83:77:ba:04:b0:
0a:1b:64:76:82:f6:03:2e:fb:47:61:6d:ac:be:99:
49:6e:4f:b0:68:be:f8:a7:a1:29:61:e6:ad:11:6d:
0a:12:7e:e9:a8:98:5d:b8:45:13:5d:de:96:b6:5b:
c5:f3:b7:e8:2b:32:8f:0a:20:67:21:5f:26:2f:20:
0f:3c:bc:38:70:0d:07:66:25:9a:39:0a:eb:7d:8f:
16:d6:f4:f5:2f:ef:b4:6f:70:3d:e7:de:b4:e3:84:
99:f4:63:51:4d:1e:b6:1e:1a:d9:03:62:cd:36:44:
2a:91:30:d2:79:2f:a7:d2:89:79:0e:47:81:39:bc:
e7:33:a4:35:a3:38:d1:c9:00:6f:d0:bb:24:75:71:
42:53:ad:a9:d9:83:4e:2f:a5:c2:7b:9d:de:ab:cb:
c4:b6:58:05:33:09:8e:10:82:bf:c8:bd:20:f0:e5:
b0:d2:79:4a:44:d2:f5:9b:d2:5a:87:a8:35:15:1d:
c5:a2:97:ef:34:23:ef:23:bd:4b:30:3c:0c:ab:d4:
5a:5e:67:6e:0f:8c:6b:36:99:94:b9:1f:8f:24:26:
a3:e1:1c:56:11:e2:f2:d8:2d:19:ef:12:de:7c:42:
64:55:90:63:1e:8e:52:34:e8:b2:5b:c4:2f:c1:af:
76:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8E:63:D5:11:86:F1:2B:F4:43:0E:DA:7E:9B:6A:71:F9:AC:FB:3B
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/dI5j1RGG8Sv0Qw7afptqcfms-zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.188.50.0/24
5.188.194.0/23
46.161.31.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:be:d4:c2:b4:0d:16:7d:d0:e5:ce:8e:cd:32:99:17:e8:a6:
d0:96:ad:8a:f1:63:cf:2d:ae:f5:4a:f8:e8:f6:02:3c:c0:8f:
a1:55:88:ef:a1:b3:b3:ac:62:cb:9e:09:fb:ef:29:98:23:43:
c6:50:88:e6:4d:e2:81:5d:a4:a4:7d:84:31:63:84:c2:e4:12:
6b:96:10:c4:b7:1b:29:1e:e9:48:f0:35:a9:f8:c7:a3:6c:ce:
dd:a3:92:96:b7:07:21:1e:c6:20:e9:99:56:e4:a6:7d:ab:0d:
87:26:fb:d8:cb:61:69:9c:82:bb:29:6a:33:1a:35:eb:e1:99:
54:01:0a:36:3b:eb:37:69:6b:c0:00:d7:77:d0:99:8f:d0:50:
ac:1b:6f:8f:06:97:73:ee:ca:e1:04:0b:da:6c:1e:f8:83:36:
03:41:44:a5:f2:2a:5e:01:eb:6f:91:3b:cf:15:ad:31:68:04:
b8:f8:9d:c2:46:33:32:65:3c:9e:74:d4:3b:8c:89:d8:dd:e4:
a9:af:18:9a:cd:f4:a4:d5:76:af:da:f7:39:a9:3f:fe:46:f9:
70:9f:ea:ea:12:6e:c6:35:a9:70:8c:c2:2f:94:d2:4a:c3:50:
46:03:e3:d9:04:ad:25:bd:05:95:0d:72:18:30:88:ec:33:88:
22:e0:82:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYf6zXEQP+PTScVDhTutjtRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwNTA4MDk1OTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhlNjNkNTExODZmMTJiZjQ0MzBlZGE3ZTliNmE3MWY5YWNmYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka7tCdMiu5JNg3e6BLAKG2R2gvYD
LvtHYW2svplJbk+waL74p6EpYeatEW0KEn7pqJhduEUTXd6WtlvF87foKzKPCiBn
IV8mLyAPPLw4cA0HZiWaOQrrfY8W1vT1L++0b3A9596044SZ9GNRTR62HhrZA2LN
NkQqkTDSeS+n0ol5DkeBObznM6Q1ozjRyQBv0LskdXFCU62p2YNOL6XCe53eq8vE
tlgFMwmOEIK/yL0g8OWw0nlKRNL1m9Jah6g1FR3FopfvNCPvI71LMDwMq9RaXmdu
D4xrNpmUuR+PJCaj4RxWEeLy2C0Z7xLefEJkVZBjHo5SNOiyW8Qvwa92iQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHSOY9URhvEr9EMO2n6banH5rPs7MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvZEk1ajFSR0c4U3YwUXc3YWZwdHFjZm1zLXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBQhCAwQA
BbwyAwQBBbzCAwQALqEfMA0GCSqGSIb3DQEBCwUAA4IBAQA/vtTCtA0WfdDlzo7N
MpkX6KbQlq2K8WPPLa71Svjo9gI8wI+hVYjvobOzrGLLngn77ymYI0PGUIjmTeKB
XaSkfYQxY4TC5BJrlhDEtxspHulI8DWp+MejbM7do5KWtwchHsYg6ZlW5KZ9qw2H
JvvYy2FpnIK7KWozGjXr4ZlUAQo2O+s3aWvAANd30JmP0FCsG2+PBpdz7srhBAva
bB74gzYDQUSl8ipeAetvkTvPFa0xaAS4+J3CRjMyZTyedNQ7jInY3eSprxiazfSk
1Xav2vc5qT/+Rvlwn+rqEm7GNalwjMIvlNJKw1BGA+PZBK0lvQWVDXIYMIjsM4gi
4IIW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org