Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oDziIMdMI7RNbKyfrwnCWqFQHNI.roa
File: oDziIMdMI7RNbKyfrwnCWqFQHNI.roa (raw, json)
Hash identifier: cQCjjH8I/jWJ5+UtLbkcWPLBi6DP6N1J0m1Ed4YRfZA=
Subject key identifier: A0:3C:E2:20:C7:4C:23:B4:4D:6C:AC:9F:AF:09:C2:5A:A1:50:1C:D2
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0185724712C55BF68741921CDCAC54163B6D
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oDziIMdMI7RNbKyfrwnCWqFQHNI.roa
Signing time: Mon 02 Jan 2023 11:38:58 +0000
ROA not before: Mon 02 Jan 2023 11:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200557
IP address blocks: 5.188.219.0/24 maxlen: 24
5.188.216.0/24 maxlen: 24
37.9.42.0/24 maxlen: 24
37.9.41.0/24 maxlen: 24
37.9.40.0/24 maxlen: 24
146.185.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:12:c5:5b:f6:87:41:92:1c:dc:ac:54:16:3b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a03ce220c74c23b44d6cac9faf09c25aa1501cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c2:c9:83:57:ba:99:2f:3b:47:43:75:5d:f9:
7f:33:cc:e3:ed:c0:0a:9e:1d:0b:2c:10:82:13:0f:
ba:6b:19:c3:3b:fc:d9:0e:7e:74:3e:98:e4:db:29:
46:1d:91:b7:ea:63:9f:f2:d9:ab:97:47:63:08:b4:
20:7d:38:25:97:c1:53:91:97:3d:2e:1f:f4:d7:0a:
55:e5:84:cc:3f:9b:e4:67:1f:af:d7:4f:25:3c:f7:
ff:02:cb:8f:fb:0d:41:6b:04:f7:39:69:8d:c6:c2:
f5:bd:20:e0:05:f0:25:06:00:89:fd:6f:3a:d7:d2:
75:61:73:e6:bd:b0:b2:46:b4:15:15:ae:9c:0e:db:
cb:d6:8b:f7:06:c0:c4:53:c6:15:11:84:d1:ec:72:
25:b0:11:4f:76:9c:3b:f1:fe:c0:75:ee:21:fb:27:
09:f5:2e:ce:e2:14:56:d8:7d:bc:17:51:18:f2:71:
b1:dc:97:67:e9:20:ec:f6:30:fc:89:63:30:59:de:
a3:32:23:0a:b7:58:ff:57:51:40:8f:7a:8f:f6:d9:
d5:43:38:21:4c:35:3b:6d:72:4a:de:04:e5:29:b0:
5e:27:3f:6b:70:6a:bc:6d:26:51:6a:41:d2:4f:8a:
86:16:94:db:d8:86:f9:11:f4:75:08:13:7c:3f:26:
87:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3C:E2:20:C7:4C:23:B4:4D:6C:AC:9F:AF:09:C2:5A:A1:50:1C:D2
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/oDziIMdMI7RNbKyfrwnCWqFQHNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.216.0/24
5.188.219.0/24
37.9.40.0-37.9.42.255
146.185.207.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a7:d0:22:96:e4:aa:cf:b3:8e:f0:a8:2d:7d:49:a2:d3:f9:
d9:8b:9c:8a:e9:70:ae:08:18:cf:d9:0f:9b:0a:ed:46:9e:ba:
de:cb:df:b5:bf:7d:0a:55:ae:9c:4b:ed:3b:6d:8e:9c:f0:df:
7f:7c:a2:fe:2c:89:be:db:59:1c:c1:ff:2b:3f:c4:ad:5d:c1:
b1:16:7b:67:1e:46:54:50:68:9b:65:8c:fd:46:54:ef:b4:86:
14:1c:3a:e7:3a:74:16:bc:34:eb:79:7d:38:82:4a:52:d6:d2:
48:98:fe:de:47:c3:9d:53:cf:02:13:ed:76:e9:70:76:b5:50:
7c:0d:01:81:52:ae:fb:53:38:cf:41:1c:be:48:39:a5:e0:88:
77:33:56:2e:43:2d:1d:fa:cd:ba:48:63:af:18:2d:9e:e5:13:
e0:f9:83:76:eb:20:39:90:92:cf:9b:a2:9a:8a:f4:34:a8:8c:
02:fd:01:ed:c7:74:a0:4f:40:7e:10:6c:10:c4:f7:51:60:9e:
9e:2f:2a:bb:13:fa:44:be:b0:99:09:5c:cc:da:e8:ce:20:31:
3b:ba:13:6e:96:76:57:7a:7c:8e:87:07:5d:29:04:30:bf:15:
80:c6:31:69:1f:4f:8b:0a:33:07:eb:e1:e9:f8:2a:03:46:1e:
a9:0b:ce:5e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyRxLFW/aHQZIc3KxUFjttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNjZTIyMGM3NGMyM2I0NGQ2Y2FjOWZhZjA5YzI1YWExNTAxY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcLJg1e6mS87R0N1Xfl/M8zj7cAK
nh0LLBCCEw+6axnDO/zZDn50Ppjk2ylGHZG36mOf8tmrl0djCLQgfTgll8FTkZc9
Lh/01wpV5YTMP5vkZx+v108lPPf/AsuP+w1BawT3OWmNxsL1vSDgBfAlBgCJ/W86
19J1YXPmvbCyRrQVFa6cDtvL1ov3BsDEU8YVEYTR7HIlsBFPdpw78f7Ade4h+ycJ
9S7O4hRW2H28F1EY8nGx3Jdn6SDs9jD8iWMwWd6jMiMKt1j/V1FAj3qP9tnVQzgh
TDU7bXJK3gTlKbBeJz9rcGq8bSZRakHST4qGFpTb2Ib5EfR1CBN8PyaHpwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKA84iDHTCO0TWysn68JwlqhUBzSMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvb0R6aUlNZE1JN1JOYkt5ZnJ3bkNXcUZRSE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABbzYAwQA
BbzbMAwDBAMlCSgDBAAlCSoDBACSuc8wDQYJKoZIhvcNAQELBQADggEBAGan0CKW
5KrPs47wqC19SaLT+dmLnIrpcK4IGM/ZD5sK7Uaeut7L37W/fQpVrpxL7Tttjpzw
3398ov4sib7bWRzB/ys/xK1dwbEWe2ceRlRQaJtljP1GVO+0hhQcOuc6dBa8NOt5
fTiCSlLW0kiY/t5Hw51TzwIT7XbpcHa1UHwNAYFSrvtTOM9BHL5IOaXgiHczVi5D
LR36zbpIY68YLZ7lE+D5g3brIDmQks+bopqK9DSojAL9Ae3HdKBPQH4QbBDE91Fg
np4vKrsT+kS+sJkJXMza6M4gMTu6E26Wdld6fI6HB10pBDC/FYDGMWkfT4sKMwfr
4en4KgNGHqkLzl4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:56 2023 by rpki-client on console-fra.rpki-client.org