Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/e74Tv6-f2VV4DmHQWbwu1bWrI34.roa
File: e74Tv6-f2VV4DmHQWbwu1bWrI34.roa (raw, json)
Hash identifier: wLeU1RWXTgqosQ26DmINe2uHmfIVzHcffhMxrNtzuAk=
Subject key identifier: 7B:BE:13:BF:AF:9F:D9:55:78:0E:61:D0:59:BC:2E:D5:B5:AB:23:7E
Certificate issuer: /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial: 018BA98C2CD556705C784092F0BD741D1027
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/e74Tv6-f2VV4DmHQWbwu1bWrI34.roa
Signing time: Tue 07 Nov 2023 11:30:17 +0000
ROA not before: Tue 07 Nov 2023 11:30:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209242
IP address blocks: 5.182.85.0/24 maxlen: 24
5.182.84.0/24 maxlen: 24
46.254.92.0/24 maxlen: 24
46.254.93.0/24 maxlen: 24
77.232.141.0/24 maxlen: 24
77.232.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:8c:2c:d5:56:70:5c:78:40:92:f0:bd:74:1d:10:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Validity
Not Before: Nov 7 11:30:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bbe13bfaf9fd955780e61d059bc2ed5b5ab237e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5e:f3:51:47:c0:43:8b:b1:63:ac:8f:9e:b1:
52:db:c4:59:e9:be:48:62:18:4d:01:89:a9:c1:ef:
fc:42:ee:d7:2d:e1:08:cb:50:9c:95:85:7a:75:6b:
aa:d1:f0:69:07:ae:86:ff:a2:94:1b:80:9d:2e:b5:
6a:b5:89:f5:96:85:d9:a4:76:1d:63:f8:b3:e3:97:
26:d4:16:58:73:7a:e0:c8:99:eb:24:58:f9:ad:f1:
b0:65:2e:0f:64:e9:06:15:7e:0d:48:27:15:35:32:
43:22:c1:22:25:d6:0f:93:7d:9c:25:30:4b:82:c5:
e1:9e:8b:e7:81:6b:c2:8a:f1:e7:e8:67:df:0a:8f:
0a:b1:25:84:3f:ed:c2:e6:f5:15:05:43:99:56:97:
eb:94:7c:f5:8d:8f:5a:b6:09:c3:6a:70:7e:2b:62:
db:3b:fc:af:ac:6a:ae:95:81:2c:30:f6:1c:5e:20:
21:79:7f:2c:eb:b1:ec:14:90:b7:32:53:2d:11:1e:
e0:ea:d3:c6:55:3f:e0:39:b4:4c:b8:63:3c:c8:2a:
b9:d3:40:70:8b:0a:eb:f2:7b:a8:bf:36:23:4f:7b:
3c:97:ec:11:37:1b:5d:80:d9:f4:59:55:bc:f3:6d:
e6:2d:31:0d:2a:57:bd:08:14:e0:ba:bd:e3:76:bf:
d6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:BE:13:BF:AF:9F:D9:55:78:0E:61:D0:59:BC:2E:D5:B5:AB:23:7E
X509v3 Authority Key Identifier:
keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/e74Tv6-f2VV4DmHQWbwu1bWrI34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.84.0/23
46.254.92.0/23
77.232.140.0/23
Signature Algorithm: sha256WithRSAEncryption
d3:b6:0d:71:b8:0e:f1:fd:34:5e:e1:91:da:4e:25:e2:3f:d7:
84:72:ab:7a:1e:4f:d1:8e:4b:77:80:18:cf:12:51:05:ab:02:
2a:33:50:ad:86:13:77:98:04:d0:86:92:12:ca:37:60:88:3d:
25:e0:49:07:38:18:fa:e2:c5:2d:77:81:75:48:fd:c5:ca:9b:
6a:e1:ef:cc:99:d6:1b:22:68:b3:9d:9d:b3:47:1e:ad:e9:94:
16:ca:6f:67:e9:79:33:a1:a0:61:f0:ec:25:c7:59:c4:98:67:
82:e3:85:22:3a:b8:70:7b:d6:f6:54:77:6f:16:84:9f:ac:30:
fe:f1:22:2c:10:ba:4d:37:cc:a8:40:f7:3b:98:97:21:46:10:
61:5a:2c:57:a8:e4:6a:73:a6:c8:be:13:62:dd:0d:f1:19:0c:
96:43:8f:dd:bc:dc:52:de:fc:5c:1c:32:1a:f6:ce:33:a6:6a:
14:1f:2a:b9:ca:fa:f4:dd:a1:1d:ab:7f:37:70:c5:0a:ef:d0:
7e:d4:ad:6d:64:12:f2:f1:ad:e5:6d:41:8c:81:98:ee:e2:4e:
da:c3:bb:fe:40:1f:9d:0a:ae:c7:50:ee:91:57:b6:18:bc:55:
b5:8d:54:ad:ab:e9:0b:77:f0:ed:18:cf:92:dc:cf:7d:18:15:
e8:2b:7f:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYupjCzVVnBceECS8L10HRAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjMxMTA3MTEzMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmJlMTNiZmFmOWZkOTU1NzgwZTYxZDA1OWJjMmVkNWI1YWIyMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1l7zUUfAQ4uxY6yPnrFS28RZ6b5I
YhhNAYmpwe/8Qu7XLeEIy1CclYV6dWuq0fBpB66G/6KUG4CdLrVqtYn1loXZpHYd
Y/iz45cm1BZYc3rgyJnrJFj5rfGwZS4PZOkGFX4NSCcVNTJDIsEiJdYPk32cJTBL
gsXhnovngWvCivHn6GffCo8KsSWEP+3C5vUVBUOZVpfrlHz1jY9atgnDanB+K2Lb
O/yvrGqulYEsMPYcXiAheX8s67HsFJC3MlMtER7g6tPGVT/gObRMuGM8yCq500Bw
iwrr8nuovzYjT3s8l+wRNxtdgNn0WVW8823mLTENKle9CBTgur3jdr/WywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHu+E7+vn9lVeA5h0Fm8LtW1qyN+MB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvZTc0VHY2LWYyVlY0RG1IUVdid3UxYldySTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbZUAwQB
Lv5cAwQBTeiMMA0GCSqGSIb3DQEBCwUAA4IBAQDTtg1xuA7x/TRe4ZHaTiXiP9eE
cqt6Hk/Rjkt3gBjPElEFqwIqM1CthhN3mATQhpISyjdgiD0l4EkHOBj64sUtd4F1
SP3Fyptq4e/MmdYbImiznZ2zRx6t6ZQWym9n6XkzoaBh8Owlx1nEmGeC44UiOrhw
e9b2VHdvFoSfrDD+8SIsELpNN8yoQPc7mJchRhBhWixXqORqc6bIvhNi3Q3xGQyW
Q4/dvNxS3vxcHDIa9s4zpmoUHyq5yvr03aEdq383cMUK79B+1K1tZBLy8a3lbUGM
gZju4k7aw7v+QB+dCq7HUO6RV7YYvFW1jVStq+kLd/DtGM+S3M99GBXoK383
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:06 2024 by rpki-client on console-fra.rpki-client.org