Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/5VR8EbWCCwutVf0Mx783d9IqoQM.roa
File: 5VR8EbWCCwutVf0Mx783d9IqoQM.roa (raw, json)
Hash identifier: IGadsVg9HAc8KGBm9ndjULZKCx/Nf3q30JSWvQd0cyw=
Subject key identifier: E5:54:7C:11:B5:82:0B:0B:AD:55:FD:0C:C7:BF:37:77:D2:2A:A1:03
Certificate issuer: /CN=52056867e4d2885e99b549ed6fb786330adf8f44
Certificate serial: 01856C65BF07991F217B354FB04E9D91B644
Authority key identifier: 52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/5VR8EbWCCwutVf0Mx783d9IqoQM.roa
Signing time: Sun 01 Jan 2023 08:14:45 +0000
ROA not before: Sun 01 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12990
IP address blocks: 213.180.128.0/21 maxlen: 21
195.88.186.0/24 maxlen: 24
213.180.138.0/23 maxlen: 23
213.180.137.0/24 maxlen: 24
213.180.136.0/24 maxlen: 24
195.88.187.0/24 maxlen: 24
213.180.142.0/23 maxlen: 23
213.180.141.0/24 maxlen: 24
213.180.140.0/24 maxlen: 24
213.180.144.0/23 maxlen: 23
213.180.152.0/24 maxlen: 24
213.180.151.0/24 maxlen: 24
213.180.150.0/24 maxlen: 24
213.180.148.0/23 maxlen: 23
213.180.146.0/23 maxlen: 23
213.180.154.0/24 maxlen: 24
213.180.153.0/24 maxlen: 24
141.105.16.0/21 maxlen: 21
185.104.64.0/24 maxlen: 24
37.26.160.0/21 maxlen: 21
2a02:c10::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:bf:07:99:1f:21:7b:35:4f:b0:4e:9d:91:b6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52056867e4d2885e99b549ed6fb786330adf8f44
Validity
Not Before: Jan 1 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5547c11b5820b0bad55fd0cc7bf3777d22aa103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:74:e4:a4:d1:40:34:d8:37:ec:4c:ff:0a:
63:de:5f:aa:6e:f7:c4:63:46:e2:f4:b4:21:1b:ed:
55:9c:22:4c:8f:0e:87:c2:65:27:14:f2:18:ea:a8:
77:e5:41:5a:43:de:71:ae:4e:bd:a7:86:8b:f2:c5:
2c:89:fc:74:36:cf:ef:7c:81:8d:8d:00:7a:56:d0:
40:6f:49:42:40:e3:ee:fe:df:51:d7:62:42:67:d6:
3c:63:c4:2d:38:70:ee:93:b2:d8:97:1b:cd:39:68:
d9:e4:32:8f:d1:f0:23:c0:0b:9e:e8:96:06:8e:a8:
72:43:96:99:4a:c8:a5:b1:48:89:78:67:ce:c8:06:
50:4e:95:b7:6b:99:5b:79:60:f0:30:aa:a0:68:f4:
05:4c:8e:e4:f8:4e:35:0f:03:d9:e2:db:5b:76:5f:
f3:62:da:53:ac:f5:c1:32:98:9e:96:89:52:be:1f:
58:0f:48:fe:48:61:cf:ec:96:2f:d7:cd:9e:4c:42:
b4:71:23:14:87:fc:38:e7:75:cf:bc:ce:37:93:38:
be:a6:2a:84:d4:bf:db:77:f9:9e:ab:82:a8:49:03:
7d:8d:1d:6b:44:73:24:c2:c0:b9:95:94:33:61:f7:
ac:8f:d8:30:3c:8d:77:f7:31:49:7b:7a:76:bb:ec:
94:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:54:7C:11:B5:82:0B:0B:AD:55:FD:0C:C7:BF:37:77:D2:2A:A1:03
X509v3 Authority Key Identifier:
keyid:52:05:68:67:E4:D2:88:5E:99:B5:49:ED:6F:B7:86:33:0A:DF:8F:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/5VR8EbWCCwutVf0Mx783d9IqoQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/b27d45-08cc-47a1-ac5a-5f4836083a30/1/UgVoZ-TSiF6ZtUntb7eGMwrfj0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.160.0/21
141.105.16.0/21
185.104.64.0/24
195.88.186.0/23
213.180.128.0-213.180.154.255
IPv6:
2a02:c10::/32
Signature Algorithm: sha256WithRSAEncryption
27:a7:02:86:60:90:3f:6f:bc:64:ae:c3:1b:6c:59:bc:40:d1:
08:dc:8e:86:92:76:d9:7a:0c:9d:6e:be:ea:1e:9d:86:3c:02:
ce:06:1d:04:3a:21:fe:58:ab:75:3b:7d:1a:40:68:20:92:01:
42:8b:ad:81:c1:63:6f:fd:b1:60:99:35:0b:0e:46:b1:65:cd:
5b:54:3e:d7:61:9b:ee:d9:e0:53:de:1f:61:35:bc:a2:03:75:
71:3e:34:84:ea:bc:2c:5d:81:14:bc:a6:5d:37:3a:84:0e:f1:
33:c1:a0:33:b9:95:f0:b1:22:dd:b6:8c:6b:10:88:8a:67:25:
94:91:b7:00:59:38:10:ab:60:48:65:bb:7a:6c:38:08:c6:78:
4b:47:c8:b2:ed:e1:3b:18:c0:e6:2b:a6:4d:c7:b9:aa:77:22:
f4:13:33:e8:69:40:23:a3:28:0a:64:8d:06:86:38:57:be:e9:
2d:19:ed:a1:6e:b5:c6:05:c5:cf:24:3e:a4:60:26:44:d1:57:
f4:c8:4d:9b:43:e3:32:8c:29:7a:c6:9d:e3:2a:14:46:23:8f:
a5:50:67:72:57:78:ed:be:59:68:e3:ba:22:09:15:33:19:fb:
e4:12:ff:af:66:5d:f3:82:af:a4:ca:82:c0:cb:6a:f9:24:a8:
c7:6b:1e:ce
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVsZb8HmR8hezVPsE6dkbZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMDU2ODY3ZTRkMjg4NWU5OWI1NDllZDZmYjc4NjMzMGFk
ZjhmNDQwHhcNMjMwMTAxMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU0N2MxMWI1ODIwYjBiYWQ1NWZkMGNjN2JmMzc3N2QyMmFhMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiud05KTRQDTYN+xM/wpj3l+qbvfE
Y0bi9LQhG+1VnCJMjw6HwmUnFPIY6qh35UFaQ95xrk69p4aL8sUsifx0Ns/vfIGN
jQB6VtBAb0lCQOPu/t9R12JCZ9Y8Y8QtOHDuk7LYlxvNOWjZ5DKP0fAjwAue6JYG
jqhyQ5aZSsilsUiJeGfOyAZQTpW3a5lbeWDwMKqgaPQFTI7k+E41DwPZ4ttbdl/z
YtpTrPXBMpielolSvh9YD0j+SGHP7JYv182eTEK0cSMUh/w453XPvM43kzi+piqE
1L/bd/meq4KoSQN9jR1rRHMkwsC5lZQzYfesj9gwPI139zFJe3p2u+yUMwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOVUfBG1ggsLrVX9DMe/N3fSKqEDMB8GA1UdIwQY
MBaAFFIFaGfk0ohembVJ7W+3hjMK349EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEt
NWY0ODM2MDgzYTMwLzEvNVZSOEViV0NDd3V0VmYwTXg3ODNkOUlxb1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9iMjdkNDUtMDhjYy00N2ExLWFjNWEtNWY0ODM2MDgzYTMw
LzEvVWdWb1otVFNpRjZadFVudGI3ZUdNd3JmajBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDJRqgAwQD
jWkQAwQAuWhAAwQBw1i6MAwDBAfVtIADBADVtJowDQQCAAIwBwMFACoCDBAwDQYJ
KoZIhvcNAQELBQADggEBACenAoZgkD9vvGSuwxtsWbxA0QjcjoaSdtl6DJ1uvuoe
nYY8As4GHQQ6If5Yq3U7fRpAaCCSAUKLrYHBY2/9sWCZNQsORrFlzVtUPtdhm+7Z
4FPeH2E1vKIDdXE+NITqvCxdgRS8pl03OoQO8TPBoDO5lfCxIt22jGsQiIpnJZSR
twBZOBCrYEhlu3psOAjGeEtHyLLt4TsYwOYrpk3Huap3IvQTM+hpQCOjKApkjQaG
OFe+6S0Z7aFutcYFxc8kPqRgJkTRV/TITZtD4zKMKXrGneMqFEYjj6VQZ3JXeO2+
WWjjuiIJFTMZ++QS/69mXfOCr6TKgsDLavkkqMdrHs4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:25 2024 by rpki-client on console-fra.rpki-client.org