Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/5-PjWJet50ur1LX1zVbelxQDf2w.roa
File: 5-PjWJet50ur1LX1zVbelxQDf2w.roa (raw, json)
Hash identifier: WfC+txyjI0Pu/jtpoyOcP0vM7oV8JtHp5j4hTp2OjD8=
Subject key identifier: E7:E3:E3:58:97:AD:E7:4B:AB:D4:B5:F5:CD:56:DE:97:14:03:7F:6C
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 0186755BD37ABA04AC128637CB3DB19B996C
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/5-PjWJet50ur1LX1zVbelxQDf2w.roa
Signing time: Tue 21 Feb 2023 19:03:17 +0000
ROA not before: Tue 21 Feb 2023 19:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205207
IP address blocks: 185.14.160.0/22 maxlen: 22
46.209.58.0/24 maxlen: 24
77.104.106.0/24 maxlen: 24
5.160.49.0/24 maxlen: 24
77.237.68.0/24 maxlen: 24
77.104.64.0/19 maxlen: 19
77.104.66.0/24 maxlen: 24
77.237.80.0/20 maxlen: 20
77.104.64.0/18 maxlen: 18
77.237.87.0/24 maxlen: 24
77.104.73.0/24 maxlen: 24
77.104.75.0/24 maxlen: 24
77.104.72.0/21 maxlen: 21
77.104.80.0/20 maxlen: 24
46.209.95.0/24 maxlen: 24
77.237.64.0/20 maxlen: 20
77.237.64.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:5b:d3:7a:ba:04:ac:12:86:37:cb:3d:b1:9b:99:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Feb 21 19:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7e3e35897ade74babd4b5f5cd56de9714037f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9e:b9:bc:c7:fa:97:01:a6:a6:57:34:c2:75:
83:12:83:cc:06:14:c4:5b:d2:2a:1d:ef:17:ab:73:
ff:c5:c5:26:82:1b:24:b5:37:1c:1c:0c:05:4b:a3:
9d:8e:33:02:d3:61:69:fb:1d:62:5c:ed:63:4f:14:
af:c3:be:23:81:3d:32:05:c8:65:92:ce:7d:eb:c3:
56:58:a3:71:38:13:ad:84:bc:76:ca:20:8a:95:ca:
f4:c6:7e:9b:50:c0:96:ed:56:99:07:c0:f9:0a:53:
cc:54:78:62:87:c5:fc:d3:0c:c7:3d:2f:ab:47:fe:
81:91:10:81:8b:1f:15:0e:83:70:38:9f:4c:e8:98:
b1:d6:c7:52:f4:c6:f8:2e:a2:63:ad:61:5e:cf:4d:
b8:2f:b6:47:8d:79:0e:10:c2:a1:38:a8:31:1b:86:
76:17:ff:14:11:c4:0d:1b:2c:42:4f:91:63:b1:9b:
6b:d8:f5:e8:6d:5a:5f:f9:f1:f9:7d:60:46:8f:cc:
2e:0f:a8:f4:29:b3:f1:b9:49:95:ef:cb:bd:5e:d1:
0a:82:2e:a1:73:9f:65:5f:62:52:62:6a:d9:2d:40:
fa:db:1f:65:47:27:6b:71:c1:55:4c:45:73:52:53:
05:ef:27:e0:28:8f:fb:25:b5:f5:ec:b4:b0:cd:6a:
a7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E3:E3:58:97:AD:E7:4B:AB:D4:B5:F5:CD:56:DE:97:14:03:7F:6C
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/5-PjWJet50ur1LX1zVbelxQDf2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.49.0/24
46.209.58.0/24
46.209.95.0/24
77.104.64.0/18
77.237.64.0/19
185.14.160.0/22
Signature Algorithm: sha256WithRSAEncryption
89:cc:38:4a:74:19:4a:fe:0a:44:2d:0a:cb:4e:8c:f3:06:23:
52:4d:ba:24:ce:6c:13:f1:46:a9:c5:2b:fe:64:50:6f:08:cb:
4e:54:34:d4:6c:25:b9:5a:2d:0f:48:ca:74:6d:f1:93:4c:b8:
e0:e1:ac:57:7d:55:30:61:c8:fb:fc:24:84:f9:8b:0e:8d:f5:
41:01:87:6b:4b:c4:2b:f9:ac:e1:12:89:e2:7f:38:fa:8e:55:
f6:20:0e:b1:c6:b4:44:89:cd:c9:ab:20:80:08:ff:c0:f7:e8:
fa:c7:f7:2e:f4:c8:e2:77:14:e6:b6:62:b8:21:5c:ac:9a:4a:
d2:b8:1f:07:ee:5e:fa:48:d5:72:83:d1:9f:91:55:56:55:c1:
a8:df:4d:eb:71:ff:45:52:ba:3b:fe:d1:45:f2:32:22:f1:80:
44:8b:3c:a8:6c:36:26:a7:b7:2c:25:29:d3:bd:d6:c3:00:32:
5b:a7:28:c9:8f:7b:a6:2b:d3:5b:a3:25:ed:1e:b8:11:b9:03:
69:43:df:76:3f:33:70:f7:da:b9:ea:ab:99:5a:9e:3e:76:46:
32:1c:4e:4a:5b:ac:7e:22:e5:b9:d3:14:62:70:6a:b7:4c:03:
ef:f4:47:45:d0:0a:37:71:06:0a:68:b7:9f:25:b7:38:0b:00:
86:f4:50:96
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZ1W9N6ugSsEoY3yz2xm5lsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjMwMjIxMTkwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2UzZTM1ODk3YWRlNzRiYWJkNGI1ZjVjZDU2ZGU5NzE0MDM3ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ65vMf6lwGmplc0wnWDEoPMBhTE
W9IqHe8Xq3P/xcUmghsktTccHAwFS6OdjjMC02Fp+x1iXO1jTxSvw74jgT0yBchl
ks5968NWWKNxOBOthLx2yiCKlcr0xn6bUMCW7VaZB8D5ClPMVHhih8X80wzHPS+r
R/6BkRCBix8VDoNwOJ9M6Jix1sdS9Mb4LqJjrWFez024L7ZHjXkOEMKhOKgxG4Z2
F/8UEcQNGyxCT5FjsZtr2PXobVpf+fH5fWBGj8wuD6j0KbPxuUmV78u9XtEKgi6h
c59lX2JSYmrZLUD62x9lRydrccFVTEVzUlMF7yfgKI/7JbX17LSwzWqnmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOfj41iXredLq9S19c1W3pcUA39sMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvNS1QaldKZXQ1MHVyMUxYMXpWYmVseFFEZjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABaAxAwQA
LtE6AwQALtFfAwQGTWhAAwQFTe1AAwQCuQ6gMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
zDhKdBlK/gpELQrLTozzBiNSTbokzmwT8UapxSv+ZFBvCMtOVDTUbCW5Wi0PSMp0
bfGTTLjg4axXfVUwYcj7/CSE+YsOjfVBAYdrS8Qr+azhEonifzj6jlX2IA6xxrRE
ic3JqyCACP/A9+j6x/cu9MjidxTmtmK4IVysmkrSuB8H7l76SNVyg9GfkVVWVcGo
303rcf9FUro7/tFF8jIi8YBEizyobDYmp7csJSnTvdbDADJbpyjJj3umK9NboyXt
HrgRuQNpQ992PzNw99q56quZWp4+dkYyHE5KW6x+IuW50xRicGq3TAPv9EdF0Ao3
cQYKaLefJbc4CwCG9FCW
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:49 2024 by rpki-client on console-fra.rpki-client.org