Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5iWuh25wiMcD58OvRDhzUkvsoYw.roa
File: 5iWuh25wiMcD58OvRDhzUkvsoYw.roa (raw, json)
Hash identifier: //QzAV9Lmfpax/jGpRxEYboC5w9BWUp2Z/XPNYWlEck=
Subject key identifier: E6:25:AE:87:6E:70:88:C7:03:E7:C3:AF:44:38:73:52:4B:EC:A1:8C
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0188D8E15211C9B7A98FB4A96AA9AFDBC63B
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5iWuh25wiMcD58OvRDhzUkvsoYw.roa
Signing time: Tue 20 Jun 2023 12:57:05 +0000
ROA not before: Tue 20 Jun 2023 12:57:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 45.131.194.0/24 maxlen: 24
85.8.130.0/24 maxlen: 24
2a0e:d781::/32 maxlen: 32
2a0e:d783::/32 maxlen: 32
2a0e:d782::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:e1:52:11:c9:b7:a9:8f:b4:a9:6a:a9:af:db:c6:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jun 20 12:57:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e625ae876e7088c703e7c3af443873524beca18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:4a:be:7e:51:61:94:36:c0:a4:ab:11:26:
fd:3e:aa:48:0f:8f:50:7b:ce:85:5a:c7:79:b5:63:
1c:26:70:65:f5:2a:2e:ff:87:1e:55:52:5a:0d:89:
84:ac:c2:c0:8c:81:53:d0:83:7b:25:0f:64:0a:39:
7b:b5:e6:d2:a1:67:8c:aa:06:c8:d9:5f:1b:d6:9d:
88:3e:5b:ef:7f:97:cf:bf:4a:f5:02:04:8e:09:f8:
90:d3:64:98:57:63:3a:46:be:50:27:53:25:ee:cb:
e8:11:20:34:87:bd:45:86:65:d7:6b:3d:7e:97:28:
9c:05:d5:bd:ca:ba:99:ad:a7:54:05:4f:bb:d5:a4:
54:22:1a:0e:54:a3:d3:96:d5:1e:1c:ac:df:69:38:
c2:8e:61:67:2c:25:fe:6c:3c:e0:f3:7c:73:12:94:
ec:31:9b:a0:fe:dc:c0:b6:b7:a7:8a:cc:92:76:70:
6d:cf:8f:3a:a6:1e:30:bf:b9:5e:6a:20:1c:46:d8:
92:9b:2a:5d:a2:15:e9:16:02:0c:30:f6:9c:38:42:
7d:71:c7:d1:d4:6f:48:04:1b:94:c2:47:de:03:d7:
2d:86:b8:13:28:cc:f5:ae:f9:2a:25:d8:34:34:07:
9f:29:54:82:75:a8:8e:1a:17:6c:71:61:96:29:82:
fc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:25:AE:87:6E:70:88:C7:03:E7:C3:AF:44:38:73:52:4B:EC:A1:8C
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5iWuh25wiMcD58OvRDhzUkvsoYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.194.0/24
85.8.130.0/24
IPv6:
2a0e:d781::-2a0e:d783:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:59:1a:54:97:a0:d1:ee:2f:26:d7:d9:20:86:27:fa:88:3d:
d1:ed:81:f1:d0:dd:3b:d8:f8:14:65:6a:a4:62:12:37:a1:14:
6e:56:aa:70:09:fd:e8:b7:95:8a:75:06:d3:63:59:8b:82:e9:
f9:41:23:89:f9:78:47:ba:29:f2:05:79:4a:a9:1b:ec:19:33:
2e:81:61:ae:c6:da:31:ae:0a:91:73:8e:80:f7:de:5f:be:14:
9d:04:35:6a:11:cd:93:64:30:8d:94:ba:51:9b:c4:37:c4:80:
3f:78:db:ab:b7:a3:e3:14:8c:98:86:e4:56:81:9a:66:bf:14:
50:22:69:d4:13:02:78:28:02:25:29:59:3f:11:ef:61:c9:26:
a3:0c:f3:24:7b:09:30:e5:8c:1e:5a:25:b9:d3:e4:dd:8a:8c:
c7:60:da:df:23:d2:05:29:17:74:ec:67:c4:ea:c9:af:b4:b3:
42:55:18:e1:55:a1:19:a4:2a:e4:38:ad:50:a7:9c:32:43:66:
ca:fe:b3:30:44:5a:79:8a:d0:fb:61:09:b1:57:47:1f:ac:08:
2e:07:eb:ae:dd:ec:a0:8a:0f:4c:e5:81:94:21:d9:17:9a:03:
f2:46:bd:6d:23:00:0f:54:20:c9:45:f2:b1:2e:65:61:f1:04:
9b:e2:77:4a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjY4VIRybepj7Spaqmv28Y7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwNjIwMTI1NzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjI1YWU4NzZlNzA4OGM3MDNlN2MzYWY0NDM4NzM1MjRiZWNhMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKZKvn5RYZQ2wKSrESb9PqpID49Q
e86FWsd5tWMcJnBl9Sou/4ceVVJaDYmErMLAjIFT0IN7JQ9kCjl7tebSoWeMqgbI
2V8b1p2IPlvvf5fPv0r1AgSOCfiQ02SYV2M6Rr5QJ1Ml7svoESA0h71FhmXXaz1+
lyicBdW9yrqZradUBU+71aRUIhoOVKPTltUeHKzfaTjCjmFnLCX+bDzg83xzEpTs
MZug/tzAtrenisySdnBtz486ph4wv7leaiAcRtiSmypdohXpFgIMMPacOEJ9ccfR
1G9IBBuUwkfeA9cthrgTKMz1rvkqJdg0NAefKVSCdaiOGhdscWGWKYL8gQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOYlroducIjHA+fDr0Q4c1JL7KGMMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvNWlXdWgyNXdpTWNENThPdlJEaHpVa3Zzb1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALYPCAwQA
VQiCMBYEAgACMBAwDgMFACoO14EDBQIqDteAMA0GCSqGSIb3DQEBCwUAA4IBAQBz
WRpUl6DR7i8m19kghif6iD3R7YHx0N072PgUZWqkYhI3oRRuVqpwCf3ot5WKdQbT
Y1mLgun5QSOJ+XhHuinyBXlKqRvsGTMugWGuxtoxrgqRc46A995fvhSdBDVqEc2T
ZDCNlLpRm8Q3xIA/eNurt6PjFIyYhuRWgZpmvxRQImnUEwJ4KAIlKVk/Ee9hySaj
DPMkewkw5YweWiW50+TdiozHYNrfI9IFKRd07GfE6smvtLNCVRjhVaEZpCrkOK1Q
p5wyQ2bK/rMwRFp5itD7YQmxV0cfrAguB+uu3eygig9M5YGUIdkXmgPyRr1tIwAP
VCDJRfKxLmVh8QSb4ndK
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:18 2024 by rpki-client on console-ams.rpki-client.org