Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/5FeFNdbVqsUfBV2SWfX8Me2Uw7c.roa
File: 5FeFNdbVqsUfBV2SWfX8Me2Uw7c.roa (raw, json)
Hash identifier: Pfv3BC5GadqC7pXfibTexyr0b249enI5B4FgdDlV3kg=
Subject key identifier: E4:57:85:35:D6:D5:AA:C5:1F:05:5D:92:59:F5:FC:31:ED:94:C3:B7
Certificate issuer: /CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Certificate serial: 018571D79044EA921F0DE76AC29FA1C4BCAD
Authority key identifier: DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/5FeFNdbVqsUfBV2SWfX8Me2Uw7c.roa
Signing time: Mon 02 Jan 2023 09:37:10 +0000
ROA not before: Mon 02 Jan 2023 09:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35703
IP address blocks: 193.227.204.0/23 maxlen: 23
77.75.208.0/21 maxlen: 21
193.160.156.0/23 maxlen: 23
2a00:e48::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:90:44:ea:92:1f:0d:e7:6a:c2:9f:a1:c4:bc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Validity
Not Before: Jan 2 09:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4578535d6d5aac51f055d9259f5fc31ed94c3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f6:f2:b3:fb:05:8a:25:4e:b1:1e:79:23:74:
80:28:b7:d7:8d:9a:bc:0b:da:8d:94:4b:f6:9e:b7:
a5:bf:d5:e9:a9:54:0a:32:67:0c:fb:8f:6b:c8:16:
be:10:29:6d:15:25:cd:13:59:90:49:2b:0a:fd:89:
c0:6d:84:16:58:be:8d:b0:ab:7d:b9:64:69:9c:7d:
c9:b8:00:32:44:bc:11:d1:5c:45:cf:82:f1:ef:85:
2f:e2:66:cb:cc:98:3f:47:94:f6:09:28:45:2e:be:
47:db:3a:ce:ba:c3:54:2c:e8:e1:f4:5c:03:a7:f6:
a2:02:6a:f1:44:c4:c2:08:10:fb:9d:48:35:32:0c:
5a:7f:58:74:90:35:b5:e7:a5:a0:4a:92:12:ae:4c:
0f:0b:aa:a6:f5:2e:bc:8d:0d:ff:18:02:26:5e:6f:
2d:22:6c:49:59:0b:ae:8c:e3:a1:c9:5b:6c:0c:fd:
dd:99:94:6d:48:19:a2:79:34:3d:38:b2:eb:44:86:
61:28:82:fd:4f:c4:45:b6:24:6e:61:84:6a:14:55:
d9:64:39:8d:05:4a:fe:d6:9d:be:91:48:15:48:57:
8a:d1:5d:ed:6e:a7:8d:b6:6d:16:e9:98:31:68:e4:
a2:dc:e0:4e:31:7a:e5:51:88:f4:7e:0a:b4:4a:08:
c8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:57:85:35:D6:D5:AA:C5:1F:05:5D:92:59:F5:FC:31:ED:94:C3:B7
X509v3 Authority Key Identifier:
keyid:DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/5FeFNdbVqsUfBV2SWfX8Me2Uw7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.208.0/21
193.160.156.0/23
193.227.204.0/23
IPv6:
2a00:e48::/33
Signature Algorithm: sha256WithRSAEncryption
6a:98:db:0a:2f:c2:2d:2f:b2:6d:a9:79:32:61:ea:d3:e8:93:
90:d7:4c:e6:c7:7f:04:c7:76:a6:06:df:75:89:b4:11:4e:a7:
a9:52:27:25:4d:da:a9:52:ee:d9:52:a8:16:51:b9:3a:87:2a:
69:b8:c7:c8:c6:b6:b5:fc:f2:1c:a0:38:32:03:d4:02:9a:20:
9e:69:74:ea:75:03:40:61:d3:f3:d4:b4:ee:8c:12:da:3f:48:
f7:67:85:c6:c8:cc:b4:c3:ae:84:a7:3b:d0:da:bf:58:08:c8:
8c:cc:9a:1a:35:41:1d:0d:f2:8e:c1:71:a2:59:df:65:8c:34:
02:9e:88:45:97:b1:9d:21:fd:ff:e6:c3:ae:6c:06:49:ec:f0:
27:64:3e:0e:d3:e9:17:5b:d9:0f:18:75:ce:02:1b:d0:38:2a:
10:02:a1:84:82:91:14:dd:95:04:17:ff:b7:d9:dd:23:3b:94:
98:a8:37:8a:88:b3:07:2f:52:9d:11:96:8d:e8:4e:86:7c:bb:
0a:18:41:29:02:db:cf:86:ca:ad:4a:08:ad:8a:c7:62:79:96:
09:3b:96:9f:23:79:47:9a:48:c8:ca:d8:25:96:15:94:ff:67:
03:db:89:af:17:ea:cf:41:26:c2:68:84:47:02:d5:c8:49:89:
af:d7:07:20
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVx15BE6pIfDedqwp+hxLytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI0YjljNjNkYjVjMWExY2Y0YzU1ODFkYmU1YjM4MWNi
OTUwODcwHhcNMjMwMTAyMDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDU3ODUzNWQ2ZDVhYWM1MWYwNTVkOTI1OWY1ZmMzMWVkOTRjM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/bys/sFiiVOsR55I3SAKLfXjZq8
C9qNlEv2nrelv9XpqVQKMmcM+49ryBa+ECltFSXNE1mQSSsK/YnAbYQWWL6NsKt9
uWRpnH3JuAAyRLwR0VxFz4Lx74Uv4mbLzJg/R5T2CShFLr5H2zrOusNULOjh9FwD
p/aiAmrxRMTCCBD7nUg1Mgxaf1h0kDW156WgSpISrkwPC6qm9S68jQ3/GAImXm8t
ImxJWQuujOOhyVtsDP3dmZRtSBmieTQ9OLLrRIZhKIL9T8RFtiRuYYRqFFXZZDmN
BUr+1p2+kUgVSFeK0V3tbqeNtm0W6ZgxaOSi3OBOMXrlUYj0fgq0SgjIHQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFORXhTXW1arFHwVdkln1/DHtlMO3MB8GA1UdIwQY
MBaAFNoCS5xj21waHPTFWB2+WzgcuVCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYt
NzEyYjFhNzk2OGU2LzEvNUZlRk5kYlZxc1VmQlYyU1dmWDhNZTJVdzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYtNzEyYjFhNzk2OGU2
LzEvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDTUvQAwQB
waCcAwQBwePMMA4EAgACMAgDBgcqAA5IADANBgkqhkiG9w0BAQsFAAOCAQEAapjb
Ci/CLS+ybal5MmHq0+iTkNdM5sd/BMd2pgbfdYm0EU6nqVInJU3aqVLu2VKoFlG5
OocqabjHyMa2tfzyHKA4MgPUApognml06nUDQGHT89S07owS2j9I92eFxsjMtMOu
hKc70Nq/WAjIjMyaGjVBHQ3yjsFxolnfZYw0Ap6IRZexnSH9/+bDrmwGSezwJ2Q+
DtPpF1vZDxh1zgIb0DgqEAKhhIKRFN2VBBf/t9ndIzuUmKg3ioizBy9SnRGWjehO
hny7ChhBKQLbz4bKrUoIrYrHYnmWCTuWnyN5R5pIyMrYJZYVlP9nA9uJrxfqz0Em
wmiERwLVyEmJr9cHIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:27 2024 by rpki-client on console-ams.rpki-client.org