Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/5wSjjck4EDgtz1txwETkdF7pm4o.roa
File: 5wSjjck4EDgtz1txwETkdF7pm4o.roa (raw, json)
Hash identifier: oToB8dUhR7tXV6+EyIQgr0uNuAXtgMiCXHLjAxDGaqY=
Subject key identifier: E7:04:A3:8D:C9:38:10:38:2D:CF:5B:71:C0:44:E4:74:5E:E9:9B:8A
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01856ED4B83C885704F281984D69749FF51C
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/5wSjjck4EDgtz1txwETkdF7pm4o.roa
Signing time: Sun 01 Jan 2023 19:35:12 +0000
ROA not before: Sun 01 Jan 2023 19:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.132.0/22 maxlen: 24
188.209.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Apr 2023 05:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:b8:3c:88:57:04:f2:81:98:4d:69:74:9f:f5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 19:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e704a38dc93810382dcf5b71c044e4745ee99b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:0d:96:a1:b2:65:97:01:ac:87:3c:1d:f5:63:
d6:3b:09:9e:25:54:b6:33:ba:68:e4:b4:9e:90:02:
e3:2c:55:53:4b:b7:bb:f8:73:53:dd:32:4c:a8:39:
4b:1e:13:0d:be:fd:a6:c3:10:85:f0:44:84:eb:a4:
cd:72:97:d0:ef:d6:e1:6a:13:c4:1a:7c:0d:a9:eb:
1a:46:f1:0b:60:f4:f5:40:45:d3:a6:ff:55:57:ec:
df:2f:b3:56:8c:cc:0a:98:c0:00:9f:2d:56:5e:f8:
da:a2:62:ce:b1:17:67:00:5a:e3:cf:2e:77:9b:5b:
43:0c:81:8a:de:3f:18:c4:62:60:17:a6:15:f0:f9:
26:ab:f7:d9:95:fe:f2:10:a9:5a:bf:2d:66:f8:32:
02:1f:12:5b:b6:f8:87:46:37:1c:38:85:7e:24:23:
6f:4b:e5:a8:b1:9b:cf:d5:7b:e1:fd:ee:e8:80:68:
bb:08:26:f8:4d:6b:19:40:d2:8e:73:29:b9:0a:28:
60:98:d4:59:ca:53:ba:92:a3:8f:62:a6:59:0a:b8:
dc:2c:86:64:11:04:67:e0:bf:c6:af:af:76:13:c4:
06:2f:b9:1c:f6:59:a9:74:1b:00:e5:c6:09:f4:9b:
4e:fb:be:64:28:ec:c3:bf:cd:53:74:fd:30:af:81:
6d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:04:A3:8D:C9:38:10:38:2D:CF:5B:71:C0:44:E4:74:5E:E9:9B:8A
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/5wSjjck4EDgtz1txwETkdF7pm4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/22
188.209.140.0/22
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:74:89:5e:b0:7f:c9:04:26:1d:c0:46:47:ec:c3:09:33:e1:
22:69:60:55:4b:4d:5d:89:c5:97:67:b9:15:dd:fd:5b:67:68:
95:8c:20:b9:0b:3b:bd:f6:bc:04:ec:86:cd:07:cd:c3:9b:0b:
8a:9e:5a:e6:31:68:0f:5c:2d:7f:b0:22:9f:72:73:da:c1:f9:
8a:68:fd:31:92:f8:fd:61:9c:cb:ef:b3:cf:59:3a:5f:45:37:
b4:0a:30:0f:8f:a2:09:10:e0:d2:2e:9c:aa:c4:33:b7:eb:e2:
4c:1b:8f:a0:f8:b5:ff:43:81:f0:89:73:2e:58:35:34:15:c8:
3c:fa:f1:3e:73:d1:b0:87:1d:7c:1b:ba:a9:d7:a7:af:eb:9c:
73:5d:18:e8:d4:33:5c:da:53:5b:ce:89:61:9f:51:7a:d7:d3:
e4:d8:f6:48:15:e7:b4:dd:ff:0b:33:aa:26:0f:36:9b:31:61:
2f:bd:ad:dc:66:c1:58:ad:a9:c8:26:2d:5c:3a:ae:b9:97:fa:
a5:e7:23:ad:a9:79:63:cf:6b:e4:87:c8:6e:92:66:48:4c:9e:
de:0d:4f:23:b6:0a:d2:bc:04:cd:63:3f:f3:5b:1b:d8:56:51:
fc:da:78:96:fc:dd:b9:4c:cd:27:f1:14:01:f2:88:f5:a6:79:
f1:e2:2d:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1Lg8iFcE8oGYTWl0n/UcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzA0YTM4ZGM5MzgxMDM4MmRjZjViNzFjMDQ0ZTQ3NDVlZTk5YjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+A2WobJllwGshzwd9WPWOwmeJVS2
M7po5LSekALjLFVTS7e7+HNT3TJMqDlLHhMNvv2mwxCF8ESE66TNcpfQ79bhahPE
GnwNqesaRvELYPT1QEXTpv9VV+zfL7NWjMwKmMAAny1WXvjaomLOsRdnAFrjzy53
m1tDDIGK3j8YxGJgF6YV8Pkmq/fZlf7yEKlavy1m+DICHxJbtviHRjccOIV+JCNv
S+WosZvP1Xvh/e7ogGi7CCb4TWsZQNKOcym5CihgmNRZylO6kqOPYqZZCrjcLIZk
EQRn4L/Gr692E8QGL7kc9lmpdBsA5cYJ9JtO+75kKOzDv81TdP0wr4FtgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOcEo43JOBA4Lc9bccBE5HRe6ZuKMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvNXdTampjazRFRGd0ejF0eHdFVGtkRjdwbTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCvNGEAwQC
vNGMAwQCwg9gMA0GCSqGSIb3DQEBCwUAA4IBAQB9dIlesH/JBCYdwEZH7MMJM+Ei
aWBVS01dicWXZ7kV3f1bZ2iVjCC5Czu99rwE7IbNB83DmwuKnlrmMWgPXC1/sCKf
cnPawfmKaP0xkvj9YZzL77PPWTpfRTe0CjAPj6IJEODSLpyqxDO36+JMG4+g+LX/
Q4HwiXMuWDU0Fcg8+vE+c9Gwhx18G7qp16ev65xzXRjo1DNc2lNbzolhn1F619Pk
2PZIFee03f8LM6omDzabMWEvva3cZsFYranIJi1cOq65l/ql5yOtqXljz2vkh8hu
kmZITJ7eDU8jtgrSvATNYz/zWxvYVlH82niW/N25TM0n8RQB8oj1pnnx4i1R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org