Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/_kpfF6BBf18bcl2BjTf70jwpVpM.roa
File: _kpfF6BBf18bcl2BjTf70jwpVpM.roa (raw, json)
Hash identifier: nT8K71pR6c2Hpd3o/Kvcb3x4etKRpbbkVEPoq4+HSX4=
Subject key identifier: FE:4A:5F:17:A0:41:7F:5F:1B:72:5D:81:8D:37:FB:D2:3C:29:56:93
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 018570B0860F761D78740AFA6354AF05D858
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/_kpfF6BBf18bcl2BjTf70jwpVpM.roa
Signing time: Mon 02 Jan 2023 04:14:54 +0000
ROA not before: Mon 02 Jan 2023 04:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24651
IP address blocks: 188.92.16.0/24 maxlen: 32
188.92.16.0/21 maxlen: 32
82.193.64.0/19 maxlen: 32
46.23.32.0/20 maxlen: 32
89.221.122.0/23 maxlen: 23
89.221.122.0/24 maxlen: 24
89.221.123.0/24 maxlen: 24
89.221.121.0/24 maxlen: 24
89.221.124.0/23 maxlen: 24
89.221.124.0/24 maxlen: 24
89.221.125.0/24 maxlen: 24
185.31.44.0/22 maxlen: 32
89.221.126.0/23 maxlen: 24
89.221.127.0/24 maxlen: 24
109.73.96.0/20 maxlen: 32
217.195.48.0/20 maxlen: 32
85.158.72.0/21 maxlen: 24
82.193.67.0/24 maxlen: 27
82.193.83.0/24 maxlen: 32
185.141.52.0/22 maxlen: 32
83.99.167.0/24 maxlen: 24
83.99.167.0/26 maxlen: 27
77.93.0.0/19 maxlen: 32
185.75.236.0/22 maxlen: 32
83.99.128.0/17 maxlen: 32
212.142.64.0/18 maxlen: 32
89.221.112.0/20 maxlen: 24
82.193.67.0/27 maxlen: 27
2a01:4e0::/32 maxlen: 32
2a01:4e1:cc1::/64 maxlen: 64
2a04:4e00::/29 maxlen: 29
2a01:4e1:460:1::/64 maxlen: 64
2a01:4e0::/29 maxlen: 29
2a01:4e1:1745::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:86:0f:76:1d:78:74:0a:fa:63:54:af:05:d8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Jan 2 04:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe4a5f17a0417f5f1b725d818d37fbd23c295693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e1:10:5b:2a:c2:8d:07:7f:bf:81:ad:ce:07:
66:e1:9c:31:21:dd:ae:1a:f1:ef:d0:5b:33:ad:ce:
ef:80:57:68:8d:4a:3f:a4:d9:82:50:df:2e:f6:9b:
41:0e:11:86:c7:8e:03:e0:45:6f:3b:30:ab:de:75:
81:eb:9d:54:54:a6:47:a4:81:8b:17:40:4a:27:40:
15:15:b3:4c:36:e4:30:38:cb:09:97:79:04:d5:78:
09:45:b9:2b:3c:2e:00:5a:75:ef:16:db:48:3d:c3:
36:32:08:69:f4:82:2b:8e:e0:02:57:3d:46:81:30:
79:e5:db:a1:67:b5:95:1f:ed:46:1e:c9:82:96:66:
e2:d2:f0:5e:bf:ce:e9:90:f6:89:73:d0:b8:e6:a7:
9d:c1:ad:4f:8d:67:5b:df:9b:6b:54:a2:62:28:5b:
f4:41:d1:6d:a5:f1:bc:bb:1c:95:db:04:41:79:79:
27:e2:40:a4:79:03:9f:27:9a:d5:70:17:74:06:34:
81:7f:57:f7:76:48:2e:b4:f0:55:cb:c6:fd:59:e6:
17:0d:60:64:3c:fc:92:7f:e2:66:43:22:e0:a8:03:
84:eb:8a:8e:68:86:9a:4c:62:59:1f:b0:9a:06:25:
f9:5f:03:10:db:c0:ed:39:83:55:7d:4e:3f:8a:68:
93:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4A:5F:17:A0:41:7F:5F:1B:72:5D:81:8D:37:FB:D2:3C:29:56:93
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/_kpfF6BBf18bcl2BjTf70jwpVpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.32.0/20
77.93.0.0/19
82.193.64.0/19
83.99.128.0/17
85.158.72.0/21
89.221.112.0/20
109.73.96.0/20
185.31.44.0/22
185.75.236.0/22
185.141.52.0/22
188.92.16.0/21
212.142.64.0/18
217.195.48.0/20
IPv6:
2a01:4e0::/29
2a04:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
5f:38:82:90:fe:81:b6:ff:87:69:f4:be:7f:ff:f6:65:30:8e:
64:71:6f:12:91:d8:43:0f:c8:d1:8b:09:6d:0a:1f:ac:d1:46:
61:22:67:74:7f:f7:25:4e:c9:c5:0a:91:90:8e:60:1a:e7:08:
f5:00:69:74:2d:25:0f:38:42:91:fc:4d:27:32:ac:fe:6c:83:
e3:cc:85:0c:a4:90:f6:6a:9c:be:9c:9f:ea:65:d7:23:a8:2c:
27:6b:2d:62:06:ed:82:9f:4b:bc:17:c3:95:d9:c1:e0:c3:f3:
a1:24:cf:48:d7:9f:c1:4d:14:fc:e6:9a:aa:03:3b:e4:3a:00:
f6:2a:5c:36:c9:c9:06:80:7f:ff:9b:01:e5:a0:75:fe:0a:7e:
21:88:02:23:ca:76:3a:93:be:0c:f6:4a:82:01:25:3c:e6:38:
d0:04:50:9c:33:84:b7:84:4a:8a:01:c3:a5:57:b8:d8:07:89:
8c:b0:25:2d:06:d8:bb:30:36:d0:4b:cc:65:36:71:bf:d6:bb:
ff:f9:89:2c:02:a0:fc:80:91:20:08:90:b0:52:d5:38:03:79:
fe:0a:03:a7:c7:66:a2:49:7a:e0:5e:8a:09:7c:1f:9a:83:ae:
e7:f8:2e:f0:ec:a9:35:f4:1e:a6:d4:1d:13:36:78:3e:1e:d4:
15:4d:5e:de
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYVwsIYPdh14dAr6Y1SvBdhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjMwMTAyMDQxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRhNWYxN2EwNDE3ZjVmMWI3MjVkODE4ZDM3ZmJkMjNjMjk1NjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieEQWyrCjQd/v4Gtzgdm4ZwxId2u
GvHv0Fszrc7vgFdojUo/pNmCUN8u9ptBDhGGx44D4EVvOzCr3nWB651UVKZHpIGL
F0BKJ0AVFbNMNuQwOMsJl3kE1XgJRbkrPC4AWnXvFttIPcM2Mghp9IIrjuACVz1G
gTB55duhZ7WVH+1GHsmClmbi0vBev87pkPaJc9C45qedwa1PjWdb35trVKJiKFv0
QdFtpfG8uxyV2wRBeXkn4kCkeQOfJ5rVcBd0BjSBf1f3dkgutPBVy8b9WeYXDWBk
PPySf+JmQyLgqAOE64qOaIaaTGJZH7CaBiX5XwMQ28DtOYNVfU4/imiTMwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFP5KXxegQX9fG3JdgY03+9I8KVaTMB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvX2twZkY2QkJmMThiY2wyQmpUZjcwandwVnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQELhcgAwQF
TV0AAwQFUsFAAwQHU2OAAwQDVZ5IAwQEWd1wAwQEbUlgAwQCuR8sAwQCuUvsAwQC
uY00AwQDvFwQAwQG1I5AAwQE2cMwMBQEAgACMA4DBQMqAQTgAwUDKgROADANBgkq
hkiG9w0BAQsFAAOCAQEAXziCkP6Btv+HafS+f//2ZTCOZHFvEpHYQw/I0YsJbQof
rNFGYSJndH/3JU7JxQqRkI5gGucI9QBpdC0lDzhCkfxNJzKs/myD48yFDKSQ9mqc
vpyf6mXXI6gsJ2stYgbtgp9LvBfDldnB4MPzoSTPSNefwU0U/OaaqgM75DoA9ipc
NsnJBoB//5sB5aB1/gp+IYgCI8p2OpO+DPZKggElPOY40ARQnDOEt4RKigHDpVe4
2AeJjLAlLQbYuzA20EvMZTZxv9a7//mJLAKg/ICRIAiQsFLVOAN5/goDp8dmokl6
4F6KCXwfmoOu5/gu8OypNfQeptQdEzZ4Ph7UFU1e3g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:52 2024 by rpki-client on console-fra.rpki-client.org