Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/6E23TMnUg9nJldEl7CmCNZbBbD4.roa
File: 6E23TMnUg9nJldEl7CmCNZbBbD4.roa (raw, json)
Hash identifier: 1CfL+8un8oUHu25kLzlU1v1tXBixIcHvZdWoN6G4xFY=
Subject key identifier: E8:4D:B7:4C:C9:D4:83:D9:C9:95:D1:25:EC:29:82:35:96:C1:6C:3E
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018571F1043FF051733A696B5936A3BAF27E
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/6E23TMnUg9nJldEl7CmCNZbBbD4.roa
Signing time: Mon 02 Jan 2023 10:04:58 +0000
ROA not before: Mon 02 Jan 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203600
IP address blocks: 178.156.106.0/24 maxlen: 24
178.156.24.0/24 maxlen: 24
5.154.114.0/24 maxlen: 24
37.230.86.0/24 maxlen: 24
84.236.191.0/24 maxlen: 24
84.236.200.0/22 maxlen: 22
84.236.202.0/24 maxlen: 24
84.236.200.0/23 maxlen: 23
84.236.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f1:04:3f:f0:51:73:3a:69:6b:59:36:a3:ba:f2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e84db74cc9d483d9c995d125ec29823596c16c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d5:1f:6f:73:1e:e1:04:92:34:cc:7e:cc:b9:
71:2f:4e:18:94:88:1c:6a:47:75:da:e8:c6:7f:69:
ec:e3:34:e2:ea:51:20:84:cc:db:dc:f5:5b:66:22:
be:0f:fa:39:47:f4:77:a6:09:90:20:80:bb:2c:5e:
0a:7f:8e:fe:d0:08:a9:1c:ef:a6:8b:e7:32:00:0e:
f1:8f:9f:61:1c:e3:3a:58:bf:1f:e4:fa:c6:c1:7f:
76:57:59:50:96:1f:4e:4f:5b:b1:30:8f:13:5f:08:
ed:18:ca:d9:85:dc:1d:4c:6c:31:bf:9c:ec:ae:3c:
37:ec:68:0f:83:01:4a:2f:ae:d9:50:1e:d1:70:88:
ce:f1:30:67:fb:ed:40:7c:ad:de:af:14:6c:7d:d2:
fd:54:98:25:b9:dc:e7:c6:8e:11:31:3e:fe:fb:b5:
87:23:53:b1:7c:ad:be:23:10:a3:48:42:87:a5:97:
71:e1:e2:7e:48:22:aa:20:37:9e:91:a0:ad:49:4f:
f0:13:70:61:a5:b7:50:9e:a1:be:45:bc:36:f2:80:
1a:5a:89:65:f9:88:ad:a5:29:2e:f9:a8:c7:6e:78:
eb:d0:c3:11:59:d5:39:08:52:18:24:43:1e:9b:b1:
b1:21:4b:fa:31:d4:e5:2b:ff:50:b3:1c:cb:25:98:
23:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4D:B7:4C:C9:D4:83:D9:C9:95:D1:25:EC:29:82:35:96:C1:6C:3E
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/6E23TMnUg9nJldEl7CmCNZbBbD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.114.0/24
37.230.86.0/24
84.236.191.0/24
84.236.200.0/22
178.156.24.0/24
178.156.106.0/24
Signature Algorithm: sha256WithRSAEncryption
92:97:c4:36:21:98:66:f8:c3:06:32:89:a2:f3:54:19:e5:8c:
8f:4d:62:c0:af:a4:5f:e2:9e:d6:ab:04:d1:bc:50:bc:5e:da:
22:82:45:80:11:1e:7c:c5:9f:18:ca:b0:99:bf:7d:8a:80:74:
f5:cb:c3:94:de:2e:c4:db:2c:bb:9b:56:e2:36:1d:c4:a5:3f:
7d:33:23:25:b5:73:d0:ac:e0:61:cb:de:83:e4:11:b9:e2:ea:
9a:4f:bf:1d:17:e3:de:e1:f3:a1:94:01:ba:d0:77:fc:6a:a5:
2e:62:3e:e0:fe:5a:dd:ec:7c:f4:41:f3:31:a5:2f:45:ce:4a:
bc:26:40:04:92:bd:a5:96:90:46:c9:24:34:71:83:c1:03:cf:
ce:fc:f5:24:05:c8:24:73:4e:83:14:75:56:e7:01:13:59:ba:
d7:c5:1b:78:ff:13:d3:e9:be:12:d7:64:10:5e:55:09:55:0c:
96:4d:64:1e:2c:4e:fd:42:b2:61:f1:f5:bf:72:6b:b5:ae:51:
88:ce:ee:60:44:ab:fc:b2:73:5f:fd:db:20:41:16:7e:2e:1d:
e1:98:f5:39:05:69:67:a5:cd:fd:f3:94:fa:d6:6d:ac:46:f8:
ea:d2:17:30:d3:09:11:1d:f6:74:bc:57:6d:d1:35:b7:c2:d8:
64:b3:8d:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVx8QQ/8FFzOmlrWTajuvJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAyMTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODRkYjc0Y2M5ZDQ4M2Q5Yzk5NWQxMjVlYzI5ODIzNTk2YzE2YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntUfb3Me4QSSNMx+zLlxL04YlIgc
akd12ujGf2ns4zTi6lEghMzb3PVbZiK+D/o5R/R3pgmQIIC7LF4Kf47+0AipHO+m
i+cyAA7xj59hHOM6WL8f5PrGwX92V1lQlh9OT1uxMI8TXwjtGMrZhdwdTGwxv5zs
rjw37GgPgwFKL67ZUB7RcIjO8TBn++1AfK3erxRsfdL9VJgludznxo4RMT7++7WH
I1OxfK2+IxCjSEKHpZdx4eJ+SCKqIDeekaCtSU/wE3BhpbdQnqG+Rbw28oAaWoll
+YitpSku+ajHbnjr0MMRWdU5CFIYJEMem7GxIUv6MdTlK/9QsxzLJZgjDwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOhNt0zJ1IPZyZXRJewpgjWWwWw+MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvNkUyM1RNblVnOW5KbGRFbDdDbUNOWmJCYkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZpyAwQA
JeZWAwQAVOy/AwQCVOzIAwQAspwYAwQAspxqMA0GCSqGSIb3DQEBCwUAA4IBAQCS
l8Q2IZhm+MMGMomi81QZ5YyPTWLAr6Rf4p7WqwTRvFC8XtoigkWAER58xZ8YyrCZ
v32KgHT1y8OU3i7E2yy7m1biNh3EpT99MyMltXPQrOBhy96D5BG54uqaT78dF+Pe
4fOhlAG60Hf8aqUuYj7g/lrd7Hz0QfMxpS9Fzkq8JkAEkr2llpBGySQ0cYPBA8/O
/PUkBcgkc06DFHVW5wETWbrXxRt4/xPT6b4S12QQXlUJVQyWTWQeLE79QrJh8fW/
cmu1rlGIzu5gRKv8snNf/dsgQRZ+Lh3hmPU5BWlnpc3985T61m2sRvjq0hcw0wkR
HfZ0vFdt0TW3wthks434
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org