Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/wR7zWKiEZx5YMAAeaqsx2GD7aFY.roa
File: wR7zWKiEZx5YMAAeaqsx2GD7aFY.roa (raw, json)
Hash identifier: CA/JESAwaWCa8yHlAy95Z65uixt6PsP32/DDu7+qNB8=
Subject key identifier: C1:1E:F3:58:A8:84:67:1E:58:30:00:1E:6A:AB:31:D8:60:FB:68:56
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 01856FA6E527E2C1CF77FD50CEB15F2F15DB
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/wR7zWKiEZx5YMAAeaqsx2GD7aFY.roa
Signing time: Sun 01 Jan 2023 23:24:46 +0000
ROA not before: Sun 01 Jan 2023 23:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60404
IP address blocks: 5.255.96.0/19 maxlen: 19
192.76.163.0/24 maxlen: 24
192.76.160.0/24 maxlen: 24
150.129.8.0/22 maxlen: 22
103.251.164.0/22 maxlen: 22
192.76.150.0/24 maxlen: 24
192.76.153.0/24 maxlen: 24
185.31.172.0/22 maxlen: 22
5.2.64.0/20 maxlen: 20
5.2.67.0/24 maxlen: 24
5.2.70.0/24 maxlen: 24
2a01:6340::/29 maxlen: 29
2a0f:6bc0::/29 maxlen: 29
2a04:52c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:e5:27:e2:c1:cf:77:fd:50:ce:b1:5f:2f:15:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Jan 1 23:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c11ef358a884671e5830001e6aab31d860fb6856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ab:15:67:da:e8:84:10:ad:f8:2e:07:99:ed:
88:6d:38:7f:ab:e4:11:54:3a:c3:4a:4c:6d:67:ea:
9c:d5:32:53:53:81:67:a4:77:fb:91:8b:d8:1f:31:
21:39:80:27:21:3f:d0:08:57:66:18:d8:d2:75:02:
23:60:4a:6d:72:0f:e7:2e:ea:05:5b:69:7f:b3:31:
72:47:fc:36:36:82:a3:2d:31:8a:a2:e4:c4:bc:c4:
87:ce:e8:64:9e:5b:76:c9:78:82:8c:c7:42:14:d7:
a0:c3:4e:81:e9:03:b0:a7:79:8d:11:1f:50:8e:4e:
72:bc:c3:b2:13:9e:d7:7b:2a:8f:d2:23:0b:7b:95:
1c:83:db:06:fe:1c:2e:99:8c:74:64:21:ee:69:e2:
06:cb:96:2f:a2:30:89:ff:81:5a:c5:6f:d9:c4:b9:
12:09:55:ac:c0:29:e9:d5:84:d8:31:08:73:bf:e6:
ce:ab:1c:59:54:fd:12:80:d5:e6:1b:61:6a:15:25:
90:48:57:43:f5:9b:64:6d:24:b2:be:34:fc:c0:d3:
39:cc:4d:da:50:92:76:da:d5:83:7c:2f:68:7f:ab:
b6:60:7c:ef:94:a8:dc:0d:f1:6b:65:60:66:e0:99:
d0:74:d5:18:f9:fb:c6:84:60:66:42:6e:52:0a:0e:
5e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1E:F3:58:A8:84:67:1E:58:30:00:1E:6A:AB:31:D8:60:FB:68:56
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/wR7zWKiEZx5YMAAeaqsx2GD7aFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.64.0/20
5.255.96.0/19
103.251.164.0/22
150.129.8.0/22
185.31.172.0/22
192.76.150.0/24
192.76.153.0/24
192.76.160.0/24
192.76.163.0/24
IPv6:
2a01:6340::/29
2a04:52c0::/32
2a0f:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
95:30:06:7e:40:58:07:3e:91:f2:39:54:a7:02:e0:24:01:3d:
61:65:3e:0d:fb:97:69:be:b0:24:91:a5:00:2a:98:81:dd:ed:
30:e9:7d:88:a6:9d:71:99:51:49:e3:21:b3:17:59:a7:3d:49:
2a:b7:96:80:d3:19:5f:58:c6:14:46:8f:c3:75:ba:eb:71:92:
75:bf:7f:8e:e6:c9:a3:e3:72:f5:89:89:48:df:37:18:bc:31:
4b:be:33:1a:de:2a:27:6b:fc:a1:ba:f5:a8:9c:f3:9f:8b:7b:
aa:39:00:20:5d:19:b6:8e:6c:24:bc:93:54:6f:1c:7c:cb:a9:
08:28:33:e5:8d:2a:f2:ea:aa:e0:73:f3:76:76:6d:bf:be:28:
a0:a7:1e:7a:ab:7b:50:4e:13:9f:57:90:7f:9c:8d:e4:91:19:
01:29:59:d0:d1:ff:c7:5b:91:19:a9:87:30:d5:81:e3:ee:f7:
c0:56:70:2e:a4:10:0d:da:44:d9:11:e3:5b:4c:d0:93:04:6e:
5e:d4:92:f6:93:b7:f6:75:47:56:05:14:68:12:c0:d1:7f:20:
d1:87:30:e0:58:c6:1b:7c:39:3b:29:11:2f:4c:6e:c9:e5:40:
b4:50:85:04:75:5b:14:cf:8d:9a:2c:f7:d2:5c:29:93:a1:ac:
99:90:40:0b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYVvpuUn4sHPd/1QzrFfLxXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjMwMTAxMjMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTFlZjM1OGE4ODQ2NzFlNTgzMDAwMWU2YWFiMzFkODYwZmI2ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqsVZ9rohBCt+C4Hme2IbTh/q+QR
VDrDSkxtZ+qc1TJTU4FnpHf7kYvYHzEhOYAnIT/QCFdmGNjSdQIjYEptcg/nLuoF
W2l/szFyR/w2NoKjLTGKouTEvMSHzuhknlt2yXiCjMdCFNegw06B6QOwp3mNER9Q
jk5yvMOyE57XeyqP0iMLe5Ucg9sG/hwumYx0ZCHuaeIGy5YvojCJ/4FaxW/ZxLkS
CVWswCnp1YTYMQhzv+bOqxxZVP0SgNXmG2FqFSWQSFdD9ZtkbSSyvjT8wNM5zE3a
UJJ22tWDfC9of6u2YHzvlKjcDfFrZWBm4JnQdNUY+fvGhGBmQm5SCg5ewwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFMEe81iohGceWDAAHmqrMdhg+2hWMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvd1I3eldLaUVaeDVZTUFBZWFxc3gyR0Q3YUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQEBQJAAwQF
Bf9gAwQCZ/ukAwQCloEIAwQCuR+sAwQAwEyWAwQAwEyZAwQAwEygAwQAwEyjMBsE
AgACMBUDBQMqAWNAAwUAKgRSwAMFAyoPa8AwDQYJKoZIhvcNAQELBQADggEBAJUw
Bn5AWAc+kfI5VKcC4CQBPWFlPg37l2m+sCSRpQAqmIHd7TDpfYimnXGZUUnjIbMX
Wac9SSq3loDTGV9YxhRGj8N1uutxknW/f47myaPjcvWJiUjfNxi8MUu+MxreKidr
/KG69aic85+Le6o5ACBdGbaObCS8k1RvHHzLqQgoM+WNKvLqquBz83Z2bb++KKCn
Hnqre1BOE59XkH+cjeSRGQEpWdDR/8dbkRmphzDVgePu98BWcC6kEA3aRNkR41tM
0JMEbl7UkvaTt/Z1R1YFFGgSwNF/INGHMOBYxht8OTspES9MbsnlQLRQhQR1WxTP
jZos99JcKZOhrJmQQAs=
-----END CERTIFICATE-----
Generated at Thu Nov 23 00:11:10 2023 by rpki-client on console-fra.rpki-client.org