Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/5wtJfNRGKXPNAYZfSBniddHacAI.roa
File: 5wtJfNRGKXPNAYZfSBniddHacAI.roa (raw, json)
Hash identifier: 659NoKkR5XkNySv+LGra2xqkSgFmiWVSEQwMMh/TgZc=
Subject key identifier: E7:0B:49:7C:D4:46:29:73:CD:01:86:5F:48:19:E2:75:D1:DA:70:02
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 0188AC22597AF71D7C234437E67088A5A5FC
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/5wtJfNRGKXPNAYZfSBniddHacAI.roa
Signing time: Sun 11 Jun 2023 20:25:12 +0000
ROA not before: Sun 11 Jun 2023 20:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
147.236.176.0/20 maxlen: 20
147.236.183.0/24 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
185.175.32.0/22 maxlen: 23
147.234.23.0/24 maxlen: 24
89.208.128.0/21 maxlen: 21
185.184.244.0/22 maxlen: 23
89.208.134.0/23 maxlen: 24
185.182.76.0/22 maxlen: 24
185.149.252.0/22 maxlen: 24
217.175.80.0/20 maxlen: 20
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/22 maxlen: 24
185.180.100.0/24 maxlen: 24
147.236.116.0/23 maxlen: 24
147.236.120.0/21 maxlen: 21
185.167.108.0/22 maxlen: 24
147.236.125.0/24 maxlen: 24
147.236.144.0/20 maxlen: 24
141.226.120.0/22 maxlen: 24
185.108.80.0/22 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ac:22:59:7a:f7:1d:7c:23:44:37:e6:70:88:a5:a5:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Jun 11 20:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e70b497cd4462973cd01865f4819e275d1da7002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:69:8b:d3:9a:d8:90:35:22:b3:89:70:84:
5b:72:38:91:ec:c5:ef:f4:ea:91:5c:19:1d:cd:e2:
f1:e3:1f:a5:fc:89:69:13:76:fa:8b:38:6f:07:94:
5c:0b:d0:ad:84:5f:ad:ef:bc:82:f3:a3:60:e0:6d:
57:bb:4c:03:41:1c:6b:24:53:c9:bf:16:2e:d4:20:
51:0d:e1:5a:4d:74:87:7b:ed:67:e6:52:5b:b5:ca:
fb:91:4b:95:da:76:1a:48:40:43:7f:71:93:1e:2f:
87:79:97:77:07:83:b2:13:61:54:c3:f8:23:b9:04:
cc:d4:f8:49:65:d2:ed:05:ed:aa:c8:8a:53:29:50:
15:90:4d:b7:7d:02:ee:ba:88:78:51:28:31:31:7f:
ad:63:b9:cd:f7:40:6a:14:30:59:92:69:64:3a:9b:
4a:38:75:fb:1c:33:52:18:b1:ef:19:85:d6:2f:7e:
19:b6:72:44:93:ff:77:8a:24:87:2e:4d:90:8f:df:
85:6c:97:55:3e:e9:07:57:00:f8:9d:22:90:9c:43:
d8:0e:39:1d:97:f7:02:fa:05:9c:9a:fb:de:fa:13:
e8:e8:17:cf:4b:44:4e:af:d6:a1:36:5d:7a:d5:95:
7f:37:79:14:de:31:0a:b6:10:00:82:04:7e:b7:c7:
f3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:0B:49:7C:D4:46:29:73:CD:01:86:5F:48:19:E2:75:D1:DA:70:02
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/5wtJfNRGKXPNAYZfSBniddHacAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0/23
147.236.120.0/21
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
91:e1:24:91:ca:75:c8:9e:ce:cc:57:df:1f:9a:53:70:3c:dd:
d4:88:cc:d5:ec:ff:f5:be:98:24:9b:12:ef:f0:cc:f4:de:72:
b1:2f:be:e2:64:a3:c5:71:83:81:4c:90:cc:54:67:96:a1:ad:
1f:3a:79:95:7f:8f:be:3c:7c:7c:d8:f8:e2:d2:05:da:98:c8:
28:3f:8c:e8:56:e2:b6:06:97:25:33:13:66:73:33:b8:cc:79:
6b:70:90:10:42:06:06:1f:af:38:70:d1:0a:2f:b6:c5:0e:47:
a6:07:bc:0c:b8:20:fb:2e:70:bb:79:f0:8b:75:8e:8b:3a:f0:
87:dd:e9:44:b0:6b:fd:d6:da:65:4d:df:c7:c8:67:d0:c2:eb:
3c:69:69:da:2f:45:6a:76:0d:b7:95:b9:1d:92:ce:55:ed:0a:
aa:34:18:15:f1:dd:32:40:20:4f:0d:c3:11:6b:51:d6:44:2f:
03:30:03:e5:d5:ea:23:fe:70:cf:19:e3:ef:ab:3a:2f:ff:6c:
b8:cc:bd:45:52:f5:59:95:d0:06:ee:51:a9:4b:95:62:ac:a7:
06:42:b2:22:da:55:7c:74:3d:87:96:a5:24:9a:ba:8a:de:a2:
2a:62:40:71:ed:01:fe:b2:1f:b4:1e:6e:17:a7:50:89:e9:fb:
44:9e:b1:a1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAYisIll69x18I0Q35nCIpaX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjMwNjExMjAyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzBiNDk3Y2Q0NDYyOTczY2QwMTg2NWY0ODE5ZTI3NWQxZGE3MDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV5pi9Oa2JA1IrOJcIRbcjiR7MXv
9OqRXBkdzeLx4x+l/IlpE3b6izhvB5RcC9CthF+t77yC86Ng4G1Xu0wDQRxrJFPJ
vxYu1CBRDeFaTXSHe+1n5lJbtcr7kUuV2nYaSEBDf3GTHi+HeZd3B4OyE2FUw/gj
uQTM1PhJZdLtBe2qyIpTKVAVkE23fQLuuoh4USgxMX+tY7nN90BqFDBZkmlkOptK
OHX7HDNSGLHvGYXWL34ZtnJEk/93iiSHLk2Qj9+FbJdVPukHVwD4nSKQnEPYDjkd
l/cC+gWcmvve+hPo6BfPS0ROr9ahNl161ZV/N3kU3jEKthAAggR+t8fzqwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFOcLSXzURilzzQGGX0gZ4nXR2nACMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvNXd0SmZOUkdLWFBOQVlaZlNCbmlkZEhhY0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoAwQBk+x0AwQDk+x4AwQEk+yQ
AwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQCubZMAwQCubj0
AwQDvL/gAwQE2a9QMA0EAgACMAcDBQAqAHxAMA0GCSqGSIb3DQEBCwUAA4IBAQCR
4SSRynXIns7MV98fmlNwPN3UiMzV7P/1vpgkmxLv8Mz03nKxL77iZKPFcYOBTJDM
VGeWoa0fOnmVf4++PHx82Pji0gXamMgoP4zoVuK2BpclMxNmczO4zHlrcJAQQgYG
H684cNEKL7bFDkemB7wMuCD7LnC7efCLdY6LOvCH3elEsGv91tplTd/HyGfQwus8
aWnaL0Vqdg23lbkdks5V7QqqNBgV8d0yQCBPDcMRa1HWRC8DMAPl1eoj/nDPGePv
qzov/2y4zL1FUvVZldAG7lGpS5VirKcGQrIi2lV8dD2HlqUkmrqK3qIqYkBx7QH+
sh+0Hm4Xp1CJ6ftEnrGh
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:24 2024 by rpki-client on console-fra.rpki-client.org