Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/5Crcn1dzYybmNkC_JUt3WvwIgq4.roa
File: 5Crcn1dzYybmNkC_JUt3WvwIgq4.roa (raw, json)
Hash identifier: 5y8fc2F3J0O8koqsZDmFT/oxZjmAjt8wGbJSz+78sk0=
Subject key identifier: E4:2A:DC:9F:57:73:63:26:E6:36:40:BF:25:4B:77:5A:FC:08:82:AE
Certificate issuer: /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial: 018572D5D324EFAE646C413B41E3554E1E91
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/5Crcn1dzYybmNkC_JUt3WvwIgq4.roa
Signing time: Mon 02 Jan 2023 14:14:53 +0000
ROA not before: Mon 02 Jan 2023 14:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50500
IP address blocks: 185.114.90.0/24 maxlen: 24
185.114.91.0/24 maxlen: 24
185.114.88.0/24 maxlen: 24
185.114.89.0/24 maxlen: 24
185.134.179.0/24 maxlen: 24
185.134.176.0/24 maxlen: 24
185.134.177.0/24 maxlen: 24
185.134.178.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:d3:24:ef:ae:64:6c:41:3b:41:e3:55:4e:1e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
Validity
Not Before: Jan 2 14:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e42adc9f57736326e63640bf254b775afc0882ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:70:89:4f:e8:40:5a:da:68:a5:bf:b0:f6:fb:
1d:93:2a:ce:c4:d5:85:92:ac:08:39:e2:8c:5c:13:
5a:22:f3:1f:40:0a:d6:65:50:c3:d9:5e:e3:c4:43:
3f:a4:4e:eb:9a:6c:86:ee:8c:b8:6b:43:3e:9b:d7:
84:a2:86:fb:bd:15:3b:9c:fe:33:99:26:e3:43:da:
9f:42:4c:45:87:0b:6c:05:86:06:66:1e:46:b0:42:
91:85:28:5a:ca:cf:03:77:35:81:5b:68:93:a7:65:
77:8a:5c:f6:52:21:5c:72:3e:55:bb:79:ce:ac:d0:
a0:1b:4f:ef:7e:5d:93:3a:90:7e:ec:84:d3:b1:d6:
9b:9a:91:51:c9:a9:b7:57:ea:6d:80:b1:35:87:33:
6b:b3:30:c6:e1:de:5b:04:4a:f4:70:84:a8:57:4f:
61:3d:fe:0e:5b:6f:77:8b:ba:01:36:fe:74:e7:ad:
37:9f:02:b3:ed:68:60:28:0b:67:dd:1e:9b:d4:3b:
ee:cf:49:65:91:71:2f:49:73:b5:94:56:09:d3:3f:
68:dd:46:38:09:aa:7a:9b:f1:07:27:96:b9:8b:b2:
dd:ad:8d:1b:1a:68:0d:b2:f8:74:e4:27:ed:8f:50:
b0:51:c8:42:87:6c:85:7e:a3:44:5d:10:30:82:af:
95:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:2A:DC:9F:57:73:63:26:E6:36:40:BF:25:4B:77:5A:FC:08:82:AE
X509v3 Authority Key Identifier:
keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/5Crcn1dzYybmNkC_JUt3WvwIgq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.88.0/22
185.134.176.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:0e:b2:df:ca:5d:3b:2a:d4:2f:4f:6c:e3:8c:ea:a8:4d:e3:
f1:d9:6c:3a:38:da:60:d6:f3:87:05:ee:3e:34:95:e2:7d:98:
45:71:1b:3b:e9:4a:9a:82:75:ab:12:12:5c:77:29:cb:ad:2c:
22:c1:27:4a:ac:a4:57:32:86:59:c0:c0:f1:0f:de:4f:2d:a6:
34:94:13:a5:f8:f2:22:17:ae:76:5f:86:6c:80:26:48:36:af:
70:1b:e6:c1:62:08:35:30:9d:49:54:81:e4:a3:ec:e9:2e:25:
90:73:71:d5:42:91:46:1a:e6:33:03:04:82:7c:8d:3f:03:8d:
55:2c:cd:09:90:f7:fb:5c:12:1a:13:07:81:1c:81:86:ab:a0:
34:ea:2b:bc:37:0a:ff:90:52:03:a0:c6:e3:dc:90:ca:d3:cb:
1c:da:08:a5:d4:51:c5:18:82:b4:e5:5a:93:d8:a0:c5:71:84:
ed:5c:61:f2:60:d1:ca:7c:31:af:7b:06:1c:dd:21:51:df:80:
b2:22:0c:34:4e:62:da:d8:ab:04:f9:d7:61:0f:5e:de:26:3d:
a6:54:49:a6:84:95:23:87:38:e4:f6:09:08:9e:37:91:bf:7f:
9f:5e:f1:d2:09:f9:90:75:8b:3a:3a:48:ce:1c:a5:50:bb:fe:
dc:fc:27:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVy1dMk765kbEE7QeNVTh6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjMwMTAyMTQxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDJhZGM5ZjU3NzM2MzI2ZTYzNjQwYmYyNTRiNzc1YWZjMDg4MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnCJT+hAWtpopb+w9vsdkyrOxNWF
kqwIOeKMXBNaIvMfQArWZVDD2V7jxEM/pE7rmmyG7oy4a0M+m9eEoob7vRU7nP4z
mSbjQ9qfQkxFhwtsBYYGZh5GsEKRhShays8DdzWBW2iTp2V3ilz2UiFccj5Vu3nO
rNCgG0/vfl2TOpB+7ITTsdabmpFRyam3V+ptgLE1hzNrszDG4d5bBEr0cISoV09h
Pf4OW293i7oBNv505603nwKz7WhgKAtn3R6b1Dvuz0llkXEvSXO1lFYJ0z9o3UY4
Cap6m/EHJ5a5i7LdrY0bGmgNsvh05Cftj1CwUchCh2yFfqNEXRAwgq+V6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOQq3J9Xc2Mm5jZAvyVLd1r8CIKuMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvNUNyY24xZHpZeWJtTmtDX0pVdDNXdndJZ3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh
LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXJYAwQC
uYawMA0GCSqGSIb3DQEBCwUAA4IBAQCrDrLfyl07KtQvT2zjjOqoTePx2Ww6ONpg
1vOHBe4+NJXifZhFcRs76UqagnWrEhJcdynLrSwiwSdKrKRXMoZZwMDxD95PLaY0
lBOl+PIiF652X4ZsgCZINq9wG+bBYgg1MJ1JVIHko+zpLiWQc3HVQpFGGuYzAwSC
fI0/A41VLM0JkPf7XBIaEweBHIGGq6A06iu8Nwr/kFIDoMbj3JDK08sc2gil1FHF
GIK05VqT2KDFcYTtXGHyYNHKfDGvewYc3SFR34CyIgw0TmLa2KsE+ddhD17eJj2m
VEmmhJUjhzjk9gkInjeRv3+fXvHSCfmQdYs6OkjOHKVQu/7c/Cfc
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:09 2024 by rpki-client on console-fra.rpki-client.org