Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/5_hdx_9lWhIXIHdlw9C5YmzdYzU.roa
File: 5_hdx_9lWhIXIHdlw9C5YmzdYzU.roa (raw, json)
Hash identifier: mwOf5H/rbN1njSElRcNinNHx/6CMfySmXV3mY1/o/Vc=
Subject key identifier: E7:F8:5D:C7:FF:65:5A:12:17:20:77:65:C3:D0:B9:62:6C:DD:63:35
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 018C0FEB33A66CC2116C1450C99808591BD8
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/5_hdx_9lWhIXIHdlw9C5YmzdYzU.roa
Signing time: Mon 27 Nov 2023 08:35:21 +0000
ROA not before: Mon 27 Nov 2023 08:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8612
IP address blocks: 84.220.0.0/16 maxlen: 24
195.130.224.0/19 maxlen: 19
193.43.3.180/30 maxlen: 30
213.205.0.0/18 maxlen: 18
193.43.3.192/26 maxlen: 26
193.43.2.0/24 maxlen: 24
82.85.26.128/26 maxlen: 26
82.85.53.64/26 maxlen: 26
82.85.53.0/26 maxlen: 26
82.84.0.0/15 maxlen: 24
193.207.24.0/21 maxlen: 24
217.133.0.0/16 maxlen: 16
193.207.32.0/19 maxlen: 24
217.73.208.0/20 maxlen: 20
193.207.96.0/20 maxlen: 21
193.43.3.184/29 maxlen: 29
212.123.64.0/19 maxlen: 19
193.207.128.0/17 maxlen: 22
84.221.0.0/16 maxlen: 24
193.207.64.0/18 maxlen: 24
94.32.0.0/14 maxlen: 14
213.205.0.251/32 maxlen: 32
94.32.115.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
2a01:7d0:4800:1::/64 maxlen: 64
2a01:7d0::/32 maxlen: 32
2a01:7d0:4811::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0f:eb:33:a6:6c:c2:11:6c:14:50:c9:98:08:59:1b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Nov 27 08:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7f85dc7ff655a1217207765c3d0b9626cdd6335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:66:a6:50:ea:b6:a4:89:4d:01:d1:23:9b:e2:
ca:18:3b:f0:6b:82:cd:ab:7a:34:e2:53:b3:ad:6f:
85:9e:df:b2:5f:27:7d:bc:26:ee:84:bf:25:15:76:
99:cf:35:7c:41:03:65:42:55:76:1f:60:7a:b4:df:
52:d1:1a:f5:ee:0f:07:f8:1e:23:55:11:87:2c:d7:
20:d1:d6:aa:13:28:7f:f3:18:ed:3c:d6:92:7c:4a:
37:22:02:18:3b:a9:a8:42:9a:e7:25:1e:e7:7e:15:
e1:ef:f0:9b:84:b8:82:90:cc:e4:ac:86:05:99:25:
b9:78:4e:3a:c8:31:c4:c5:11:4e:bb:26:7e:a4:bd:
83:cb:09:a1:de:a1:70:61:38:1d:0e:ed:19:68:58:
c9:2a:ed:5e:89:1c:85:3a:b3:ed:f4:80:a3:05:a9:
e9:60:02:cd:1d:b5:8a:97:ed:e9:4c:85:de:5e:39:
b9:1b:13:53:bd:eb:93:ca:49:54:31:39:6f:99:5a:
6c:cb:b0:59:b7:1c:85:e2:0b:0d:b4:24:5a:e1:3d:
84:16:38:68:75:24:43:4e:15:66:7d:1e:f1:a9:ca:
4b:1c:c6:01:6b:4d:cf:65:b8:31:16:bf:74:d2:3c:
ef:f4:b1:b2:41:9e:82:2b:17:3f:b5:42:09:06:a2:
68:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F8:5D:C7:FF:65:5A:12:17:20:77:65:C3:D0:B9:62:6C:DD:63:35
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/5_hdx_9lWhIXIHdlw9C5YmzdYzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.84.0.0/15
84.220.0.0/15
94.32.0.0/14
193.43.2.0/24
193.43.3.180-193.43.3.255
193.207.24.0-193.207.255.255
195.130.224.0/19
212.123.64.0/19
213.205.0.0/18
217.73.208.0/20
217.133.0.0/16
IPv6:
2a01:7d0::/32
Signature Algorithm: sha256WithRSAEncryption
17:86:66:13:12:a2:2d:a2:62:2c:5a:9b:3b:87:89:67:3c:c3:
34:3a:e2:09:d6:5d:3d:73:3c:f8:24:c7:31:0b:b6:6e:a4:11:
ef:72:61:bb:44:8f:32:f4:54:01:6b:4c:99:73:92:6a:04:7a:
9a:d2:98:51:7b:2c:1e:bf:72:c0:06:c6:e6:0c:30:67:6e:06:
de:2e:00:c6:7e:14:0a:a6:3a:6d:7b:74:65:de:69:ec:b6:11:
e8:a0:be:b5:83:47:74:83:d7:e5:07:c3:f0:37:31:a6:fd:42:
f5:57:ec:67:13:c6:a0:c4:71:42:29:a2:bd:50:6f:5e:e3:f8:
b6:9a:a7:a5:a8:af:18:6d:43:4a:61:55:cd:6b:07:98:52:13:
46:e0:32:16:39:2e:5f:e8:14:dc:cd:a5:8d:ea:3a:32:4d:17:
c4:aa:c2:29:97:ae:08:78:2f:e5:e8:db:b7:60:c2:35:f3:af:
ed:77:62:81:6e:cc:82:07:cc:4b:28:66:be:5a:76:9a:6d:88:
cb:fd:66:01:73:b6:73:46:82:5c:29:78:a0:c9:bc:c2:e5:39:
5e:a8:2c:34:d0:c1:26:32:f0:15:09:a8:9e:de:43:d9:79:71:
ea:10:7c:f7:6c:a5:f3:83:f0:db:43:a4:b6:be:a4:2b:30:85:
10:f3:be:6c
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYwP6zOmbMIRbBRQyZgIWRvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjMxMTI3MDgzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y4NWRjN2ZmNjU1YTEyMTcyMDc3NjVjM2QwYjk2MjZjZGQ2MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmamUOq2pIlNAdEjm+LKGDvwa4LN
q3o04lOzrW+Fnt+yXyd9vCbuhL8lFXaZzzV8QQNlQlV2H2B6tN9S0Rr17g8H+B4j
VRGHLNcg0daqEyh/8xjtPNaSfEo3IgIYO6moQprnJR7nfhXh7/CbhLiCkMzkrIYF
mSW5eE46yDHExRFOuyZ+pL2Dywmh3qFwYTgdDu0ZaFjJKu1eiRyFOrPt9ICjBanp
YALNHbWKl+3pTIXeXjm5GxNTveuTyklUMTlvmVpsy7BZtxyF4gsNtCRa4T2EFjho
dSRDThVmfR7xqcpLHMYBa03PZbgxFr900jzv9LGyQZ6CKxc/tUIJBqJoDQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFOf4Xcf/ZVoSFyB3ZcPQuWJs3WM1MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvNV9oZHhfOWxXaElYSUhkbHc5QzVZbXpkWXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwMBUlQDAwFU
3AMDAl4gAwQAwSsCMA0DBQLBKwO0AwQCwSsAMAsDBAPBzxgDAwTBwAMEBcOC4AME
BdR7QAMEBtXNAAMEBNlJ0AMDANmFMA0EAgACMAcDBQAqAQfQMA0GCSqGSIb3DQEB
CwUAA4IBAQAXhmYTEqItomIsWps7h4lnPMM0OuIJ1l09czz4JMcxC7ZupBHvcmG7
RI8y9FQBa0yZc5JqBHqa0phReywev3LABsbmDDBnbgbeLgDGfhQKpjpte3Rl3mns
thHooL61g0d0g9flB8PwNzGm/UL1V+xnE8agxHFCKaK9UG9e4/i2mqelqK8YbUNK
YVXNaweYUhNG4DIWOS5f6BTczaWN6joyTRfEqsIpl64IeC/l6Nu3YMI186/td2KB
bsyCB8xLKGa+WnaabYjL/WYBc7ZzRoJcKXigybzC5TleqCw00MEmMvAVCaie3kPZ
eXHqEHz3bKXzg/DbQ6S2vqQrMIUQ875s
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:15 2024 by rpki-client on console-fra.rpki-client.org