Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/E87p6NmHO3FGYNh2E7nU0iq7VSo.roa
File: E87p6NmHO3FGYNh2E7nU0iq7VSo.roa (raw, json)
Hash identifier: +lz+E7gaCj8rqhQ1S2RDP4qaoT7vDPPP/D+UlbhJek8=
Subject key identifier: 13:CE:E9:E8:D9:87:3B:71:46:60:D8:76:13:B9:D4:D2:2A:BB:55:2A
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0189923AAFAEDA2BFAB69F68027F6E619C54
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/E87p6NmHO3FGYNh2E7nU0iq7VSo.roa
Signing time: Wed 26 Jul 2023 12:44:26 +0000
ROA not before: Wed 26 Jul 2023 12:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:3a:af:ae:da:2b:fa:b6:9f:68:02:7f:6e:61:9c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 26 12:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13cee9e8d9873b714660d87613b9d4d22abb552a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:61:4c:f7:c6:cb:3c:6c:b2:34:b4:ea:69:
57:a7:ae:7d:cf:12:20:b8:18:55:89:d5:cd:10:62:
d9:9d:68:aa:2a:8f:33:fd:56:f3:70:e7:8a:75:5f:
77:83:f2:02:e0:86:bf:3b:b4:79:7d:b5:fb:cf:95:
b5:a9:6d:f9:37:91:e2:e2:9b:dd:85:5e:a8:3c:f0:
38:62:af:4e:18:b3:b7:9a:fa:7e:e9:02:c1:6d:1d:
c3:13:6a:4e:f3:9c:03:fb:e8:e8:34:74:24:03:67:
75:ed:8b:c1:3e:45:cd:89:fd:aa:2c:d6:93:ad:96:
ce:f1:6e:1c:ce:b1:b0:4a:0d:0f:bb:6b:f1:b4:71:
1a:2f:94:08:ad:15:d2:84:8d:90:00:af:5c:82:b2:
4f:99:96:ac:6a:d0:9a:78:94:3d:2b:be:73:97:1e:
87:f6:78:99:98:94:0a:4d:89:d7:63:22:c6:df:46:
2b:a7:90:d9:c0:86:f1:6d:1d:04:20:7e:d9:04:63:
b0:c2:c6:94:9f:1a:4b:b3:9d:84:46:20:bf:44:75:
15:3c:f0:fc:11:5b:16:4f:ba:ad:61:66:f4:32:ca:
6d:7b:16:ae:22:03:ae:1c:9f:66:56:a6:52:3e:7a:
3a:b6:c9:af:63:f6:6d:48:2a:1e:70:c0:16:7b:2b:
7c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CE:E9:E8:D9:87:3B:71:46:60:D8:76:13:B9:D4:D2:2A:BB:55:2A
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/E87p6NmHO3FGYNh2E7nU0iq7VSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
89.46.217.0/24
185.239.0.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
51:f3:08:ef:26:2e:f3:f0:af:a1:63:9e:57:cd:01:7b:22:c4:
5c:02:61:dc:b6:97:9d:0c:24:c8:d5:70:73:dd:23:98:f3:19:
2f:a7:82:14:42:d5:49:ce:c8:3e:ef:ed:79:26:0e:b2:a5:8e:
cc:18:9a:b2:00:a7:88:d9:87:4e:8b:37:ef:f9:dc:91:ef:25:
3f:c1:57:fa:a6:56:64:c7:3b:42:96:21:c7:af:be:ab:b7:ce:
20:24:d2:bb:3a:c2:23:fb:c4:c8:bb:64:3a:a3:a3:af:e0:56:
3f:cf:69:99:61:09:aa:2a:68:7f:fa:8a:82:39:62:58:b5:50:
8d:8d:54:7b:df:1d:c8:f7:25:1e:40:75:f1:5a:a2:5a:9c:d2:
66:bd:93:fe:4a:12:f4:72:7f:b1:bb:1b:db:95:1a:df:a4:a7:
3d:7e:8a:3c:18:a3:e4:1a:8f:08:36:6a:c2:1f:fe:11:ae:4d:
fe:85:94:13:af:f8:42:d0:54:73:0d:17:6f:62:56:dd:77:38:
69:90:49:d8:df:14:f7:a6:cb:97:52:c8:18:80:d5:b9:c8:76:
fa:1d:be:b0:70:b9:74:f3:3d:17:13:09:a8:75:32:a8:01:37:
d8:99:bd:cf:fc:02:72:15:40:27:c5:6c:b2:f9:51:8a:00:c5:
b9:d0:ba:b5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYmSOq+u2iv6tp9oAn9uYZxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzI2MTI0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2NlZTllOGQ5ODczYjcxNDY2MGQ4NzYxM2I5ZDRkMjJhYmI1NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth5hTPfGyzxssjS06mlXp659zxIg
uBhVidXNEGLZnWiqKo8z/VbzcOeKdV93g/IC4Ia/O7R5fbX7z5W1qW35N5Hi4pvd
hV6oPPA4Yq9OGLO3mvp+6QLBbR3DE2pO85wD++joNHQkA2d17YvBPkXNif2qLNaT
rZbO8W4czrGwSg0Pu2vxtHEaL5QIrRXShI2QAK9cgrJPmZasatCaeJQ9K75zlx6H
9niZmJQKTYnXYyLG30Yrp5DZwIbxbR0EIH7ZBGOwwsaUnxpLs52ERiC/RHUVPPD8
EVsWT7qtYWb0MsptexauIgOuHJ9mVqZSPno6tsmvY/ZtSCoecMAWeyt8QwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBPO6ejZhztxRmDYdhO51NIqu1UqMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvRTg3cDZObUhPM0ZHWU5oMkU3blUwaXE3VlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZ8xAwQA
BZ82AwQALV7VAwQAWS7ZAwQAue8AAwQBue8CMA0GCSqGSIb3DQEBCwUAA4IBAQBR
8wjvJi7z8K+hY55XzQF7IsRcAmHctpedDCTI1XBz3SOY8xkvp4IUQtVJzsg+7+15
Jg6ypY7MGJqyAKeI2YdOizfv+dyR7yU/wVf6plZkxztCliHHr76rt84gJNK7OsIj
+8TIu2Q6o6Ov4FY/z2mZYQmqKmh/+oqCOWJYtVCNjVR73x3I9yUeQHXxWqJanNJm
vZP+ShL0cn+xuxvblRrfpKc9foo8GKPkGo8INmrCH/4Rrk3+hZQTr/hC0FRzDRdv
YlbddzhpkEnY3xT3psuXUsgYgNW5yHb6Hb6wcLl08z0XEwmodTKoATfYmb3P/AJy
FUAnxWyy+VGKAMW50Lq1
Generated at Wed Jul 26 16:18:23 2023 by rpki-client on console-ams.rpki-client.org