Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/v2VLpTjsNs8vPJVZUD0sQvAArfo.roa
File: v2VLpTjsNs8vPJVZUD0sQvAArfo.roa (raw, json)
Hash identifier: 9cLNBbQU1r7SYdDwqt7a/GhBqPAOk8CsfEPDtBFW49I=
Subject key identifier: BF:65:4B:A5:38:EC:36:CF:2F:3C:95:59:50:3D:2C:42:F0:00:AD:FA
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0187B6AD9590C395080042030C71D33D80D1
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/v2VLpTjsNs8vPJVZUD0sQvAArfo.roa
Signing time: Tue 25 Apr 2023 04:30:41 +0000
ROA not before: Tue 25 Apr 2023 04:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b6:ad:95:90:c3:95:08:00:42:03:0c:71:d3:3d:80:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Apr 25 04:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf654ba538ec36cf2f3c9559503d2c42f000adfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2c:fa:d8:4f:1b:3a:9e:5b:f1:b9:f3:9a:b4:
16:7c:bd:c0:6d:b0:31:8d:78:60:04:e7:b3:a0:22:
0e:88:63:9f:cb:1e:ac:f3:51:da:9a:0a:22:6a:0f:
4a:b6:6d:0f:2e:b6:76:4f:41:45:0e:69:e2:2e:f3:
dd:6b:62:f9:03:97:a9:8e:56:4f:f1:ac:22:67:c2:
83:70:a9:0d:62:7c:ad:5e:cc:47:c6:97:92:53:ba:
88:87:a2:e9:09:05:cf:f9:81:5c:50:ba:d1:81:08:
c0:2f:64:1c:04:dc:58:07:3e:c5:34:5f:3e:57:40:
cf:3b:c1:04:72:0e:cd:82:aa:ab:67:74:82:c0:b8:
86:ba:a4:46:5b:29:2f:42:89:66:e1:83:1e:b6:b0:
19:1d:2e:f3:7c:75:8e:17:92:d6:a6:a8:1b:a5:47:
0e:bf:80:2c:52:11:99:20:e0:11:db:56:be:b0:4c:
dd:ea:3e:43:b5:14:94:e1:c2:ac:04:37:75:a5:be:
68:21:65:77:6e:da:d6:f7:12:f6:8f:94:d1:ba:90:
de:e1:d6:4e:bc:8d:67:49:cd:e3:88:d3:e8:e1:70:
23:99:d1:b9:62:95:af:b0:59:ed:6b:52:82:60:72:
8e:db:6e:c4:86:d2:54:51:7e:82:dc:b1:25:f9:b8:
b3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:65:4B:A5:38:EC:36:CF:2F:3C:95:59:50:3D:2C:42:F0:00:AD:FA
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/v2VLpTjsNs8vPJVZUD0sQvAArfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.54.0/24
89.46.217.0/24
185.239.2.0/23
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
41:08:b9:b4:39:cb:97:4d:6b:15:6b:59:08:c4:30:20:31:89:
4b:37:9e:fe:ae:94:e0:00:c5:04:d3:09:50:73:44:4c:74:7a:
ea:83:5a:a9:98:7f:d4:78:42:6b:a1:0f:9c:e0:36:6b:07:54:
86:13:1d:17:68:33:c0:e6:e4:af:51:94:9e:24:2a:96:23:fb:
91:ef:17:3f:ce:e8:94:be:02:ff:ee:9a:5d:76:6e:9c:a0:7c:
83:f8:ab:6e:2b:a4:4f:45:7e:be:f7:36:80:2a:ff:cb:27:86:
8f:5a:9e:0f:2a:8a:d3:62:5e:f0:26:fa:79:a3:d3:2d:93:0b:
8b:bf:95:71:58:29:bc:5b:ef:67:79:64:50:6e:5c:41:0f:62:
32:ef:ed:54:05:c8:08:44:33:12:30:52:24:77:bf:9a:31:b2:
f2:97:3d:09:da:4c:2e:60:03:93:52:13:ef:8c:66:bf:69:9c:
d8:64:b1:68:29:fe:2c:3e:e4:96:32:67:fc:2e:6e:19:b2:48:
48:c6:b1:22:5f:99:0b:93:a1:33:83:ac:e8:15:17:83:79:93:
ce:04:f8:e3:d8:0b:25:75:97:be:e5:15:de:a9:30:73:59:9b:
32:1b:3d:74:4d:f7:a1:c5:5e:00:31:97:be:33:63:0e:9b:10:
4c:ea:21:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe2rZWQw5UIAEIDDHHTPYDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNDI1MDQzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY1NGJhNTM4ZWMzNmNmMmYzYzk1NTk1MDNkMmM0MmYwMDBhZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSz62E8bOp5b8bnzmrQWfL3AbbAx
jXhgBOezoCIOiGOfyx6s81Hamgoiag9Ktm0PLrZ2T0FFDmniLvPda2L5A5epjlZP
8awiZ8KDcKkNYnytXsxHxpeSU7qIh6LpCQXP+YFcULrRgQjAL2QcBNxYBz7FNF8+
V0DPO8EEcg7NgqqrZ3SCwLiGuqRGWykvQolm4YMetrAZHS7zfHWOF5LWpqgbpUcO
v4AsUhGZIOAR21a+sEzd6j5DtRSU4cKsBDd1pb5oIWV3btrW9xL2j5TRupDe4dZO
vI1nSc3jiNPo4XAjmdG5YpWvsFnta1KCYHKO227EhtJUUX6C3LEl+bizuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL9lS6U47DbPLzyVWVA9LELwAK36MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvdjJWTHBUanNOczh2UEpWWlVEMHNRdkFBcmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ82AwQA
WS7ZAwQBue8CAwQAvPDEMA0GCSqGSIb3DQEBCwUAA4IBAQBBCLm0OcuXTWsVa1kI
xDAgMYlLN57+rpTgAMUE0wlQc0RMdHrqg1qpmH/UeEJroQ+c4DZrB1SGEx0XaDPA
5uSvUZSeJCqWI/uR7xc/zuiUvgL/7ppddm6coHyD+KtuK6RPRX6+9zaAKv/LJ4aP
Wp4PKorTYl7wJvp5o9MtkwuLv5VxWCm8W+9neWRQblxBD2Iy7+1UBcgIRDMSMFIk
d7+aMbLylz0J2kwuYAOTUhPvjGa/aZzYZLFoKf4sPuSWMmf8Lm4ZskhIxrEiX5kL
k6Ezg6zoFReDeZPOBPjj2AsldZe+5RXeqTBzWZsyGz10TfehxV4AMZe+M2MOmxBM
6iH5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:10 2023 by rpki-client on console-ams.rpki-client.org