Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/AtVeNhp6FZV0cm4_kXsHuobnwac.roa
File: AtVeNhp6FZV0cm4_kXsHuobnwac.roa (raw, json)
Hash identifier: 9AucwQj4BDvNT+lr6ZkeClpvNX1IfbWNpl0qjGMHHXI=
Subject key identifier: 02:D5:5E:36:1A:7A:15:95:74:72:6E:3F:91:7B:07:BA:86:E7:C1:A7
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 018571834527D5DBE363BA687CED3E945595
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/AtVeNhp6FZV0cm4_kXsHuobnwac.roa
Signing time: Mon 02 Jan 2023 08:05:06 +0000
ROA not before: Mon 02 Jan 2023 08:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27471
IP address blocks: 109.68.58.0/24 maxlen: 24
109.68.57.0/24 maxlen: 24
109.68.56.0/24 maxlen: 24
109.68.61.0/24 maxlen: 24
109.68.60.0/24 maxlen: 24
109.68.59.0/24 maxlen: 24
109.68.63.0/24 maxlen: 24
109.68.62.0/24 maxlen: 24
193.151.72.0/24 maxlen: 24
193.151.75.0/24 maxlen: 24
193.151.74.0/24 maxlen: 24
193.151.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:45:27:d5:db:e3:63:ba:68:7c:ed:3e:94:55:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jan 2 08:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02d55e361a7a159574726e3f917b07ba86e7c1a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ba:54:36:60:d0:37:ff:0b:0a:c5:b3:6e:1f:
ea:cc:e6:92:19:e5:5f:76:0c:b8:34:65:6f:00:ee:
31:21:3c:72:97:a7:8e:61:d4:99:00:18:d6:bf:0c:
96:2a:6d:a8:27:5a:7e:9d:b1:a3:f6:70:7a:f7:15:
13:b8:44:c9:4b:19:74:b2:57:46:88:94:ba:57:9e:
45:06:83:b8:fc:c3:6c:1e:b7:6c:1b:1d:26:b9:18:
82:4d:0c:03:23:4e:8d:cc:b9:85:45:8f:68:b7:47:
ef:09:36:b8:9e:d5:d7:1a:09:63:05:97:21:bf:37:
00:cd:c9:25:b9:28:5f:60:15:89:ac:16:60:f3:a2:
6e:7d:91:22:13:bc:d1:be:ff:51:b7:63:a1:8f:91:
fa:05:96:ed:3c:bb:e5:1d:57:f5:7b:e4:a6:4c:45:
31:64:a5:2f:77:99:82:0b:bd:47:60:bf:b7:60:6b:
cf:fa:b0:11:2b:43:d1:85:e0:27:93:3c:84:a3:70:
8a:05:33:85:ff:68:bd:f3:32:3a:cf:ed:ec:a4:34:
08:de:7a:84:b4:c7:46:67:e9:e3:7a:0c:25:74:6c:
35:b5:d1:b0:9a:a1:7d:9f:24:c3:4e:a7:d5:84:cc:
d3:0b:39:cf:eb:24:57:d6:9f:df:b3:35:2b:ac:d8:
ce:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D5:5E:36:1A:7A:15:95:74:72:6E:3F:91:7B:07:BA:86:E7:C1:A7
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/AtVeNhp6FZV0cm4_kXsHuobnwac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.56.0/21
193.151.72.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:b5:bf:8e:bb:d8:3f:a0:2d:e4:57:02:b6:11:b2:0a:8b:86:
be:77:c9:b3:c8:30:dd:14:8e:66:35:43:c4:cf:8b:78:49:78:
f8:4e:e4:56:8e:93:58:03:01:9a:9e:9e:57:4c:d1:c5:2a:12:
3d:d3:cf:72:4e:e0:7c:93:45:25:a0:0b:2f:3e:62:ad:b5:98:
3c:ff:c8:47:ee:5e:09:d4:ca:98:7d:c9:50:15:85:2f:7d:14:
0d:2b:c3:d5:cb:fc:09:24:7a:71:77:59:b1:ec:a7:cf:e1:ab:
33:59:ca:18:9f:35:a4:f0:ae:7a:7d:80:93:4e:53:00:31:3c:
2f:71:d4:18:f8:2c:7c:bf:b8:70:34:6c:3e:48:c0:7d:41:76:
98:bf:94:d3:b5:86:e5:a5:4f:0d:c6:37:2a:dd:d3:38:55:6b:
90:2d:2b:08:ad:03:37:40:f4:31:e2:2c:5f:28:ab:af:32:9c:
dc:99:ab:50:42:83:32:1a:90:7f:15:ac:3a:dd:b2:68:2a:22:
9d:47:c3:1d:8c:17:17:86:39:82:de:79:21:35:91:0c:8f:8a:
03:a2:95:c3:4d:41:83:25:41:ec:0c:fc:ec:29:3a:9d:ec:c6:
57:68:c4:6d:04:2d:40:58:e0:e6:c6:a6:9c:0a:7e:9c:a3:19:
7c:ab:48:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxg0Un1dvjY7pofO0+lFWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjMwMTAyMDgwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ1NWUzNjFhN2ExNTk1NzQ3MjZlM2Y5MTdiMDdiYTg2ZTdjMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLpUNmDQN/8LCsWzbh/qzOaSGeVf
dgy4NGVvAO4xITxyl6eOYdSZABjWvwyWKm2oJ1p+nbGj9nB69xUTuETJSxl0sldG
iJS6V55FBoO4/MNsHrdsGx0muRiCTQwDI06NzLmFRY9ot0fvCTa4ntXXGgljBZch
vzcAzckluShfYBWJrBZg86JufZEiE7zRvv9Rt2Ohj5H6BZbtPLvlHVf1e+SmTEUx
ZKUvd5mCC71HYL+3YGvP+rARK0PRheAnkzyEo3CKBTOF/2i98zI6z+3spDQI3nqE
tMdGZ+njegwldGw1tdGwmqF9nyTDTqfVhMzTCznP6yRX1p/fszUrrNjOowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFALVXjYaehWVdHJuP5F7B7qG58GnMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvQXRWZU5ocDZGWlYwY200X2tYc0h1b2Jud2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbUQ4AwQC
wZdIMA0GCSqGSIb3DQEBCwUAA4IBAQActb+Ou9g/oC3kVwK2EbIKi4a+d8mzyDDd
FI5mNUPEz4t4SXj4TuRWjpNYAwGanp5XTNHFKhI9089yTuB8k0UloAsvPmKttZg8
/8hH7l4J1MqYfclQFYUvfRQNK8PVy/wJJHpxd1mx7KfP4aszWcoYnzWk8K56fYCT
TlMAMTwvcdQY+Cx8v7hwNGw+SMB9QXaYv5TTtYblpU8Nxjcq3dM4VWuQLSsIrQM3
QPQx4ixfKKuvMpzcmatQQoMyGpB/Faw63bJoKiKdR8MdjBcXhjmC3nkhNZEMj4oD
opXDTUGDJUHsDPzsKTqd7MZXaMRtBC1AWODmxqacCn6coxl8q0im
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:35 2024 by rpki-client on console-fra.rpki-client.org