Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/5G5kqKDFgYTxRJv5nxiTmiK_Nw4.roa
File: 5G5kqKDFgYTxRJv5nxiTmiK_Nw4.roa (raw, json)
Hash identifier: 5fCdlvRhW2K62G3u93UCcm9dJLINZbIg7LCBcgI6UQ4=
Subject key identifier: E4:6E:64:A8:A0:C5:81:84:F1:44:9B:F9:9F:18:93:9A:22:BF:37:0E
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 01887792D6BECD3F8358C11B4344D56D9106
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/5G5kqKDFgYTxRJv5nxiTmiK_Nw4.roa
Signing time: Thu 01 Jun 2023 15:28:11 +0000
ROA not before: Thu 01 Jun 2023 15:28:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31034
IP address blocks: 185.8.196.0/22 maxlen: 24
83.136.104.0/21 maxlen: 24
94.198.96.0/21 maxlen: 24
95.141.32.0/20 maxlen: 24
94.198.101.0/24 maxlen: 24
158.58.172.0/23 maxlen: 24
158.58.168.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:92:d6:be:cd:3f:83:58:c1:1b:43:44:d5:6d:91:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: Jun 1 15:28:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e46e64a8a0c58184f1449bf99f18939a22bf370e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:92:03:93:3b:a6:d9:50:0d:30:7b:7a:3b:23:
78:84:1b:9c:14:86:64:76:7b:8a:a8:44:4a:9a:5a:
3c:e5:e1:07:ca:15:6a:7d:8f:21:20:9d:dc:0b:69:
5e:08:a7:70:97:47:56:e0:ad:76:ea:25:f5:75:a6:
d4:62:c4:49:67:36:b0:6f:52:b5:6a:5d:16:e4:11:
10:c8:bf:57:62:04:c0:33:65:ab:1e:db:0e:4e:06:
ed:e2:41:be:cd:ac:16:ad:88:fa:96:48:3c:da:18:
6f:74:d6:88:40:c8:db:8b:f9:66:42:0d:19:d6:ab:
d8:1b:cc:0e:7b:2f:c1:37:22:a0:47:b5:90:37:21:
e1:0d:ad:9f:9e:ec:dc:aa:64:35:f5:65:05:d8:80:
c4:b7:d5:fe:03:11:da:f4:b7:ca:53:96:9d:a8:4b:
66:e2:35:9a:82:15:11:4c:f2:30:c2:54:19:98:97:
c4:2a:7b:40:47:0f:33:74:fd:46:6c:f3:92:7a:1f:
41:b0:df:f9:7b:5f:02:d7:73:e8:76:8a:8c:74:a6:
2c:c2:6d:f4:3f:10:17:8c:aa:ec:96:70:a8:16:1b:
fd:8d:7f:41:25:dc:1f:17:f6:e5:8d:87:92:b9:12:
c3:33:38:dc:4d:7b:5a:62:26:13:02:76:20:76:90:
70:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:6E:64:A8:A0:C5:81:84:F1:44:9B:F9:9F:18:93:9A:22:BF:37:0E
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/5G5kqKDFgYTxRJv5nxiTmiK_Nw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/21
94.198.96.0/21
95.141.32.0/20
158.58.168.0/21
185.8.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:43:f4:97:02:fd:1c:73:34:0d:05:4f:7c:aa:69:ce:66:93:
cc:7c:57:1c:18:27:db:8c:5b:67:93:c6:d5:0b:42:9b:5e:07:
f6:1a:c4:25:c9:95:10:3d:a9:18:ee:c9:ff:b9:e9:4c:b6:ba:
12:ab:ef:e2:d1:4b:96:66:13:7e:e5:33:2d:21:44:d5:a2:78:
a5:ba:0d:17:02:d6:09:38:bf:8b:be:e2:3f:52:47:9a:6c:a2:
28:84:2c:89:cf:0f:e2:1f:91:51:65:87:93:b1:f0:2a:87:84:
69:6b:3e:d2:11:4a:f5:95:b0:96:b7:af:1f:8d:d1:5c:7a:9c:
ef:b6:00:e0:25:4b:c3:dc:4f:19:02:1e:e8:5a:e4:92:bb:a3:
07:1b:ca:9f:28:f9:4d:3f:39:27:42:e8:b4:ec:e7:2e:d8:12:
41:c7:dc:4b:af:bb:2b:7c:9e:20:62:d0:6f:94:f5:ba:53:ed:
31:03:8f:54:78:4e:c6:25:a7:f5:59:51:6b:38:8c:ce:02:35:
8c:67:90:6d:3a:c9:15:cd:02:6e:d2:00:f5:cb:a1:09:96:de:
dc:74:9d:38:5f:39:1f:0b:f6:52:56:17:8d:ed:f7:96:b0:de:
b7:08:c6:ac:8d:57:a6:ac:82:a7:69:25:de:d9:db:c1:44:77:
b9:70:b4:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYh3kta+zT+DWMEbQ0TVbZEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjMwNjAxMTUyODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDZlNjRhOGEwYzU4MTg0ZjE0NDliZjk5ZjE4OTM5YTIyYmYzNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZIDkzum2VANMHt6OyN4hBucFIZk
dnuKqERKmlo85eEHyhVqfY8hIJ3cC2leCKdwl0dW4K126iX1dabUYsRJZzawb1K1
al0W5BEQyL9XYgTAM2WrHtsOTgbt4kG+zawWrYj6lkg82hhvdNaIQMjbi/lmQg0Z
1qvYG8wOey/BNyKgR7WQNyHhDa2fnuzcqmQ19WUF2IDEt9X+AxHa9LfKU5adqEtm
4jWaghURTPIwwlQZmJfEKntARw8zdP1GbPOSeh9BsN/5e18C13PodoqMdKYswm30
PxAXjKrslnCoFhv9jX9BJdwfF/bljYeSuRLDMzjcTXtaYiYTAnYgdpBwtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFORuZKigxYGE8USb+Z8Yk5oivzcOMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvNUc1a3FLREZnWVR4Ukp2NW54aVRtaUtfTnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDU4hoAwQD
XsZgAwQEX40gAwQDnjqoAwQCuQjEMA0GCSqGSIb3DQEBCwUAA4IBAQClQ/SXAv0c
czQNBU98qmnOZpPMfFccGCfbjFtnk8bVC0KbXgf2GsQlyZUQPakY7sn/uelMtroS
q+/i0UuWZhN+5TMtIUTVonilug0XAtYJOL+LvuI/UkeabKIohCyJzw/iH5FRZYeT
sfAqh4Rpaz7SEUr1lbCWt68fjdFcepzvtgDgJUvD3E8ZAh7oWuSSu6MHG8qfKPlN
PzknQui07Ocu2BJBx9xLr7srfJ4gYtBvlPW6U+0xA49UeE7GJaf1WVFrOIzOAjWM
Z5BtOskVzQJu0gD1y6EJlt7cdJ04XzkfC/ZSVheN7feWsN63CMasjVemrIKnaSXe
2dvBRHe5cLTV
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:18 2024 by rpki-client on console-ams.rpki-client.org