Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/b5EZB7HrHhEmCc1MR6BjwYCZacg.roa
File: b5EZB7HrHhEmCc1MR6BjwYCZacg.roa (raw, json)
Hash identifier: 9hqlI7qp4GEEpOK+5gO6ZGAUCrsxAKIHHqhBItMK+xs=
Subject key identifier: 6F:91:19:07:B1:EB:1E:11:26:09:CD:4C:47:A0:63:C1:80:99:69:C8
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 01856C1CAF38B8BF76E559550EBB33A10B20
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/b5EZB7HrHhEmCc1MR6BjwYCZacg.roa
Signing time: Sun 01 Jan 2023 06:54:57 +0000
ROA not before: Sun 01 Jan 2023 06:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197068
IP address blocks: 185.65.148.0/22 maxlen: 32
178.248.232.0/21 maxlen: 32
185.94.108.0/22 maxlen: 32
2a03:70c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:af:38:b8:bf:76:e5:59:55:0e:bb:33:a1:0b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 1 06:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f911907b1eb1e112609cd4c47a063c1809969c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bd:29:5a:ff:d2:0d:1b:d1:74:82:c7:2b:66:
8c:81:34:73:dd:63:cc:75:19:3a:e5:dd:91:e8:53:
81:ff:89:d6:36:9f:b4:b3:4f:d0:8d:a2:ce:15:2c:
7b:5c:c3:7b:e3:db:3f:e1:50:8e:35:aa:78:3a:78:
89:d2:9f:b6:7d:ba:51:1f:e9:60:01:24:83:b2:79:
81:6d:7e:01:26:0e:ea:19:cc:2c:92:b9:15:ff:83:
1d:20:90:f8:b9:af:89:2d:ae:ce:7e:09:f4:01:d3:
42:51:d3:69:eb:35:7a:5a:66:65:15:2e:c4:6a:fc:
f8:57:69:f9:b8:9d:0b:63:3c:b8:5e:85:3a:3d:e1:
f5:bc:65:82:a6:05:60:d2:3f:65:26:94:33:0b:28:
00:a4:fd:6f:02:ed:0b:cd:c1:be:e4:d3:00:89:a3:
02:fe:d4:7d:c8:99:a6:10:39:ff:ee:1a:ab:54:17:
70:52:01:cb:5a:05:d9:c1:64:43:70:46:77:9f:93:
f4:14:12:a8:fa:d4:10:1a:e4:59:a9:17:a4:e2:af:
44:a0:a2:3f:3a:b1:2f:c9:1b:b0:26:d9:98:0c:10:
6f:21:be:75:9b:d6:da:e0:04:04:ed:15:4d:8e:9e:
d6:90:3a:bd:3d:54:1f:b3:fd:e4:aa:d8:69:7b:b0:
70:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:91:19:07:B1:EB:1E:11:26:09:CD:4C:47:A0:63:C1:80:99:69:C8
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/b5EZB7HrHhEmCc1MR6BjwYCZacg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
27:ab:5b:6c:a1:ee:1b:59:7e:33:ba:ca:4a:2e:f8:4e:a5:e7:
5a:86:fa:54:fa:58:29:f2:80:56:a3:f7:95:1e:be:2d:e7:84:
88:89:4c:e0:af:47:9e:e3:d3:a7:dc:cc:eb:33:5c:14:52:20:
a2:70:51:83:28:29:50:4f:d5:98:40:7a:39:1b:51:a1:5f:c8:
00:79:95:17:13:ac:d7:47:84:da:2b:ef:13:e1:26:b2:03:76:
c0:bd:04:1e:7c:6b:1a:b9:57:c1:b8:ea:d8:f8:ec:05:85:ec:
18:6b:d7:c6:2a:a1:b1:23:3b:a0:6d:65:57:ed:e7:c9:6d:61:
f0:9b:f8:ec:3b:a9:95:b0:da:c1:ce:20:93:25:79:7e:e3:b3:
b0:2e:b3:2b:ac:14:7c:3b:d1:5d:75:a3:c7:87:bb:6f:57:79:
8a:12:ec:0d:aa:71:ce:3f:dd:07:cf:79:ad:28:5d:c5:89:40:
d5:d0:10:14:c2:34:ba:f6:8b:53:30:c8:75:b8:34:d8:c3:b1:
15:be:7f:c6:f4:a3:d0:b8:11:67:9d:88:05:d7:6d:c3:a7:55:
6b:00:f0:14:66:ee:dd:50:b2:83:69:70:cf:f0:ba:42:75:54:
0f:b6:0e:cd:70:56:a7:93:a9:34:67:a8:b3:3e:86:7f:52:33:
1c:9c:7c:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsHK84uL925VlVDrszoQsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjYxMGNkNDNiYWZjZWQ5MTQ4MGZhYmZkY2FhZTgyMDQ5
ZmJmNzEwHhcNMjMwMTAxMDY1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjkxMTkwN2IxZWIxZTExMjYwOWNkNGM0N2EwNjNjMTgwOTk2OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn70pWv/SDRvRdILHK2aMgTRz3WPM
dRk65d2R6FOB/4nWNp+0s0/QjaLOFSx7XMN749s/4VCONap4OniJ0p+2fbpRH+lg
ASSDsnmBbX4BJg7qGcwskrkV/4MdIJD4ua+JLa7Ofgn0AdNCUdNp6zV6WmZlFS7E
avz4V2n5uJ0LYzy4XoU6PeH1vGWCpgVg0j9lJpQzCygApP1vAu0LzcG+5NMAiaMC
/tR9yJmmEDn/7hqrVBdwUgHLWgXZwWRDcEZ3n5P0FBKo+tQQGuRZqRek4q9EoKI/
OrEvyRuwJtmYDBBvIb51m9ba4AQE7RVNjp7WkDq9PVQfs/3kqthpe7BwYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG+RGQex6x4RJgnNTEegY8GAmWnIMB8GA1UdIwQY
MBaAFAK2EM1DuvztkUgPq/3KroIEn79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEt
OTAxM2NhOTk2YjE2LzEvYjVFWkI3SHJIaEVtQ2MxTVI2Qmp3WUNaYWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lM2RlY2MtM2VmNy00Y2IyLTgxZDEtOTAxM2NhOTk2YjE2
LzEvQXJZUXpVTzZfTzJSU0Etcl9jcXVnZ1NmdjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsvjoAwQC
uUGUAwQCuV5sMA0EAgACMAcDBQAqA3DAMA0GCSqGSIb3DQEBCwUAA4IBAQAnq1ts
oe4bWX4zuspKLvhOpedahvpU+lgp8oBWo/eVHr4t54SIiUzgr0ee49On3MzrM1wU
UiCicFGDKClQT9WYQHo5G1GhX8gAeZUXE6zXR4TaK+8T4SayA3bAvQQefGsauVfB
uOrY+OwFhewYa9fGKqGxIzugbWVX7efJbWHwm/jsO6mVsNrBziCTJXl+47OwLrMr
rBR8O9FddaPHh7tvV3mKEuwNqnHOP90Hz3mtKF3FiUDV0BAUwjS69otTMMh1uDTY
w7EVvn/G9KPQuBFnnYgF123Dp1VrAPAUZu7dULKDaXDP8LpCdVQPtg7NcFank6k0
Z6izPoZ/UjMcnHx3
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:56 2024 by rpki-client on console-fra.rpki-client.org