Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/e5BYcRQNUCNVkqPkUncWPl0iopE.roa
File: e5BYcRQNUCNVkqPkUncWPl0iopE.roa (raw, json)
Hash identifier: FE4Eh7b7J98qSVLXgVGYdOhEmf8cpLEFVy707fTwCKk=
Subject key identifier: 7B:90:58:71:14:0D:50:23:55:92:A3:E4:52:77:16:3E:5D:22:A2:91
Certificate issuer: /CN=234cd34911cfce946a22ea84663738cdcc076d45
Certificate serial: 018572DEE04820AF613E7CDD582999CC62C7
Authority key identifier: 23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/e5BYcRQNUCNVkqPkUncWPl0iopE.roa
Signing time: Mon 02 Jan 2023 14:24:47 +0000
ROA not before: Mon 02 Jan 2023 14:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59699
IP address blocks: 185.4.152.0/22 maxlen: 24
185.30.188.0/22 maxlen: 24
185.63.161.0/24 maxlen: 24
185.63.162.0/24 maxlen: 24
185.63.163.0/24 maxlen: 24
85.208.242.0/24 maxlen: 24
85.208.243.0/24 maxlen: 24
85.208.241.0/24 maxlen: 24
2a04:4bc0::/29 maxlen: 48
2a02:c7c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:de:e0:48:20:af:61:3e:7c:dd:58:29:99:cc:62:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234cd34911cfce946a22ea84663738cdcc076d45
Validity
Not Before: Jan 2 14:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b905871140d50235592a3e45277163e5d22a291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2b:80:85:25:43:dc:3a:6d:42:5b:e4:3d:46:
c7:02:03:2d:f8:21:71:43:e7:6d:95:05:fc:86:ba:
0a:4b:20:b1:50:46:4e:a2:4c:43:24:f3:89:f2:3c:
01:b3:9c:3a:d5:43:b4:3b:59:33:bc:c6:35:84:08:
a6:6a:d7:04:44:3b:90:d7:d7:ea:8b:5d:c1:fe:06:
67:ff:f5:3a:f1:8d:52:07:9e:d9:ee:db:22:07:94:
84:98:e9:95:3b:56:83:46:1e:56:4f:16:a2:a3:06:
49:78:fc:8d:cd:20:c1:8e:1c:01:82:6d:31:96:f1:
28:39:21:09:65:d5:db:a2:b6:69:43:70:a7:21:dc:
dc:a1:9f:4d:3d:20:19:f2:b3:c9:17:ed:43:e2:88:
8c:ad:7d:16:2a:32:1f:26:c2:45:e9:12:de:c0:7b:
fb:09:3f:66:f1:b1:3e:64:5f:07:1f:82:0c:02:18:
06:54:d0:37:a2:16:a6:6b:d0:72:18:9c:e4:aa:3a:
9d:67:21:b8:6f:66:1f:9f:77:d0:ef:ca:b5:a2:38:
39:03:29:f3:2d:a0:e4:79:5a:40:bc:80:fb:2c:07:
c9:b8:0f:34:3e:91:02:e3:81:ee:5a:98:08:6b:b2:
3b:d5:1b:35:16:9f:33:94:e8:d5:7e:06:83:0e:aa:
45:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:90:58:71:14:0D:50:23:55:92:A3:E4:52:77:16:3E:5D:22:A2:91
X509v3 Authority Key Identifier:
keyid:23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/e5BYcRQNUCNVkqPkUncWPl0iopE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/I0zTSRHPzpRqIuqEZjc4zcwHbUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.241.0-85.208.243.255
185.4.152.0/22
185.30.188.0/22
185.63.161.0-185.63.163.255
IPv6:
2a02:c7c0::/29
2a04:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:4f:1e:b9:52:ea:7b:d8:a0:bc:6c:c9:98:3b:73:53:75:87:
08:2f:12:44:27:3a:87:8c:1d:a4:ef:c2:ef:68:6f:fc:93:5d:
b5:36:69:52:c9:00:15:cf:81:cb:db:c0:c6:d7:e9:3c:e9:68:
f9:91:e1:ec:56:a8:68:6c:b7:33:37:ad:36:cf:1e:59:4a:7b:
0c:ba:12:34:fd:94:b4:11:a2:e9:87:9f:07:7b:d4:55:10:34:
04:0e:9a:7a:fc:00:64:f3:12:14:9d:16:88:86:e2:98:74:85:
6c:1e:c0:43:71:b5:33:b5:bf:b4:50:af:e7:b6:88:d5:8a:7a:
82:33:30:96:43:53:33:57:bd:47:79:2c:e0:6d:25:e3:9f:73:
71:f9:45:c3:be:2e:ec:17:11:a7:d2:7c:c0:04:79:e2:b4:7c:
c5:5a:3e:a1:80:e4:78:77:fe:9c:b2:a0:5e:09:f7:e3:44:59:
12:33:e6:31:2b:d5:80:70:19:91:d6:80:ca:5d:fb:66:f5:41:
77:23:35:0e:e6:b3:32:e7:07:fe:5c:7e:be:16:0d:a7:08:90:
af:78:ca:39:24:d2:88:40:72:96:9c:cb:09:8e:5e:f5:d3:2e:
68:52:d1:18:14:10:20:55:04:8a:93:9e:a7:06:3d:50:db:67:
13:5f:91:92
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVy3uBIIK9hPnzdWCmZzGLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGNkMzQ5MTFjZmNlOTQ2YTIyZWE4NDY2MzczOGNkY2Mw
NzZkNDUwHhcNMjMwMTAyMTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjkwNTg3MTE0MGQ1MDIzNTU5MmEzZTQ1Mjc3MTYzZTVkMjJhMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSuAhSVD3DptQlvkPUbHAgMt+CFx
Q+dtlQX8hroKSyCxUEZOokxDJPOJ8jwBs5w61UO0O1kzvMY1hAimatcERDuQ19fq
i13B/gZn//U68Y1SB57Z7tsiB5SEmOmVO1aDRh5WTxaiowZJePyNzSDBjhwBgm0x
lvEoOSEJZdXborZpQ3CnIdzcoZ9NPSAZ8rPJF+1D4oiMrX0WKjIfJsJF6RLewHv7
CT9m8bE+ZF8HH4IMAhgGVNA3ohama9ByGJzkqjqdZyG4b2Yfn3fQ78q1ojg5Aynz
LaDkeVpAvID7LAfJuA80PpEC44HuWpgIa7I71Rs1Fp8zlOjVfgaDDqpFJQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHuQWHEUDVAjVZKj5FJ3Fj5dIqKRMB8GA1UdIwQY
MBaAFCNM00kRz86UaiLqhGY3OM3MB21FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB6VFNSSFB6cFJxSXVxRVpqYzR6Y3dIYlVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81ZjUzNmYtMzhmZS00NWJlLWI4Zjkt
MTI1NTAwZDJiZTk0LzEvZTVCWWNSUU5VQ05Wa3FQa1VuY1dQbDBpb3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81ZjUzNmYtMzhmZS00NWJlLWI4ZjktMTI1NTAwZDJiZTk0
LzEvSTB6VFNSSFB6cFJxSXVxRVpqYzR6Y3dIYlVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAuBAIAATAoMAwDBABV0PED
BAJV0PADBAK5BJgDBAK5HrwwDAMEALk/oQMEArk/oDAUBAIAAjAOAwUDKgLHwAMF
AyoES8AwDQYJKoZIhvcNAQELBQADggEBAGhPHrlS6nvYoLxsyZg7c1N1hwgvEkQn
OoeMHaTvwu9ob/yTXbU2aVLJABXPgcvbwMbX6TzpaPmR4exWqGhstzM3rTbPHllK
ewy6EjT9lLQRoumHnwd71FUQNAQOmnr8AGTzEhSdFoiG4ph0hWwewENxtTO1v7RQ
r+e2iNWKeoIzMJZDUzNXvUd5LOBtJeOfc3H5RcO+LuwXEafSfMAEeeK0fMVaPqGA
5Hh3/pyyoF4J9+NEWRIz5jEr1YBwGZHWgMpd+2b1QXcjNQ7mszLnB/5cfr4WDacI
kK94yjkk0ohAcpacywmOXvXTLmhS0RgUECBVBIqTnqcGPVDbZxNfkZI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:47 2024 by rpki-client on console-ams.rpki-client.org