Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/vI3TAzwrBZfZ-pGhRFORfbVrQlQ.roa
File: vI3TAzwrBZfZ-pGhRFORfbVrQlQ.roa (raw, json)
Hash identifier: +KpqNhZepTjvuSOaMvhEZxiH0k2GsZcQejikqBbS/nA=
Subject key identifier: BC:8D:D3:03:3C:2B:05:97:D9:FA:91:A1:44:53:91:7D:B5:6B:42:54
Certificate issuer: /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial: 018A3BAC6D996A1C8886044EF5CCE539FDC3
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/vI3TAzwrBZfZ-pGhRFORfbVrQlQ.roa
Signing time: Mon 28 Aug 2023 10:24:30 +0000
ROA not before: Mon 28 Aug 2023 10:24:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57888
IP address blocks: 5.149.78.0/23 maxlen: 23
217.9.20.0/22 maxlen: 22
5.149.80.0/21 maxlen: 21
5.149.80.0/22 maxlen: 22
5.149.84.0/22 maxlen: 22
5.149.92.0/22 maxlen: 22
85.235.84.0/22 maxlen: 22
194.99.16.0/22 maxlen: 22
194.53.156.0/22 maxlen: 22
5.149.64.0/20 maxlen: 20
178.210.184.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 01 Sep 2023 06:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:ac:6d:99:6a:1c:88:86:04:4e:f5:cc:e5:39:fd:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Validity
Not Before: Aug 28 10:24:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc8dd3033c2b0597d9fa91a14453917db56b4254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c8:1c:dc:5a:a6:77:00:65:b9:72:6f:88:43:
bb:b4:31:f1:a0:49:9e:5c:a0:50:74:35:43:c3:a8:
e1:ba:1d:4f:d5:66:3f:92:82:77:58:37:b9:86:1b:
8a:33:ef:17:40:7e:d0:55:34:5f:4f:44:82:63:d0:
b4:35:b6:f2:69:bf:aa:88:83:8b:90:a7:c8:ff:8d:
a9:00:e3:59:6d:ee:24:c3:d7:a1:1d:3f:d1:b7:aa:
46:1f:fb:1d:de:06:ce:22:35:0b:9b:22:56:df:4c:
5d:eb:17:fc:85:7e:4f:ca:21:7e:26:bb:32:78:aa:
40:ad:41:e5:b2:46:ba:58:d2:8e:e9:f3:ab:fd:a5:
5b:15:00:5d:0b:c9:ae:f7:37:66:7c:35:25:c5:80:
54:c0:cc:37:59:62:03:a1:69:e0:3b:54:76:ae:f8:
e2:7b:05:2a:48:26:2b:34:1c:b0:76:81:ff:5e:fe:
14:1b:55:dc:b3:c3:24:1a:5f:59:2d:05:4d:8e:dc:
5e:ed:f1:f8:38:ae:53:6f:2a:90:28:b5:91:b8:24:
d6:90:bf:45:8a:c3:8c:90:f3:eb:4b:97:7f:9d:03:
01:44:51:2d:fa:5a:9a:7d:ca:e7:df:ce:5b:92:05:
b9:ee:dc:93:43:8e:4a:56:5f:62:30:29:d8:29:f6:
af:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:8D:D3:03:3C:2B:05:97:D9:FA:91:A1:44:53:91:7D:B5:6B:42:54
X509v3 Authority Key Identifier:
keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/vI3TAzwrBZfZ-pGhRFORfbVrQlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.64.0-5.149.87.255
5.149.92.0/22
85.235.84.0/22
178.210.184.0/21
194.53.156.0/22
194.99.16.0/22
217.9.20.0/22
Signature Algorithm: sha256WithRSAEncryption
df:64:c0:6c:d2:45:ac:0d:2a:25:df:e2:6b:ec:7b:77:71:70:
a8:ca:d7:b8:09:33:dc:e4:05:d6:d2:66:b9:e0:08:ea:d5:44:
e5:fa:fb:68:ad:80:79:34:ee:12:1a:f9:40:22:a4:f3:db:af:
f1:cb:db:8f:c5:c8:75:cd:08:0e:01:a6:fd:d0:ab:52:bc:c5:
c4:b6:19:b4:5e:81:4a:d6:d0:79:d9:9f:53:fe:11:6d:1f:9b:
37:4f:bf:00:4e:b1:9d:c9:d8:c1:32:b2:63:80:f7:55:4c:4b:
24:69:4b:e4:e5:cb:89:8c:7e:a4:c8:ec:6d:67:45:e6:75:36:
c0:3a:cf:5a:70:97:72:2f:1d:5f:6c:f4:07:bf:08:e5:c7:c6:
c9:73:7a:b9:f3:7c:7b:13:12:64:28:35:6c:cb:60:18:34:23:
cf:f4:63:03:02:a7:fc:02:e4:54:4c:c4:1d:e8:01:78:68:d5:
ca:48:ae:16:b2:2f:75:7e:95:75:38:89:d5:fc:a8:97:bf:14:
70:68:34:84:fb:ff:7f:e8:f5:f1:66:f4:96:fe:ae:ca:a0:6d:
80:4a:71:f6:f3:14:2b:55:4a:67:92:ca:6e:c2:8f:af:ad:a6:
8a:1b:5e:da:ef:4a:dd:1d:aa:cb:2d:da:24:2b:92:54:65:69:
da:73:01:52
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYo7rG2ZahyIhgRO9czlOf3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTk0MzY4NjkwODljZDljN2U2ZDAyMDI4ZjI0YTJmZTQ5
Yjg2ZDUwHhcNMjMwODI4MTAyNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzhkZDMwMzNjMmIwNTk3ZDlmYTkxYTE0NDUzOTE3ZGI1NmI0MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsgc3FqmdwBluXJviEO7tDHxoEme
XKBQdDVDw6jhuh1P1WY/koJ3WDe5hhuKM+8XQH7QVTRfT0SCY9C0Nbbyab+qiIOL
kKfI/42pAONZbe4kw9ehHT/Rt6pGH/sd3gbOIjULmyJW30xd6xf8hX5PyiF+Jrsy
eKpArUHlska6WNKO6fOr/aVbFQBdC8mu9zdmfDUlxYBUwMw3WWIDoWngO1R2rvji
ewUqSCYrNBywdoH/Xv4UG1Xcs8MkGl9ZLQVNjtxe7fH4OK5TbyqQKLWRuCTWkL9F
isOMkPPrS5d/nQMBRFEt+lqafcrn385bkgW57tyTQ45KVl9iMCnYKfavJQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLyN0wM8KwWX2fqRoURTkX21a0JUMB8GA1UdIwQY
MBaAFBdZQ2hpCJzZx+bQICjySi/km4bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMt
ZmVmNDFkZDg3NmMwLzEvdkkzVEF6d3JCWmZaLXBHaFJGT1JmYlZyUWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMtZmVmNDFkZDg3NmMw
LzEvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAYFlUAD
BAMFlVADBAIFlVwDBAJV61QDBAOy0rgDBALCNZwDBALCYxADBALZCRQwDQYJKoZI
hvcNAQELBQADggEBAN9kwGzSRawNKiXf4mvse3dxcKjK17gJM9zkBdbSZrngCOrV
ROX6+2itgHk07hIa+UAipPPbr/HL24/FyHXNCA4Bpv3Qq1K8xcS2GbRegUrW0HnZ
n1P+EW0fmzdPvwBOsZ3J2MEysmOA91VMSyRpS+Tly4mMfqTI7G1nReZ1NsA6z1pw
l3IvHV9s9Ae/COXHxslzernzfHsTEmQoNWzLYBg0I8/0YwMCp/wC5FRMxB3oAXho
1cpIrhayL3V+lXU4idX8qJe/FHBoNIT7/3/o9fFm9Jb+rsqgbYBKcfbzFCtVSmeS
ym7Cj6+tpoobXtrvSt0dqsst2iQrklRladpzAVI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org