Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/aPvTkWmw9bpIizjtWrlXCUCGp5w.roa
File: aPvTkWmw9bpIizjtWrlXCUCGp5w.roa (raw, json)
Hash identifier: mmOKFPeffokaKXEY/0jS0yALmIyXLGyf+6JTZiFpfdY=
Subject key identifier: 68:FB:D3:91:69:B0:F5:BA:48:8B:38:ED:5A:B9:57:09:40:86:A7:9C
Certificate issuer: /CN=03e53d18f5f212ae0802a17ee5994c3331a43524
Certificate serial: 018571D7C72F5CF52D7006128563E68C177A
Authority key identifier: 03:E5:3D:18:F5:F2:12:AE:08:02:A1:7E:E5:99:4C:33:31:A4:35:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/aPvTkWmw9bpIizjtWrlXCUCGp5w.roa
Signing time: Mon 02 Jan 2023 09:37:24 +0000
ROA not before: Mon 02 Jan 2023 09:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50563
IP address blocks: 5.83.95.0/24 maxlen: 24
212.85.240.0/24 maxlen: 24
212.85.240.0/23 maxlen: 23
212.85.244.0/23 maxlen: 23
212.85.244.0/24 maxlen: 24
212.85.245.0/24 maxlen: 24
185.67.106.0/24 maxlen: 24
185.67.107.0/24 maxlen: 24
212.85.241.0/24 maxlen: 24
212.85.242.0/23 maxlen: 23
185.3.116.0/22 maxlen: 22
185.3.116.0/23 maxlen: 23
185.3.116.0/24 maxlen: 24
185.3.117.0/24 maxlen: 24
185.3.118.0/24 maxlen: 24
185.3.118.0/23 maxlen: 23
185.3.119.0/24 maxlen: 24
5.83.54.0/24 maxlen: 24
5.83.64.0/21 maxlen: 21
5.83.64.0/23 maxlen: 23
5.83.64.0/22 maxlen: 22
5.83.64.0/24 maxlen: 24
5.83.68.0/22 maxlen: 22
5.83.68.0/23 maxlen: 23
5.83.65.0/24 maxlen: 24
5.83.66.0/23 maxlen: 23
5.83.70.0/23 maxlen: 23
5.83.88.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c7:2f:5c:f5:2d:70:06:12:85:63:e6:8c:17:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03e53d18f5f212ae0802a17ee5994c3331a43524
Validity
Not Before: Jan 2 09:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68fbd39169b0f5ba488b38ed5ab957094086a79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a4:d0:5f:4c:21:72:ed:25:66:f7:00:e1:11:
62:0f:b7:71:f0:56:d4:a3:fb:a1:1c:a4:e3:92:da:
b3:22:ec:de:48:01:75:21:44:2e:d9:a5:6a:38:5e:
b3:18:68:a8:92:15:8d:b2:b2:e5:9b:16:b2:aa:cb:
31:ea:b9:5e:1a:7c:17:21:b0:91:34:e8:2c:c2:81:
c9:f5:33:a0:63:12:f4:da:d0:7f:83:f5:52:89:86:
6d:54:9d:4b:2f:0a:8c:c9:92:a5:80:29:9f:e1:49:
d8:b9:36:33:21:c0:d0:0d:11:e9:6d:19:17:37:11:
b3:48:d8:d2:6a:d3:4a:be:11:7e:6a:2a:5e:1a:43:
48:88:de:5b:32:f8:84:1b:d7:df:e2:c9:d8:6b:9d:
d8:1e:7d:33:6e:b4:01:fb:c5:9f:32:ef:74:ff:e8:
2c:31:57:1d:fa:63:f7:7a:5c:80:86:18:71:f8:6f:
21:69:2b:85:7a:1b:7e:a7:3c:da:02:43:8b:05:39:
59:06:20:a2:4c:b5:03:c5:43:8f:89:60:05:e8:10:
5e:83:ea:17:a0:3c:86:bc:99:1b:7d:eb:60:6e:46:
a5:81:8a:10:09:1a:d6:de:d8:6d:54:9c:e5:0d:5b:
b9:35:21:59:e1:1f:0f:62:c2:2c:08:49:bc:8e:78:
29:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FB:D3:91:69:B0:F5:BA:48:8B:38:ED:5A:B9:57:09:40:86:A7:9C
X509v3 Authority Key Identifier:
keyid:03:E5:3D:18:F5:F2:12:AE:08:02:A1:7E:E5:99:4C:33:31:A4:35:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/aPvTkWmw9bpIizjtWrlXCUCGp5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/ddd9f1-0f2e-4d5f-857d-02bab9f6f955/1/A-U9GPXyEq4IAqF-5ZlMMzGkNSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.54.0/24
5.83.64.0/21
5.83.88.0/24
5.83.95.0/24
185.3.116.0/22
185.67.106.0/23
212.85.240.0-212.85.245.255
Signature Algorithm: sha256WithRSAEncryption
08:d2:87:da:38:36:73:1c:59:a6:81:77:32:65:73:5a:33:b0:
e0:0e:1b:39:66:f8:b8:67:46:a1:07:0b:4d:4d:97:66:f5:82:
b2:ea:b0:d6:ad:a4:eb:e7:3c:25:fc:29:de:18:7c:28:2e:b5:
de:53:08:dd:07:d0:d2:b0:00:b0:db:79:76:a1:92:41:91:94:
f1:84:71:42:28:36:67:ca:43:5f:d7:f0:2b:6e:2d:64:02:e2:
01:6d:ef:c3:5c:16:4e:13:b7:ba:b4:f7:70:4b:50:8c:b8:9b:
9f:26:e9:53:88:32:0c:82:a5:66:69:51:c5:a8:db:55:3c:01:
c6:d6:a3:d1:60:24:97:bc:ca:22:10:36:f6:20:c1:25:1c:f9:
e0:33:01:69:b1:16:3a:f2:30:99:81:06:c7:0d:b9:8b:06:1c:
e0:ec:9e:63:ed:81:bd:ec:13:5f:4b:d1:6e:40:33:5d:fa:87:
ac:3c:91:e8:5f:a4:20:27:76:13:0f:b3:ee:27:b6:bf:a5:2d:
ce:f5:42:4b:6a:09:71:58:76:04:58:d0:a2:ec:5c:60:f4:e4:
66:c2:26:db:94:7a:35:42:85:21:4d:ac:d8:17:39:6b:36:5c:
08:1f:97:ef:3d:c1:27:33:c0:a8:4c:42:84:7c:37:a5:cb:3b:
af:c3:0f:df
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVx18cvXPUtcAYShWPmjBd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZTUzZDE4ZjVmMjEyYWUwODAyYTE3ZWU1OTk0YzMzMzFh
NDM1MjQwHhcNMjMwMTAyMDkzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZiZDM5MTY5YjBmNWJhNDg4YjM4ZWQ1YWI5NTcwOTQwODZhNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKTQX0whcu0lZvcA4RFiD7dx8FbU
o/uhHKTjktqzIuzeSAF1IUQu2aVqOF6zGGiokhWNsrLlmxayqssx6rleGnwXIbCR
NOgswoHJ9TOgYxL02tB/g/VSiYZtVJ1LLwqMyZKlgCmf4UnYuTYzIcDQDRHpbRkX
NxGzSNjSatNKvhF+aipeGkNIiN5bMviEG9ff4snYa53YHn0zbrQB+8WfMu90/+gs
MVcd+mP3elyAhhhx+G8haSuFeht+pzzaAkOLBTlZBiCiTLUDxUOPiWAF6BBeg+oX
oDyGvJkbfetgbkalgYoQCRrW3thtVJzlDVu5NSFZ4R8PYsIsCEm8jngpWQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGj705FpsPW6SIs47Vq5VwlAhqecMB8GA1UdIwQY
MBaAFAPlPRj18hKuCAKhfuWZTDMxpDUkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1VOUdQWHlFcTRJQXFGLTVabE1NekdrTlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9kZGQ5ZjEtMGYyZS00ZDVmLTg1N2Qt
MDJiYWI5ZjZmOTU1LzEvYVB2VGtXbXc5YnBJaXpqdFdybFhDVUNHcDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9kZGQ5ZjEtMGYyZS00ZDVmLTg1N2QtMDJiYWI5ZjZmOTU1
LzEvQS1VOUdQWHlFcTRJQXFGLTVabE1NekdrTlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABVM2AwQD
BVNAAwQABVNYAwQABVNfAwQCuQN0AwQBuUNqMAwDBATUVfADBAHUVfQwDQYJKoZI
hvcNAQELBQADggEBAAjSh9o4NnMcWaaBdzJlc1ozsOAOGzlm+LhnRqEHC01Nl2b1
grLqsNatpOvnPCX8Kd4YfCgutd5TCN0H0NKwALDbeXahkkGRlPGEcUIoNmfKQ1/X
8CtuLWQC4gFt78NcFk4Tt7q093BLUIy4m58m6VOIMgyCpWZpUcWo21U8AcbWo9Fg
JJe8yiIQNvYgwSUc+eAzAWmxFjryMJmBBscNuYsGHODsnmPtgb3sE19L0W5AM136
h6w8kehfpCAndhMPs+4ntr+lLc71QktqCXFYdgRY0KLsXGD05GbCJtuUejVChSFN
rNgXOWs2XAgfl+89wSczwKhMQoR8N6XLO6/DD98=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:52 2024 by rpki-client on console-ams.rpki-client.org