Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NEOhqVtHqZQV0sSNgqm7gixEH2I.roa
File: NEOhqVtHqZQV0sSNgqm7gixEH2I.roa (raw, json)
Hash identifier: HdKB10vQS4COinTv5ZqrxszMBE4y7B2O+gXUNHaC0K8=
Subject key identifier: 34:43:A1:A9:5B:47:A9:94:15:D2:C4:8D:82:A9:BB:82:2C:44:1F:62
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018692BFC19029C4F2F52EE3FC1DCF11A3B7
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NEOhqVtHqZQV0sSNgqm7gixEH2I.roa
Signing time: Mon 27 Feb 2023 12:01:25 +0000
ROA not before: Mon 27 Feb 2023 12:01:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.208.0/20 maxlen: 24
188.253.96.0/19 maxlen: 24
185.215.246.0/24 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:bf:c1:90:29:c4:f2:f5:2e:e3:fc:1d:cf:11:a3:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 27 12:01:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3443a1a95b47a99415d2c48d82a9bb822c441f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a6:e7:c2:e2:05:56:57:5a:32:8a:07:74:0b:
7f:39:a8:41:77:d0:1f:8c:08:24:a4:98:b0:75:ac:
ad:23:84:23:69:f5:00:41:81:45:55:42:1d:03:f5:
b5:47:b2:f1:07:d2:11:f6:b7:e1:d2:ea:3f:67:3c:
d4:cd:78:f6:a5:d4:f8:33:db:bb:8a:c8:4f:c6:aa:
85:ce:22:21:6c:34:48:73:c3:19:6a:63:1c:ce:6c:
24:56:a5:5c:aa:6b:24:85:8a:87:50:07:33:96:27:
20:3c:f0:c5:0c:c4:fe:ac:39:08:1b:14:50:3c:47:
25:08:1e:10:ea:dd:cf:ae:db:3a:a0:7a:6e:a9:88:
ca:f1:2e:4f:88:ec:d5:4f:f6:92:fe:5f:25:99:33:
ed:91:dd:f5:1d:d1:46:28:17:43:10:64:50:7d:41:
f0:22:2b:d5:3b:c3:13:6e:0f:13:12:3b:d1:65:76:
b3:8f:2f:a4:04:bc:1f:08:5f:c9:d1:5a:60:f0:69:
7b:c5:3e:16:07:e1:f8:00:f6:3a:79:0e:3e:7e:cb:
59:e8:a7:c7:a7:6f:26:20:e4:bf:b5:39:4c:ff:25:
ec:12:fe:9e:3d:04:34:b0:ea:22:25:ea:48:9f:ed:
b5:eb:c3:b3:67:ee:a6:fd:e3:4a:6c:8a:7e:1e:fa:
25:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:43:A1:A9:5B:47:A9:94:15:D2:C4:8D:82:A9:BB:82:2C:44:1F:62
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/NEOhqVtHqZQV0sSNgqm7gixEH2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
185.215.246.0/24
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
23:78:45:6e:05:76:03:63:dd:6b:b7:d0:67:d4:6d:46:b9:50:
e2:5d:90:70:12:83:83:2c:71:e8:7c:43:61:32:ed:cf:ad:f6:
c6:59:34:d0:e7:14:0e:71:58:bb:53:81:d2:d4:64:72:fd:ae:
37:65:ec:0d:d2:95:cb:a7:a8:62:9e:51:7b:7a:12:e0:08:79:
e8:cf:30:7b:15:16:2e:2f:45:32:69:91:d5:73:02:c1:9f:00:
62:4f:7d:38:d5:54:73:66:44:2c:c7:c9:9c:c7:53:e4:86:e8:
1e:bf:2a:9c:c9:77:d5:3c:09:10:ab:83:82:a8:94:b6:1e:67:
ac:fe:fc:e4:5f:00:20:e2:53:f6:07:73:43:69:b2:d4:d1:bd:
ee:87:47:8f:3d:bd:4e:e3:e0:04:5e:10:0e:df:41:a4:6a:42:
99:16:8a:d8:23:d4:3e:04:b3:ad:3f:c7:a9:17:82:bd:9b:cf:
c5:a3:92:18:56:7d:09:d9:e5:61:1f:31:69:72:20:ca:ee:93:
94:59:29:ed:44:27:04:52:a8:96:d0:86:10:b5:4a:56:2d:3c:
6d:01:0d:77:2c:3b:a2:98:5e:1f:39:75:66:95:4c:a0:9d:51:
e0:e5:b2:91:8c:71:53:92:ae:df:db:e5:a0:23:51:73:32:4f:
0b:18:83:a0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYaSv8GQKcTy9S7j/B3PEaO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjI3MTIwMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQzYTFhOTViNDdhOTk0MTVkMmM0OGQ4MmE5YmI4MjJjNDQxZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqbnwuIFVldaMooHdAt/OahBd9Af
jAgkpJiwdaytI4QjafUAQYFFVUIdA/W1R7LxB9IR9rfh0uo/ZzzUzXj2pdT4M9u7
ishPxqqFziIhbDRIc8MZamMczmwkVqVcqmskhYqHUAczlicgPPDFDMT+rDkIGxRQ
PEclCB4Q6t3Prts6oHpuqYjK8S5PiOzVT/aS/l8lmTPtkd31HdFGKBdDEGRQfUHw
IivVO8MTbg8TEjvRZXazjy+kBLwfCF/J0Vpg8Gl7xT4WB+H4APY6eQ4+fstZ6KfH
p28mIOS/tTlM/yXsEv6ePQQ0sOoiJepIn+2168OzZ+6m/eNKbIp+HvolLwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDRDoalbR6mUFdLEjYKpu4IsRB9iMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTkVPaHFWdEhxWlFWMHNTTmdxbTdnaXhFSDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEBSLQAwQA
udf2AwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQAjeEVu
BXYDY91rt9Bn1G1GuVDiXZBwEoODLHHofENhMu3PrfbGWTTQ5xQOcVi7U4HS1GRy
/a43ZewN0pXLp6hinlF7ehLgCHnozzB7FRYuL0UyaZHVcwLBnwBiT3041VRzZkQs
x8mcx1PkhugevyqcyXfVPAkQq4OCqJS2Hmes/vzkXwAg4lP2B3NDabLU0b3uh0eP
Pb1O4+AEXhAO30GkakKZForYI9Q+BLOtP8epF4K9m8/Fo5IYVn0J2eVhHzFpciDK
7pOUWSntRCcEUqiW0IYQtUpWLTxtAQ13LDuimF4fOXVmlUygnVHg5bKRjHFTkq7f
2+WgI1FzMk8LGIOg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org