Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5ElXKiYwJpfiFOd-HOhBbTvxX5s.roa
File: 5ElXKiYwJpfiFOd-HOhBbTvxX5s.roa (raw, json)
Hash identifier: 31ijVTM/h3DDhZSDX7mzAti23xhgLWif1uFQC/L7R9U=
Subject key identifier: E4:49:57:2A:26:30:26:97:E2:14:E7:7E:1C:E8:41:6D:3B:F1:5F:9B
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0187AB014C2E2F0D17B033A5F88D59288931
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5ElXKiYwJpfiFOd-HOhBbTvxX5s.roa
Signing time: Sat 22 Apr 2023 22:06:41 +0000
ROA not before: Sat 22 Apr 2023 22:06:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.189.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.109.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ab:01:4c:2e:2f:0d:17:b0:33:a5:f8:8d:59:28:89:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Apr 22 22:06:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e449572a26302697e214e77e1ce8416d3bf15f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d2:fa:cd:8f:e0:26:e5:d0:31:72:a1:ba:b3:
ee:40:10:5c:bb:6a:08:d5:bb:b7:41:89:e3:5b:9c:
71:b8:5a:e6:55:b3:0f:fd:d2:6f:8d:f6:be:37:67:
c8:70:56:dc:51:68:5b:e0:07:ef:33:60:ea:7d:a7:
ee:7f:ef:ec:a4:75:cd:76:0a:91:9b:25:04:a7:d7:
22:af:94:2a:a2:1b:89:55:96:0a:02:db:a5:b8:b4:
f3:1a:62:04:db:0a:bb:ac:26:df:ab:30:d0:88:56:
03:e3:88:29:41:50:85:c0:5f:29:30:84:b2:a1:5b:
f0:e4:ba:7d:98:e0:b4:82:ad:b5:88:bf:db:72:47:
74:f1:1a:cc:f3:83:0f:56:47:88:fd:a6:8b:fa:2d:
55:35:21:f8:90:d7:d1:00:3a:b4:4d:a9:d1:13:4e:
53:3f:15:a0:30:fa:99:f2:50:8c:51:52:30:bd:0f:
ad:74:8a:e9:56:9e:a5:c1:f4:14:9a:26:ff:9f:d0:
09:61:77:c3:df:83:66:05:0f:f3:1d:b2:08:86:7a:
e5:4c:10:32:79:41:b6:d2:05:e1:02:f2:a0:43:d2:
f6:38:40:74:f9:66:c4:24:b1:7c:e0:94:2c:b1:1a:
4c:05:e3:a3:1a:4f:ff:35:ab:71:85:50:b0:3e:8e:
d7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:49:57:2A:26:30:26:97:E2:14:E7:7E:1C:E8:41:6D:3B:F1:5F:9B
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/5ElXKiYwJpfiFOd-HOhBbTvxX5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.208.109.0/24
91.213.174.0/24
91.213.189.0/24
91.213.200.0/24
Signature Algorithm: sha256WithRSAEncryption
34:df:e6:6e:56:0b:9e:b4:92:d4:b7:41:8d:56:18:81:2c:c3:
79:da:fb:b6:30:ab:9c:ae:0e:c2:99:64:09:b5:71:81:19:c8:
81:de:f8:b6:60:23:4f:22:7a:46:a5:d0:e1:91:7c:82:49:9a:
1b:b3:2f:e4:f5:d8:c4:51:11:dc:0a:e2:b6:72:99:13:ea:b3:
44:99:b2:d3:aa:c3:69:5b:a9:33:43:ee:b0:8b:8a:4c:86:83:
9f:36:d2:f2:0c:23:f6:f7:53:f5:c0:8e:25:9d:70:5e:ab:50:
aa:f2:37:44:f1:7e:d1:03:b0:30:d1:fa:b4:3a:02:dd:89:50:
60:76:cf:cc:21:ff:28:35:2e:a8:22:bf:cf:8a:e8:3f:21:a9:
7a:64:25:13:aa:4c:bd:b0:fa:7a:3c:95:06:55:3d:1b:ae:de:
dd:3a:5a:62:0f:ad:c7:07:e2:0f:00:5c:ed:13:40:ec:a3:42:
eb:36:30:f4:d7:d3:94:67:90:64:d9:f0:45:45:16:5e:30:6d:
76:21:c6:37:06:95:bb:06:a7:ae:b4:97:6f:c1:3d:ad:7d:69:
e9:cd:b7:05:4f:7f:1f:10:26:3c:bf:a7:5e:48:22:a3:9a:ba:
3c:63:6d:54:ee:39:83:e2:0f:a6:65:08:fe:91:4c:eb:88:0b:
c3:4a:11:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYerAUwuLw0XsDOl+I1ZKIkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNDIyMjIwNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQ5NTcyYTI2MzAyNjk3ZTIxNGU3N2UxY2U4NDE2ZDNiZjE1ZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9L6zY/gJuXQMXKhurPuQBBcu2oI
1bu3QYnjW5xxuFrmVbMP/dJvjfa+N2fIcFbcUWhb4AfvM2Dqfafuf+/spHXNdgqR
myUEp9cir5QqohuJVZYKAtuluLTzGmIE2wq7rCbfqzDQiFYD44gpQVCFwF8pMISy
oVvw5Lp9mOC0gq21iL/bckd08RrM84MPVkeI/aaL+i1VNSH4kNfRADq0TanRE05T
PxWgMPqZ8lCMUVIwvQ+tdIrpVp6lwfQUmib/n9AJYXfD34NmBQ/zHbIIhnrlTBAy
eUG20gXhAvKgQ9L2OEB0+WbEJLF84JQssRpMBeOjGk//NatxhVCwPo7XvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFORJVyomMCaX4hTnfhzoQW078V+bMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvNUVsWEtpWXdKcGZpRk9kLUhPaEJiVHZ4WDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZbFAwQA
W9BtAwQAW9WuAwQAW9W9AwQAW9XIMA0GCSqGSIb3DQEBCwUAA4IBAQA03+ZuVgue
tJLUt0GNVhiBLMN52vu2MKucrg7CmWQJtXGBGciB3vi2YCNPInpGpdDhkXyCSZob
sy/k9djEURHcCuK2cpkT6rNEmbLTqsNpW6kzQ+6wi4pMhoOfNtLyDCP291P1wI4l
nXBeq1Cq8jdE8X7RA7Aw0fq0OgLdiVBgds/MIf8oNS6oIr/Piug/Ial6ZCUTqky9
sPp6PJUGVT0brt7dOlpiD63HB+IPAFztE0Dso0LrNjD019OUZ5Bk2fBFRRZeMG12
IcY3BpW7BqeutJdvwT2tfWnpzbcFT38fECY8v6deSCKjmro8Y21U7jmD4g+mZQj+
kUzriAvDShER
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-ams.rpki-client.org