Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/5rsTRsTVjV9NwjYFi4kxAVovH1c.roa
File: 5rsTRsTVjV9NwjYFi4kxAVovH1c.roa (raw, json)
Hash identifier: HcmBPQvydsazhGQBr3c+hNVwDGF9qePaycUyXX2PJ04=
Subject key identifier: E6:BB:13:46:C4:D5:8D:5F:4D:C2:36:05:8B:89:31:01:5A:2F:1F:57
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0186DB25827C264524D56F1E54AE56940BEF
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/5rsTRsTVjV9NwjYFi4kxAVovH1c.roa
Signing time: Mon 13 Mar 2023 13:25:13 +0000
ROA not before: Mon 13 Mar 2023 13:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211057
IP address blocks: 185.71.141.0/24 maxlen: 24
185.71.140.0/24 maxlen: 24
185.71.140.0/25 maxlen: 25
185.71.140.128/25 maxlen: 25
185.71.141.0/25 maxlen: 25
185.71.141.128/25 maxlen: 25
185.71.140.0/22 maxlen: 22
185.71.142.0/25 maxlen: 25
185.71.142.0/24 maxlen: 24
185.71.142.128/25 maxlen: 25
185.71.143.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:25:82:7c:26:45:24:d5:6f:1e:54:ae:56:94:0b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Mar 13 13:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6bb1346c4d58d5f4dc236058b8931015a2f1f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:45:38:19:f6:08:2e:72:03:2c:dc:46:67:e7:
cf:fd:5e:d5:4f:3f:cd:9b:b5:84:0c:ab:d6:f9:4f:
f5:44:56:9a:3b:4d:d5:4d:d7:49:19:9b:21:9f:18:
8c:af:e5:65:58:ea:3b:d0:16:79:a7:e0:2e:a9:41:
b3:ae:92:cc:7f:c2:8b:a9:7e:ce:96:84:a8:c7:10:
fc:68:d0:cf:fa:a7:f5:8b:48:f7:e4:e0:ae:61:e2:
33:5b:f2:1e:f3:24:c8:d7:a8:aa:83:c8:4c:4f:e7:
5d:78:01:c5:9e:50:3a:ec:00:a0:d4:29:21:95:1d:
da:d8:31:c8:6a:09:a5:a7:47:25:1a:ba:2f:90:37:
e0:86:2e:2a:6d:1c:90:c1:16:67:39:77:4a:23:4e:
84:de:18:fe:d9:5f:7e:17:9b:b6:88:b0:7b:0f:c9:
36:36:93:a7:39:57:35:e2:6f:c7:38:28:61:bf:e6:
17:92:f9:9d:cc:56:b4:c5:8d:54:5b:e2:03:de:17:
0a:4e:1a:93:21:51:73:f2:50:83:5c:82:6d:ec:7d:
70:08:96:ed:63:9f:26:04:ed:2b:64:46:44:93:e8:
3f:cb:67:75:e3:8c:f0:04:2f:96:f3:1e:4d:dd:9b:
8e:f0:cd:3a:9e:1b:4a:3b:8f:de:83:49:d2:05:95:
ba:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BB:13:46:C4:D5:8D:5F:4D:C2:36:05:8B:89:31:01:5A:2F:1F:57
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/5rsTRsTVjV9NwjYFi4kxAVovH1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.140.0/22
Signature Algorithm: sha256WithRSAEncryption
f0:6f:52:28:5f:87:41:ff:5d:3d:54:73:f2:b5:84:59:75:d6:
c2:a6:39:de:a1:ca:19:80:d1:db:c3:8d:e6:39:18:bd:32:a8:
26:89:06:3f:00:49:32:b8:85:bc:cc:76:7b:4d:b3:1a:79:e5:
f8:e1:ac:f8:1d:9f:d8:21:60:26:06:d4:fd:49:3c:7e:15:9f:
cc:b9:a6:09:d8:ef:50:00:2a:71:4b:d2:ad:45:e0:ba:2b:b5:
f7:e8:06:f2:3d:be:a2:eb:e2:e4:4f:aa:94:38:09:7b:be:3f:
b7:08:a3:33:ac:3a:65:c8:e8:7b:eb:77:a8:a4:c5:70:a1:1c:
0b:35:75:3f:b9:26:92:7a:ec:8a:32:67:92:da:a4:7a:45:93:
fd:79:52:f6:0b:ac:c9:02:94:7e:34:f7:a6:70:5b:19:69:81:
d1:eb:f0:01:7f:6b:e0:9a:53:dc:41:48:66:fb:fa:14:c3:cd:
76:29:f0:e2:64:f4:24:76:98:4a:87:09:d4:82:c0:aa:04:ec:
d6:23:fd:bc:15:f1:4a:3f:9e:e3:45:41:ba:77:5d:f2:3c:e9:
23:c8:03:19:92:e7:01:39:9e:58:b7:47:0a:6d:75:9e:04:c0:
8e:65:6c:e1:1c:b0:6b:52:50:94:ce:71:a6:94:ee:44:2a:53:
9b:df:f5:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbbJYJ8JkUk1W8eVK5WlAvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMwMzEzMTMyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJiMTM0NmM0ZDU4ZDVmNGRjMjM2MDU4Yjg5MzEwMTVhMmYxZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkU4GfYILnIDLNxGZ+fP/V7VTz/N
m7WEDKvW+U/1RFaaO03VTddJGZshnxiMr+VlWOo70BZ5p+AuqUGzrpLMf8KLqX7O
loSoxxD8aNDP+qf1i0j35OCuYeIzW/Ie8yTI16iqg8hMT+ddeAHFnlA67ACg1Ckh
lR3a2DHIagmlp0clGrovkDfghi4qbRyQwRZnOXdKI06E3hj+2V9+F5u2iLB7D8k2
NpOnOVc14m/HOChhv+YXkvmdzFa0xY1UW+ID3hcKThqTIVFz8lCDXIJt7H1wCJbt
Y58mBO0rZEZEk+g/y2d144zwBC+W8x5N3ZuO8M06nhtKO4/eg0nSBZW62wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOa7E0bE1Y1fTcI2BYuJMQFaLx9XMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvNXJzVFJzVFZqVjlOd2pZRmk0a3hBVm92SDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUeMMA0G
CSqGSIb3DQEBCwUAA4IBAQDwb1IoX4dB/109VHPytYRZddbCpjneocoZgNHbw43m
ORi9MqgmiQY/AEkyuIW8zHZ7TbMaeeX44az4HZ/YIWAmBtT9STx+FZ/MuaYJ2O9Q
ACpxS9KtReC6K7X36AbyPb6i6+LkT6qUOAl7vj+3CKMzrDplyOh763eopMVwoRwL
NXU/uSaSeuyKMmeS2qR6RZP9eVL2C6zJApR+NPemcFsZaYHR6/ABf2vgmlPcQUhm
+/oUw812KfDiZPQkdphKhwnUgsCqBOzWI/28FfFKP57jRUG6d13yPOkjyAMZkucB
OZ5Yt0cKbXWeBMCOZWzhHLBrUlCUznGmlO5EKlOb3/UF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:03 2023 by rpki-client on console-fra.rpki-client.org