Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/Ez9NvQ9bklOhidvqHsqCbE72nPg.roa
File: Ez9NvQ9bklOhidvqHsqCbE72nPg.roa (raw, json)
Hash identifier: TNyVuc1XMQxjVLlRBjWfhDCj64PC2S6B5LIfxtuq6rU=
Subject key identifier: 13:3F:4D:BD:0F:5B:92:53:A1:89:DB:EA:1E:CA:82:6C:4E:F6:9C:F8
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 0186DFD24FAFCF454197CAE0DADFEB3397A6
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/Ez9NvQ9bklOhidvqHsqCbE72nPg.roa
Signing time: Tue 14 Mar 2023 11:12:27 +0000
ROA not before: Tue 14 Mar 2023 11:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197216
IP address blocks: 5.182.20.0/24 maxlen: 24
5.182.21.0/24 maxlen: 24
2a0e:b800:dddd::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:d2:4f:af:cf:45:41:97:ca:e0:da:df:eb:33:97:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Mar 14 11:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=133f4dbd0f5b9253a189dbea1eca826c4ef69cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:60:86:4d:92:2e:21:08:c2:24:7e:49:fc:4c:
e9:70:9b:a9:3f:42:44:fb:5e:bb:4d:71:02:e1:d2:
fc:d3:9b:07:3b:be:71:34:87:58:15:ea:87:4a:1d:
65:19:7f:65:96:22:bd:9a:2e:6c:10:a8:83:4f:9a:
5b:37:f1:e6:ed:c2:67:7b:cf:6b:fe:74:8a:30:e4:
9d:d2:6d:77:47:e6:a1:65:47:7b:70:77:4e:f8:e8:
15:85:a4:0b:c0:a9:ba:86:aa:b3:e2:1a:5e:20:b4:
2b:26:f5:9e:6e:17:20:92:d4:da:1f:f9:44:a8:16:
72:a0:18:d4:9d:12:18:eb:db:ae:b2:02:07:a7:a4:
1b:c0:f2:42:fa:07:b3:48:3d:24:72:4d:b2:00:50:
57:e4:81:ed:59:ca:53:0a:65:ac:8a:c8:5f:8d:ca:
49:80:90:88:c9:80:7c:49:0d:d6:3c:81:03:b3:a2:
ef:21:56:62:95:9c:28:ee:df:b6:0d:00:bc:c7:d7:
9d:98:89:c8:b2:fb:78:21:ea:18:f2:e7:72:9e:f4:
37:93:b2:6e:2a:20:a0:22:8d:8e:7a:ef:7a:34:ba:
64:fa:72:69:36:b6:da:d8:ad:de:fd:a6:65:e4:b8:
8c:d3:98:40:b7:3a:39:5e:65:dc:bb:95:ea:aa:eb:
78:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3F:4D:BD:0F:5B:92:53:A1:89:DB:EA:1E:CA:82:6C:4E:F6:9C:F8
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/Ez9NvQ9bklOhidvqHsqCbE72nPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.20.0/23
IPv6:
2a0e:b800:dddd::/48
Signature Algorithm: sha256WithRSAEncryption
96:fe:d3:0c:23:ab:5d:cb:ae:e2:06:57:15:95:a8:f3:68:2c:
9b:3b:5e:7f:65:23:98:23:c2:9b:0e:c0:e5:30:b2:f2:19:89:
24:59:98:67:2c:97:6d:b8:f4:3a:e6:ab:d7:1a:02:88:c8:4a:
95:e1:1b:9f:f2:dc:68:1f:ce:42:96:6f:d2:49:c3:8f:6c:68:
e1:2e:c6:6a:0a:97:f1:b5:ac:88:32:15:da:d4:ac:12:59:fb:
ba:6b:90:79:c6:70:2c:eb:77:7f:f1:d6:bb:f0:51:4f:5b:e3:
54:9b:91:50:8a:ba:af:2b:1f:dd:b8:49:c2:7c:b4:b5:ac:80:
f1:00:79:19:96:2e:c6:0f:4f:76:6c:b2:27:41:c2:eb:4a:05:
f6:48:ed:19:35:24:20:ab:10:cc:36:b2:74:c4:d3:07:1b:a1:
24:05:24:80:6d:64:da:e1:5a:8b:a4:29:4d:7a:bb:36:93:17:
a0:4b:d6:36:5f:59:42:eb:53:41:40:c5:d5:ea:7d:49:36:04:
2f:e5:1e:4e:5a:24:3d:4e:cc:70:0a:19:e0:75:65:6c:3b:74:
b9:a3:3e:e0:bb:69:28:04:df:51:2c:42:19:03:63:aa:14:6f:
81:b4:0c:90:cf:a5:c5:db:9f:cf:69:d6:b4:4b:3c:67:d5:50:
41:d2:b6:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbf0k+vz0VBl8rg2t/rM5emMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjMwMzE0MTExMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzNmNGRiZDBmNWI5MjUzYTE4OWRiZWExZWNhODI2YzRlZjY5Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2CGTZIuIQjCJH5J/EzpcJupP0JE
+167TXEC4dL805sHO75xNIdYFeqHSh1lGX9lliK9mi5sEKiDT5pbN/Hm7cJne89r
/nSKMOSd0m13R+ahZUd7cHdO+OgVhaQLwKm6hqqz4hpeILQrJvWebhcgktTaH/lE
qBZyoBjUnRIY69uusgIHp6QbwPJC+gezSD0kck2yAFBX5IHtWcpTCmWsishfjcpJ
gJCIyYB8SQ3WPIEDs6LvIVZilZwo7t+2DQC8x9edmInIsvt4IeoY8udynvQ3k7Ju
KiCgIo2Oeu96NLpk+nJpNrba2K3e/aZl5LiM05hAtzo5XmXcu5Xqqut49QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBM/Tb0PW5JToYnb6h7KgmxO9pz4MB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvRXo5TnZROWJrbE9oaWR2cUhzcUNiRTcyblBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBBbYUMA8E
AgACMAkDBwAqDrgA3d0wDQYJKoZIhvcNAQELBQADggEBAJb+0wwjq13LruIGVxWV
qPNoLJs7Xn9lI5gjwpsOwOUwsvIZiSRZmGcsl2249Drmq9caAojISpXhG5/y3Ggf
zkKWb9JJw49saOEuxmoKl/G1rIgyFdrUrBJZ+7prkHnGcCzrd3/x1rvwUU9b41Sb
kVCKuq8rH924ScJ8tLWsgPEAeRmWLsYPT3ZssidBwutKBfZI7Rk1JCCrEMw2snTE
0wcboSQFJIBtZNrhWoukKU16uzaTF6BL1jZfWULrU0FAxdXqfUk2BC/lHk5aJD1O
zHAKGeB1ZWw7dLmjPuC7aSgE31EsQhkDY6oUb4G0DJDPpcXbn89p1rRLPGfVUEHS
tng=
-----END CERTIFICATE-----
Generated at Thu Oct 12 12:25:22 2023 by rpki-client on console-fra.rpki-client.org