Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/D8kGOH-K4QoQVaEYOT7KYv-A0sE.roa
File: D8kGOH-K4QoQVaEYOT7KYv-A0sE.roa (raw, json)
Hash identifier: rx3LaqvAxeRWSYd9LJLLUiKzp7i6F7XkcAlQnajV208=
Subject key identifier: 0F:C9:06:38:7F:8A:E1:0A:10:55:A1:18:39:3E:CA:62:FF:80:D2:C1
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01856C1CA4675C2C22F14DEEC93DFC7541B9
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/D8kGOH-K4QoQVaEYOT7KYv-A0sE.roa
Signing time: Sun 01 Jan 2023 06:54:54 +0000
ROA not before: Sun 01 Jan 2023 06:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 188.215.5.0/24 maxlen: 24
89.32.200.0/24 maxlen: 24
103.47.52.0/22 maxlen: 22
2a0a:eb00::/29 maxlen: 29
2a07:4a80::/29 maxlen: 29
2a11:3bc0::/29 maxlen: 29
2a0f:c840::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a4:67:5c:2c:22:f1:4d:ee:c9:3d:fc:75:41:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 06:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fc906387f8ae10a1055a118393eca62ff80d2c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:13:58:ae:74:e9:48:0b:42:18:98:54:42:95:
05:9e:30:7e:58:3d:89:bf:03:be:81:28:9d:75:03:
7a:b3:17:d0:67:db:85:70:24:09:1c:31:d5:4b:f3:
da:4d:74:cb:1a:bc:32:a1:da:b7:b9:0e:e3:88:aa:
74:05:36:db:c0:1f:0b:0d:d5:9a:72:bf:fd:78:dc:
6a:3b:89:ab:57:c9:e4:3d:bb:4f:14:0d:45:3e:6b:
32:de:68:39:95:71:ef:a8:41:ba:cc:49:c4:88:80:
bf:99:5c:3c:f3:a7:70:fa:34:22:f4:94:04:b0:d2:
6b:ef:50:88:93:56:2a:62:ec:e6:c7:76:04:1e:55:
7c:ea:89:3d:5b:4a:b3:38:9d:d4:f5:18:2a:7d:3e:
14:71:47:47:37:20:6e:14:c3:5f:57:50:ef:55:7d:
9c:6b:f5:65:e8:01:1f:b1:bf:b4:e5:36:0e:17:a8:
23:64:04:c2:b0:15:36:bd:2c:d6:ec:24:55:73:f9:
c3:a0:95:78:03:59:58:fe:13:23:fc:78:91:47:01:
68:86:54:02:f0:45:b6:17:7b:0a:e3:a8:33:85:ec:
f1:6c:d5:f9:ad:15:5c:67:d4:e1:0e:87:e3:aa:64:
b4:70:81:a9:4d:4d:df:cc:7e:65:1d:3b:11:bb:c6:
57:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C9:06:38:7F:8A:E1:0A:10:55:A1:18:39:3E:CA:62:FF:80:D2:C1
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/D8kGOH-K4QoQVaEYOT7KYv-A0sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.200.0/24
103.47.52.0/22
188.215.5.0/24
IPv6:
2a07:4a80::/29
2a0a:eb00::/29
2a0f:c840::/29
2a11:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
85:2c:81:13:f9:86:39:68:a3:af:ab:b7:44:87:2e:18:3f:c7:
4e:c4:d4:d3:d4:cc:74:db:28:46:79:14:8b:bc:9e:c8:64:42:
57:ab:d8:9a:8b:64:d0:d5:f8:a9:00:05:c7:cd:ad:6e:e2:7f:
12:60:67:cc:43:d2:17:ee:4f:93:d1:06:47:16:0b:1f:c3:8e:
48:a0:76:89:2e:33:1d:68:15:3b:18:51:60:15:24:12:17:26:
2c:5b:56:93:14:9c:79:bb:15:ac:67:36:70:e8:d0:a5:46:c3:
7d:dc:39:8d:a6:3f:0f:66:b4:de:c5:a0:fd:01:ef:3c:56:02:
aa:0b:64:a4:f9:db:c9:b3:e8:60:c6:ee:db:60:87:37:9b:81:
a6:6c:a2:63:ca:4b:03:fc:a8:ed:62:30:43:ac:54:d3:fc:f8:
cb:dd:c7:cf:c5:5b:2c:93:8b:d5:b2:fe:7e:59:84:df:82:86:
f0:43:3c:37:49:99:bb:fb:9b:13:da:51:73:00:97:27:42:fd:
47:52:ca:21:f4:ac:10:f4:68:32:04:0d:de:b0:cc:ca:7a:94:
71:70:79:ff:99:99:55:8f:72:dd:8a:5f:5d:bb:6f:76:a6:98:
c5:c3:26:81:ee:f9:de:e3:c9:ef:b0:d4:50:e1:93:08:70:8e:
38:1e:b3:04
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVsHKRnXCwi8U3uyT38dUG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwMTAxMDY1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmM5MDYzODdmOGFlMTBhMTA1NWExMTgzOTNlY2E2MmZmODBkMmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhNYrnTpSAtCGJhUQpUFnjB+WD2J
vwO+gSiddQN6sxfQZ9uFcCQJHDHVS/PaTXTLGrwyodq3uQ7jiKp0BTbbwB8LDdWa
cr/9eNxqO4mrV8nkPbtPFA1FPmsy3mg5lXHvqEG6zEnEiIC/mVw886dw+jQi9JQE
sNJr71CIk1YqYuzmx3YEHlV86ok9W0qzOJ3U9RgqfT4UcUdHNyBuFMNfV1DvVX2c
a/Vl6AEfsb+05TYOF6gjZATCsBU2vSzW7CRVc/nDoJV4A1lY/hMj/HiRRwFohlQC
8EW2F3sK46gzhezxbNX5rRVcZ9ThDofjqmS0cIGpTU3fzH5lHTsRu8ZXPQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFA/JBjh/iuEKEFWhGDk+ymL/gNLBMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvRDhrR09ILUs0UW9RVmFFWU9UN0tZdi1BMHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQAWSDIAwQC
Zy80AwQAvNcFMCIEAgACMBwDBQMqB0qAAwUDKgrrAAMFAyoPyEADBQMqETvAMA0G
CSqGSIb3DQEBCwUAA4IBAQCFLIET+YY5aKOvq7dEhy4YP8dOxNTT1Mx02yhGeRSL
vJ7IZEJXq9iai2TQ1fipAAXHza1u4n8SYGfMQ9IX7k+T0QZHFgsfw45IoHaJLjMd
aBU7GFFgFSQSFyYsW1aTFJx5uxWsZzZw6NClRsN93DmNpj8PZrTexaD9Ae88VgKq
C2Sk+dvJs+hgxu7bYIc3m4GmbKJjyksD/KjtYjBDrFTT/PjL3cfPxVssk4vVsv5+
WYTfgobwQzw3SZm7+5sT2lFzAJcnQv1HUsoh9KwQ9GgyBA3esMzKepRxcHn/mZlV
j3Ldil9du292ppjFwyaB7vne48nvsNRQ4ZMIcI44HrME
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:28 2024 by rpki-client on console-fra.rpki-client.org