Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/EVxxCEUT9DFdamK3DIwi34a8EF4.roa
File: EVxxCEUT9DFdamK3DIwi34a8EF4.roa (raw, json)
Hash identifier: voFhoPPvtRDksdJjnpaslImc5jzHcTfSW2R30IY93zw=
Subject key identifier: 11:5C:71:08:45:13:F4:31:5D:6A:62:B7:0C:8C:22:DF:86:BC:10:5E
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 018CC26D0247AB8CEE390B3DA0BAD3F473DC
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/EVxxCEUT9DFdamK3DIwi34a8EF4.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 188.215.5.0/24 maxlen: 24
89.32.200.0/24 maxlen: 24
103.47.52.0/22 maxlen: 22
2a0a:eb00::/29 maxlen: 29
2a07:4a80::/29 maxlen: 29
2a11:3bc0::/29 maxlen: 29
2a0f:c840::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 27 May 2024 05:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:02:47:ab:8c:ee:39:0b:3d:a0:ba:d3:f4:73:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=115c71084513f4315d6a62b70c8c22df86bc105e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:aa:f4:01:cc:a1:42:98:2e:27:94:ca:3d:
76:f2:5b:23:a8:7e:de:55:f3:86:46:62:a2:23:e5:
1c:16:f2:8f:95:f8:37:86:52:79:7b:77:55:bf:18:
01:c7:e0:01:e7:8c:82:f7:d7:78:93:2e:2b:5b:8a:
45:3e:77:9e:fa:84:91:d7:b2:a4:67:31:43:a5:52:
5c:4e:30:78:0d:b1:5f:31:69:b7:d4:0e:6f:c1:78:
6f:f1:48:57:6c:4d:20:e3:64:9f:6c:73:46:a5:21:
86:ef:fd:ba:07:a8:95:c8:d9:f5:f9:9e:be:03:0a:
46:97:eb:23:61:42:17:4e:91:18:0e:52:30:05:e5:
5e:b0:d7:98:08:0b:56:43:1b:5b:ef:4c:4b:d0:13:
2e:79:8a:4f:59:7e:db:ed:b8:f3:c8:29:12:e0:74:
31:e1:35:8c:29:d7:31:1a:7e:13:93:38:61:a8:c9:
51:c0:c1:f3:25:82:df:47:ed:88:72:e3:72:5c:6a:
3e:5a:15:4b:ec:4c:5f:72:02:19:e3:54:4f:ff:2a:
23:01:60:04:38:1c:9d:d9:cb:6d:fd:a4:28:f9:39:
2a:30:bc:f6:74:5e:60:f2:18:7c:37:70:a7:ac:a8:
b6:e2:6a:e9:a6:a7:dc:65:ba:12:1b:2f:f5:8e:ea:
49:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:5C:71:08:45:13:F4:31:5D:6A:62:B7:0C:8C:22:DF:86:BC:10:5E
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/EVxxCEUT9DFdamK3DIwi34a8EF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.200.0/24
103.47.52.0/22
188.215.5.0/24
IPv6:
2a07:4a80::/29
2a0a:eb00::/29
2a0f:c840::/29
2a11:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
c4:a6:47:76:3e:25:5e:08:f8:39:34:c4:07:24:f5:25:65:79:
69:91:6f:92:1f:f4:41:18:8e:ab:bd:24:7b:dc:55:13:9e:f0:
a6:b0:7e:a8:5b:8d:d3:fe:4d:d9:be:c9:40:93:b0:33:91:9a:
b6:a5:6a:d9:61:a1:4f:f4:b7:dc:73:c3:2c:a3:cb:1f:d3:14:
c4:3b:c3:6d:e0:f7:5d:aa:95:27:ed:2d:83:6e:3d:46:54:bd:
a0:d8:ce:f2:24:ef:d6:a3:99:b7:b8:a8:8e:71:be:68:28:4a:
47:1b:9c:41:1d:53:82:00:e6:d0:cb:ab:2a:02:58:96:a0:85:
0a:ad:ce:0b:83:5b:ca:e8:5a:70:42:05:2e:2e:1e:1a:5e:08:
30:36:22:45:dd:62:9a:85:d6:92:c4:b8:b6:45:d6:97:fe:81:
60:49:22:3c:89:4c:58:69:4d:46:24:a7:fd:ce:b3:01:c4:3d:
5a:e8:b2:37:05:5d:5f:2b:53:2c:56:dc:db:7e:75:34:e6:a2:
70:95:e2:95:8f:3e:f0:58:e0:5f:e3:be:05:2f:1b:12:1c:e1:
16:24:07:0a:9c:86:58:5c:1e:01:7b:fe:46:ad:9d:b4:07:15:
6b:8e:22:bd:e5:4b:83:58:44:af:21:63:74:4a:0a:93:1a:d2:
b0:5b:83:d1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzCbQJHq4zuOQs9oLrT9HPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTVjNzEwODQ1MTNmNDMxNWQ2YTYyYjcwYzhjMjJkZjg2YmMxMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLWq9AHMoUKYLieUyj128lsjqH7e
VfOGRmKiI+UcFvKPlfg3hlJ5e3dVvxgBx+AB54yC99d4ky4rW4pFPnee+oSR17Kk
ZzFDpVJcTjB4DbFfMWm31A5vwXhv8UhXbE0g42SfbHNGpSGG7/26B6iVyNn1+Z6+
AwpGl+sjYUIXTpEYDlIwBeVesNeYCAtWQxtb70xL0BMueYpPWX7b7bjzyCkS4HQx
4TWMKdcxGn4TkzhhqMlRwMHzJYLfR+2IcuNyXGo+WhVL7ExfcgIZ41RP/yojAWAE
OByd2ctt/aQo+TkqMLz2dF5g8hh8N3CnrKi24mrppqfcZboSGy/1jupJtQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFBFccQhFE/QxXWpitwyMIt+GvBBeMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvRVZ4eENFVVQ5REZkYW1LM0RJd2kzNGE4RUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAYBAIAATASAwQAWSDIAwQC
Zy80AwQAvNcFMCIEAgACMBwDBQMqB0qAAwUDKgrrAAMFAyoPyEADBQMqETvAMA0G
CSqGSIb3DQEBCwUAA4IBAQDEpkd2PiVeCPg5NMQHJPUlZXlpkW+SH/RBGI6rvSR7
3FUTnvCmsH6oW43T/k3ZvslAk7AzkZq2pWrZYaFP9Lfcc8Mso8sf0xTEO8Nt4Pdd
qpUn7S2Dbj1GVL2g2M7yJO/Wo5m3uKiOcb5oKEpHG5xBHVOCAObQy6sqAliWoIUK
rc4Lg1vK6FpwQgUuLh4aXggwNiJF3WKahdaSxLi2RdaX/oFgSSI8iUxYaU1GJKf9
zrMBxD1a6LI3BV1fK1MsVtzbfnU05qJwleKVjz7wWOBf474FLxsSHOEWJAcKnIZY
XB4Be/5GrZ20BxVrjiK95UuDWESvIWN0SgqTGtKwW4PR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:57 2024 by rpki-client on console-fra.rpki-client.org