Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/sGYFdj3HcTYFiEqxpnMMoXXPfsw.roa
File: sGYFdj3HcTYFiEqxpnMMoXXPfsw.roa (raw, json)
Hash identifier: UDP8awfuW/Or3dfFlnTOGSypawja5YPu72botEn1qqk=
Subject key identifier: B0:66:05:76:3D:C7:71:36:05:88:4A:B1:A6:73:0C:A1:75:CF:7E:CC
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01856C1CA2E1278071D3A3369A21E4ED236C
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/sGYFdj3HcTYFiEqxpnMMoXXPfsw.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209709
IP address blocks: 195.69.78.0/24 maxlen: 24
195.69.77.0/24 maxlen: 24
185.170.108.0/22 maxlen: 22
91.247.40.0/21 maxlen: 21
91.247.48.0/22 maxlen: 22
5.182.12.0/22 maxlen: 22
185.99.28.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a2:e1:27:80:71:d3:a3:36:9a:21:e4:ed:23:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b06605763dc7713605884ab1a6730ca175cf7ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:63:97:57:91:7e:4a:3d:96:b9:bd:9a:24:70:
9f:0f:f8:ce:95:ba:86:d4:64:e0:a6:1e:0f:3c:38:
9d:70:5a:2c:8e:22:fb:a0:6d:08:6b:2e:b8:ea:95:
38:e0:5c:fe:51:30:3d:7b:69:47:98:84:3e:5d:70:
5f:99:bf:77:69:1f:4a:c4:5d:bb:29:ae:61:1a:15:
78:18:0f:ce:68:6a:d2:81:26:90:4d:42:ce:5d:dc:
e1:b5:7b:65:0f:63:17:dd:b4:47:b3:de:30:2e:37:
50:e8:7b:f8:d4:6b:86:47:7c:0f:fb:bd:5f:63:65:
d7:c1:10:cb:97:2a:e0:36:9c:1c:dc:ec:8e:7d:8e:
14:10:4b:36:62:bf:8f:13:d3:6e:4a:19:51:53:3a:
9f:68:56:67:c8:3c:52:a2:b4:db:b6:55:56:0f:5d:
9f:85:2d:da:93:91:93:b2:1b:1c:89:10:ce:85:1e:
cc:3c:2c:a9:21:eb:54:f2:1e:2d:e9:f8:87:fd:78:
8f:f5:25:9a:75:29:3d:b7:3d:09:cd:88:b9:17:1e:
35:93:86:9c:4e:60:9b:76:70:03:9d:d0:92:da:a1:
9f:43:4e:c7:fe:8f:a9:72:94:8c:e9:06:3c:52:9d:
1a:93:62:5f:39:f1:99:f8:17:7a:29:ae:2c:98:f9:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:66:05:76:3D:C7:71:36:05:88:4A:B1:A6:73:0C:A1:75:CF:7E:CC
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/sGYFdj3HcTYFiEqxpnMMoXXPfsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.12.0/22
91.247.40.0-91.247.51.255
185.99.28.0/22
185.170.108.0/22
195.69.77.0-195.69.78.255
Signature Algorithm: sha256WithRSAEncryption
52:2c:f3:3b:3f:d4:f7:6b:c2:35:3a:fc:77:48:27:10:13:ed:
c0:7b:22:a2:a0:b9:3b:a7:28:da:b8:10:07:1b:47:f3:75:22:
37:df:83:1e:1f:d6:6b:94:95:34:c7:ac:b3:75:bf:3f:91:ed:
69:da:54:11:67:b2:5d:6f:7c:70:09:de:10:82:50:c8:0d:cc:
b2:37:56:c2:5f:02:47:de:3f:1b:74:5d:4a:32:f4:e5:4c:c5:
d2:49:ec:94:5e:d3:4e:28:7b:5b:fe:4c:c0:96:37:34:ec:82:
7e:56:35:46:bd:55:e9:cd:70:0f:19:ed:2e:48:3e:20:e5:3b:
5a:4f:5e:ad:af:1f:a7:4c:9f:35:40:f7:d9:ae:d6:5b:e2:85:
5f:78:f8:a5:33:8c:31:e0:25:7d:d5:c2:aa:49:af:a0:b8:48:
8f:04:ce:1d:85:e0:85:e2:9a:38:08:e1:e6:30:6f:e1:86:72:
a8:ba:89:41:cc:a3:ee:a2:3a:c9:d2:5a:4a:ee:41:c7:a6:8a:
71:a5:6b:db:70:3d:9a:96:7f:69:a1:16:7d:38:f1:94:37:38:
78:b9:ca:1b:46:70:fa:ce:b7:e1:46:a4:a0:c9:f3:e6:d4:61:
88:f1:c9:5c:4a:af:96:72:ad:1d:44:f1:78:59:5b:dc:2c:c2:
ec:48:7d:1b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVsHKLhJ4Bx06M2miHk7SNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDY2MDU3NjNkYzc3MTM2MDU4ODRhYjFhNjczMGNhMTc1Y2Y3ZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWOXV5F+Sj2Wub2aJHCfD/jOlbqG
1GTgph4PPDidcFosjiL7oG0Iay646pU44Fz+UTA9e2lHmIQ+XXBfmb93aR9KxF27
Ka5hGhV4GA/OaGrSgSaQTULOXdzhtXtlD2MX3bRHs94wLjdQ6Hv41GuGR3wP+71f
Y2XXwRDLlyrgNpwc3OyOfY4UEEs2Yr+PE9NuShlRUzqfaFZnyDxSorTbtlVWD12f
hS3ak5GTshsciRDOhR7MPCypIetU8h4t6fiH/XiP9SWadSk9tz0JzYi5Fx41k4ac
TmCbdnADndCS2qGfQ07H/o+pcpSM6QY8Up0ak2JfOfGZ+Bd6Ka4smPlmsQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLBmBXY9x3E2BYhKsaZzDKF1z37MMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvc0dZRmRqM0hjVFlGaUVxeHBuTU1vWFhQZnN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCBbYMMAwD
BANb9ygDBAJb9zADBAK5YxwDBAK5qmwwDAMEAMNFTQMEAMNFTjANBgkqhkiG9w0B
AQsFAAOCAQEAUizzOz/U92vCNTr8d0gnEBPtwHsioqC5O6co2rgQBxtH83UiN9+D
Hh/Wa5SVNMess3W/P5HtadpUEWeyXW98cAneEIJQyA3MsjdWwl8CR94/G3RdSjL0
5UzF0knslF7TTih7W/5MwJY3NOyCflY1Rr1V6c1wDxntLkg+IOU7Wk9era8fp0yf
NUD32a7WW+KFX3j4pTOMMeAlfdXCqkmvoLhIjwTOHYXgheKaOAjh5jBv4YZyqLqJ
Qcyj7qI6ydJaSu5Bx6aKcaVr23A9mpZ/aaEWfTjxlDc4eLnKG0Zw+s634UakoMnz
5tRhiPHJXEqvlnKtHUTxeFlb3CzC7Eh9Gw==
-----END CERTIFICATE-----
Generated at Mon Sep 25 11:04:51 2023 by rpki-client on console-ams.rpki-client.org