Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/G3aZ0DrWZB0-Ov0kLwElIckhUUw.roa
File: G3aZ0DrWZB0-Ov0kLwElIckhUUw.roa (raw, json)
Hash identifier: Dvz5FZSrpRcshDlGoCSQ4KKCErPRtQ9tQttM9xj0LKk=
Subject key identifier: 1B:76:99:D0:3A:D6:64:1D:3E:3A:FD:24:2F:01:25:21:C9:21:51:4C
Certificate issuer: /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial: 018C58266601B286C9C0780FB3B4DCE3C668
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/G3aZ0DrWZB0-Ov0kLwElIckhUUw.roa
Signing time: Mon 11 Dec 2023 09:12:40 +0000
ROA not before: Mon 11 Dec 2023 09:12:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51020
IP address blocks: 5.62.136.0/24 maxlen: 24
5.62.142.0/24 maxlen: 24
5.62.128.0/24 maxlen: 24
5.62.129.0/24 maxlen: 24
185.69.4.0/23 maxlen: 23
185.69.4.0/24 maxlen: 24
185.69.5.0/24 maxlen: 24
185.69.6.0/24 maxlen: 24
37.77.51.0/24 maxlen: 24
37.77.50.0/24 maxlen: 24
37.77.48.0/24 maxlen: 24
31.7.84.0/24 maxlen: 24
31.7.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:26:66:01:b2:86:c9:c0:78:0f:b3:b4:dc:e3:c6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Validity
Not Before: Dec 11 09:12:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b7699d03ad6641d3e3afd242f012521c921514c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:aa:83:14:17:8a:a3:29:7e:e5:aa:b9:f3:67:
88:73:15:ae:96:b3:17:07:8c:43:6f:4b:b5:1a:21:
af:5d:96:18:37:7a:1d:05:e0:2c:c4:13:0f:6c:f2:
28:98:60:1d:82:51:e5:ce:b0:37:73:81:94:2e:6e:
6a:29:ad:6c:05:02:f7:c3:c8:d8:52:04:33:67:c7:
d9:f4:d0:82:9f:6a:97:1c:89:98:c4:90:90:76:40:
7d:2c:73:16:50:a4:1d:8a:ad:83:48:87:c3:77:b3:
7b:e5:39:17:43:aa:bc:00:f6:1d:aa:44:69:1d:61:
83:50:d5:47:df:17:f3:f8:ac:d2:c0:8c:dc:52:15:
bb:a1:5f:d6:33:7f:81:1a:0a:ed:a5:fa:2d:ef:37:
e1:c9:1e:15:1c:f2:40:50:76:9a:ee:9e:4a:ad:e0:
77:45:8b:c1:23:6e:4e:c1:e3:f5:76:3f:31:5d:87:
32:91:58:cf:c9:7a:43:22:7d:dc:75:da:55:47:44:
83:6e:ad:5c:be:97:ac:50:b6:d0:ab:d5:e1:21:c7:
0b:47:d7:eb:3c:99:24:3c:b7:cb:7e:2d:ea:db:48:
86:36:a1:2c:0f:63:61:8e:5f:61:55:9c:42:3c:5d:
d6:83:e1:25:87:73:c7:66:c6:73:aa:d5:a6:a9:ed:
8d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:76:99:D0:3A:D6:64:1D:3E:3A:FD:24:2F:01:25:21:C9:21:51:4C
X509v3 Authority Key Identifier:
keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/G3aZ0DrWZB0-Ov0kLwElIckhUUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.128.0/23
5.62.136.0/24
5.62.142.0/24
31.7.84.0/24
31.7.86.0/24
37.77.48.0/24
37.77.50.0/23
185.69.4.0-185.69.6.255
Signature Algorithm: sha256WithRSAEncryption
bb:32:0d:73:50:f3:cc:5e:c2:04:b8:d7:a7:53:d8:3f:51:ae:
ca:4c:fc:ac:a5:19:5f:54:25:28:3a:e0:9a:7c:58:49:34:62:
db:03:f6:3e:f5:24:b7:9a:a3:6e:97:4c:d7:5d:79:bb:6a:1c:
64:d8:00:11:5d:f8:dc:75:00:f8:ad:30:61:fe:6d:0b:a7:7c:
70:46:8d:1b:b6:cb:92:75:a3:f4:75:23:10:36:57:5b:5f:40:
24:1f:ce:3e:aa:07:e8:73:31:a0:ae:15:d1:ab:0d:51:fc:5a:
cc:3c:e9:98:f8:2b:53:63:f8:69:a2:57:86:e9:02:5a:db:61:
1d:01:7a:fb:31:a4:58:e6:12:d0:97:c6:44:ab:c4:0c:65:f5:
28:0d:b8:90:81:62:d2:bd:d1:ab:5a:b8:45:c4:a4:b3:57:a3:
fb:12:78:ed:65:05:ca:7a:e0:ba:79:47:0d:a6:cb:2d:ae:14:
89:c5:67:83:e1:a8:0e:a0:4f:a0:dd:1b:e4:17:7f:0f:db:8e:
ae:31:07:11:18:82:06:9e:fc:e5:19:f8:30:b1:ce:6d:4f:35:
69:54:c5:0b:48:bc:74:85:66:da:5a:2a:77:1a:38:86:a9:79:
7f:74:c1:38:1d:d1:7c:3e:64:8d:07:e4:f8:b8:50:17:60:8d:
d4:0b:16:73
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYxYJmYBsobJwHgPs7Tc48ZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjMxMjExMDkxMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc2OTlkMDNhZDY2NDFkM2UzYWZkMjQyZjAxMjUyMWM5MjE1MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqqDFBeKoyl+5aq582eIcxWulrMX
B4xDb0u1GiGvXZYYN3odBeAsxBMPbPIomGAdglHlzrA3c4GULm5qKa1sBQL3w8jY
UgQzZ8fZ9NCCn2qXHImYxJCQdkB9LHMWUKQdiq2DSIfDd7N75TkXQ6q8APYdqkRp
HWGDUNVH3xfz+KzSwIzcUhW7oV/WM3+BGgrtpfot7zfhyR4VHPJAUHaa7p5KreB3
RYvBI25OweP1dj8xXYcykVjPyXpDIn3cddpVR0SDbq1cvpesULbQq9XhIccLR9fr
PJkkPLfLfi3q20iGNqEsD2Nhjl9hVZxCPF3Wg+Elh3PHZsZzqtWmqe2N+wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFBt2mdA61mQdPjr9JC8BJSHJIVFMMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvRzNhWjBEcldaQjAtT3Ywa0x3RWxJY2toVVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBBT6AAwQA
BT6IAwQABT6OAwQAHwdUAwQAHwdWAwQAJU0wAwQBJU0yMAwDBAK5RQQDBAC5RQYw
DQYJKoZIhvcNAQELBQADggEBALsyDXNQ88xewgS416dT2D9RrspM/KylGV9UJSg6
4Jp8WEk0YtsD9j71JLeao26XTNddebtqHGTYABFd+Nx1APitMGH+bQunfHBGjRu2
y5J1o/R1IxA2V1tfQCQfzj6qB+hzMaCuFdGrDVH8Wsw86Zj4K1Nj+GmiV4bpAlrb
YR0BevsxpFjmEtCXxkSrxAxl9SgNuJCBYtK90atauEXEpLNXo/sSeO1lBcp64Lp5
Rw2myy2uFInFZ4PhqA6gT6DdG+QXfw/bjq4xBxEYggae/OUZ+DCxzm1PNWlUxQtI
vHSFZtpaKncaOIapeX90wTgd0Xw+ZI0H5Pi4UBdgjdQLFnM=
-----END CERTIFICATE-----
Generated at Fri Dec 22 10:06:41 2023 by rpki-client on console-fra.rpki-client.org