Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/a0WCJcgNOlS4Jlupqf7cPpR2x4g.roa
File: a0WCJcgNOlS4Jlupqf7cPpR2x4g.roa (raw, json)
Hash identifier: XBb0Z13MTAmmrvZ9ucCrSm+GnhPXtO4ZWbr5G6zIIjI=
Subject key identifier: 6B:45:82:25:C8:0D:3A:54:B8:26:5B:A9:A9:FE:DC:3E:94:76:C7:88
Certificate issuer: /CN=9e394498e4798729ce9950be34b459a9ef29f5e8
Certificate serial: 01857095241FCE8CE2291E6D85419B7B72C6
Authority key identifier: 9E:39:44:98:E4:79:87:29:CE:99:50:BE:34:B4:59:A9:EF:29:F5:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njlEmOR5hynOmVC-NLRZqe8p9eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/a0WCJcgNOlS4Jlupqf7cPpR2x4g.roa
Signing time: Mon 02 Jan 2023 03:45:00 +0000
ROA not before: Mon 02 Jan 2023 03:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38999
IP address blocks: 212.98.134.0/24 maxlen: 24
185.76.176.64/26 maxlen: 26
185.76.177.0/24 maxlen: 24
185.76.176.0/25 maxlen: 25
185.76.176.0/24 maxlen: 24
185.76.178.0/24 maxlen: 24
185.76.177.192/27 maxlen: 27
185.76.177.224/28 maxlen: 28
5.57.0.0/24 maxlen: 24
213.204.96.0/24 maxlen: 24
2a05:5b81::/32 maxlen: 32
2a05:5b84::/32 maxlen: 32
2a05:5b82::/32 maxlen: 32
2a05:5b83::/32 maxlen: 32
2a05:5b80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:24:1f:ce:8c:e2:29:1e:6d:85:41:9b:7b:72:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e394498e4798729ce9950be34b459a9ef29f5e8
Validity
Not Before: Jan 2 03:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b458225c80d3a54b8265ba9a9fedc3e9476c788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d8:64:08:13:8f:89:44:2c:a1:d6:0b:42:3b:
ac:91:a0:e1:29:c3:e7:de:98:d4:c2:0f:0a:73:9a:
07:c5:3d:6f:17:53:d0:53:00:09:11:23:89:d0:ea:
d1:52:24:2f:74:2f:26:14:00:8a:4b:d6:e1:ae:35:
0a:4b:d8:c6:d0:76:25:12:84:96:42:69:3a:14:28:
6e:16:dc:27:96:3c:72:9d:1f:be:2f:75:ad:3f:9d:
14:25:5b:05:dd:dc:18:3e:99:33:22:8a:a1:b9:88:
ef:da:2a:f7:06:d0:41:de:87:75:bf:6c:bb:c3:60:
26:07:b4:12:63:7e:d5:49:f3:5f:db:74:5e:3a:7b:
62:02:35:a0:61:66:19:14:43:61:09:3d:2c:8e:ad:
f4:e6:c8:5c:9c:18:7c:c8:04:bb:2e:bc:23:a1:62:
4f:f4:4d:2c:03:f8:bb:ea:00:e0:3f:87:57:4f:88:
ef:8e:fb:25:e8:5c:2e:70:a2:39:aa:c9:4c:4a:f0:
d1:39:c2:f3:72:1b:37:a4:64:08:de:72:27:02:fa:
24:12:08:25:5a:f0:f6:f3:ec:99:22:81:df:2e:9b:
9f:b9:35:f5:e5:4b:83:94:f7:b3:89:87:57:63:a3:
c4:39:5a:7f:d5:41:5f:1b:9b:05:1b:e4:5f:17:ef:
44:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:45:82:25:C8:0D:3A:54:B8:26:5B:A9:A9:FE:DC:3E:94:76:C7:88
X509v3 Authority Key Identifier:
keyid:9E:39:44:98:E4:79:87:29:CE:99:50:BE:34:B4:59:A9:EF:29:F5:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njlEmOR5hynOmVC-NLRZqe8p9eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/a0WCJcgNOlS4Jlupqf7cPpR2x4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/2516e2-9e22-4e06-8a44-fa5ef4f53fbb/1/njlEmOR5hynOmVC-NLRZqe8p9eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.0.0/24
185.76.176.0-185.76.178.255
212.98.134.0/24
213.204.96.0/24
IPv6:
2a05:5b80::-2a05:5b84:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:ef:e5:a1:f9:0f:02:5d:21:ed:86:26:5a:87:67:d7:51:a5:
f1:6e:c7:8f:fe:5b:8c:59:a7:1a:dd:66:e0:e2:2b:f0:5f:98:
a2:51:83:70:10:01:5a:8a:9b:36:4c:d3:8a:94:49:27:a5:44:
0d:84:d3:3b:c2:86:b4:ff:e1:06:81:4a:32:36:5e:31:7d:51:
48:6a:61:09:87:3c:25:92:1f:87:94:0b:ea:47:a4:70:ee:0f:
5d:97:4f:d1:24:7a:93:52:61:99:0d:ab:cb:79:54:31:ea:d5:
1e:04:1d:60:fd:59:a1:ab:77:28:84:98:6c:8d:95:f5:d9:b9:
20:26:cd:a1:e2:80:60:66:3c:8e:c0:a2:76:65:8d:92:1b:72:
c1:5c:0a:e1:00:ea:3f:e6:6e:4e:95:16:af:72:70:74:c6:04:
b2:14:61:0c:41:23:f7:c4:31:c0:85:b3:0d:38:b5:86:e2:ff:
20:a3:d6:6f:c3:63:ab:65:1a:65:9c:f5:d3:5c:6d:d3:91:40:
b6:ff:d1:14:91:78:85:e0:0f:42:95:f9:8d:14:94:7e:33:c7:
24:98:31:dc:f9:fc:5d:76:cf:ec:b5:e2:d7:25:ee:99:be:00:
6e:8f:ab:32:8d:65:98:72:33:28:1a:8f:67:f7:0f:f3:3f:7d:
0f:cd:3d:c7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVwlSQfzoziKR5thUGbe3LGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzk0NDk4ZTQ3OTg3MjljZTk5NTBiZTM0YjQ1OWE5ZWYy
OWY1ZTgwHhcNMjMwMTAyMDM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ1ODIyNWM4MGQzYTU0YjgyNjViYTlhOWZlZGMzZTk0NzZjNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtthkCBOPiUQsodYLQjuskaDhKcPn
3pjUwg8Kc5oHxT1vF1PQUwAJESOJ0OrRUiQvdC8mFACKS9bhrjUKS9jG0HYlEoSW
Qmk6FChuFtwnljxynR++L3WtP50UJVsF3dwYPpkzIoqhuYjv2ir3BtBB3od1v2y7
w2AmB7QSY37VSfNf23ReOntiAjWgYWYZFENhCT0sjq305shcnBh8yAS7LrwjoWJP
9E0sA/i76gDgP4dXT4jvjvsl6FwucKI5qslMSvDROcLzchs3pGQI3nInAvokEggl
WvD28+yZIoHfLpufuTX15UuDlPeziYdXY6PEOVp/1UFfG5sFG+RfF+9ESQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGtFgiXIDTpUuCZbqan+3D6UdseIMB8GA1UdIwQY
MBaAFJ45RJjkeYcpzplQvjS0WanvKfXoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpsRW1PUjVoeW5PbVZDLU5MUlpxZThwOWVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yNTE2ZTItOWUyMi00ZTA2LThhNDQt
ZmE1ZWY0ZjUzZmJiLzEvYTBXQ0pjZ05PbFM0Smx1cHFmN2NQcFIyeDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yNTE2ZTItOWUyMi00ZTA2LThhNDQtZmE1ZWY0ZjUzZmJi
LzEvbmpsRW1PUjVoeW5PbVZDLU5MUlpxZThwOWVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQABTkAMAwD
BAS5TLADBAC5TLIDBADUYoYDBADVzGAwFgQCAAIwEDAOAwUHKgVbgAMFACoFW4Qw
DQYJKoZIhvcNAQELBQADggEBAEXv5aH5DwJdIe2GJlqHZ9dRpfFux4/+W4xZpxrd
ZuDiK/BfmKJRg3AQAVqKmzZM04qUSSelRA2E0zvChrT/4QaBSjI2XjF9UUhqYQmH
PCWSH4eUC+pHpHDuD12XT9EkepNSYZkNq8t5VDHq1R4EHWD9WaGrdyiEmGyNlfXZ
uSAmzaHigGBmPI7AonZljZIbcsFcCuEA6j/mbk6VFq9ycHTGBLIUYQxBI/fEMcCF
sw04tYbi/yCj1m/DY6tlGmWc9dNcbdORQLb/0RSReIXgD0KV+Y0UlH4zxySYMdz5
/F12z+y14tcl7pm+AG6PqzKNZZhyMygaj2f3D/M/fQ/NPcc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:04 2024 by rpki-client on console-fra.rpki-client.org