Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/5tkfw7ptmAC3OKaiRfZs9Ylj04A.roa
File: 5tkfw7ptmAC3OKaiRfZs9Ylj04A.roa (raw, json)
Hash identifier: rOcG0RZ/opb1IelYZERBaNZkm1EDX8M/FFLq3s/meIw=
Subject key identifier: E6:D9:1F:C3:BA:6D:98:00:B7:38:A6:A2:45:F6:6C:F5:89:63:D3:80
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018BC5D11C0C2F4E5B050E6A4E28FCEAD6B4
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/5tkfw7ptmAC3OKaiRfZs9Ylj04A.roa
Signing time: Sun 12 Nov 2023 23:14:57 +0000
ROA not before: Sun 12 Nov 2023 23:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 147.189.132.0/24 maxlen: 24
147.189.131.0/24 maxlen: 24
147.189.128.0/24 maxlen: 24
147.189.135.0/24 maxlen: 24
45.14.113.0/24 maxlen: 24
176.111.217.0/24 maxlen: 24
2.56.8.0/24 maxlen: 24
2.56.9.0/24 maxlen: 24
5.183.76.0/24 maxlen: 24
5.183.77.0/24 maxlen: 24
2a0e:c80:323::/48 maxlen: 48
2a0e:c80:403::/48 maxlen: 48
2a0e:c80:3::/48 maxlen: 48
2a0e:c80:743::/48 maxlen: 48
2a0f:9980:195::/48 maxlen: 48
2a0f:9980:598::/48 maxlen: 48
2a0f:9980:936::/48 maxlen: 48
2a0f:9980:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c5:d1:1c:0c:2f:4e:5b:05:0e:6a:4e:28:fc:ea:d6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Nov 12 23:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6d91fc3ba6d9800b738a6a245f66cf58963d380
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ba:24:ae:31:bf:34:7e:5d:80:40:31:03:25:
ba:04:12:75:20:14:ca:bc:ff:d2:a9:f9:e9:fc:4a:
d5:16:df:5c:05:46:86:11:8e:e4:89:b0:16:fa:04:
2e:45:89:03:47:f2:f4:b8:af:30:a5:ba:7e:64:56:
30:57:c4:7e:81:dd:ec:c7:c4:b3:03:f4:69:a9:d3:
e6:9d:1f:34:dc:9b:5e:41:de:7e:35:f6:09:c2:e3:
56:db:6a:16:03:c7:fc:25:fc:8f:b1:2a:f1:f0:86:
67:9f:3c:f2:7c:3c:da:ea:7c:b7:1d:f9:65:e9:de:
ce:ca:4f:99:c1:7f:e6:e7:23:ea:c1:94:19:d0:cd:
91:dd:64:41:44:78:7f:77:a3:e7:8e:e8:90:a4:60:
66:71:1c:36:0f:8e:f7:f5:1b:65:b1:bc:d1:59:42:
ee:ef:2b:b1:dd:a0:22:41:09:3f:51:79:28:df:b1:
bc:35:d0:b5:57:3d:f9:a7:48:66:26:97:d3:34:af:
54:77:ac:b8:fd:94:da:64:1f:a7:08:90:6b:e9:7e:
33:d6:9c:7a:a4:cd:e3:76:7b:f7:a5:b6:58:fa:12:
32:cb:ed:12:5c:05:c3:12:68:ac:97:83:f7:8f:6f:
5a:db:10:55:92:7e:49:f1:6b:17:d9:7e:18:1e:98:
ac:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D9:1F:C3:BA:6D:98:00:B7:38:A6:A2:45:F6:6C:F5:89:63:D3:80
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/5tkfw7ptmAC3OKaiRfZs9Ylj04A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.8.0/23
5.183.76.0/23
45.14.113.0/24
147.189.128.0/24
147.189.131.0-147.189.132.255
147.189.135.0/24
176.111.217.0/24
IPv6:
2a0e:c80:3::/48
2a0e:c80:323::/48
2a0e:c80:403::/48
2a0e:c80:743::/48
2a0f:9980:6::/48
2a0f:9980:195::/48
2a0f:9980:598::/48
2a0f:9980:936::/48
Signature Algorithm: sha256WithRSAEncryption
36:ca:69:2e:49:40:7c:23:0a:a6:9c:70:28:ac:b0:b7:69:d2:
ed:dd:32:8f:ef:20:10:4e:95:23:d8:0e:70:66:f1:d7:36:65:
18:f6:df:d2:70:fd:da:37:37:71:04:3c:1e:3e:51:dc:e5:c3:
57:ff:d6:7c:66:e5:a8:2f:26:b3:30:dd:d0:0c:28:20:39:59:
fa:67:88:31:89:d1:9e:ed:f0:e9:0a:2b:21:8f:56:79:66:5d:
4f:f1:f1:2a:2a:c9:da:d9:1f:e8:75:db:60:78:11:00:a7:37:
08:c7:d6:a1:52:0f:ee:83:b7:3d:69:48:ba:75:3f:38:f9:d9:
f0:ee:3e:c5:e8:2a:2d:f3:98:b3:ad:49:db:78:f4:6c:c0:78:
ef:3f:e2:c0:32:4d:f5:1a:d3:bd:a4:b1:01:54:1d:8c:a4:ac:
35:06:a8:9e:1f:aa:71:04:c2:74:67:b1:3e:f8:80:56:87:08:
4e:d1:55:aa:6d:72:3a:a8:bb:1a:f4:58:25:1a:be:2a:8d:42:
7a:7d:02:e0:32:57:54:ad:3a:b5:6e:57:13:72:3b:73:85:33:
ca:93:23:fa:34:33:61:ed:b1:69:84:a7:c2:e8:7d:9f:be:9f:
f0:45:11:e6:5c:94:bc:b7:f9:af:c7:2e:e6:1c:72:a0:88:e8:
d0:cb:39:64
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYvF0RwML05bBQ5qTij86ta0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMxMTEyMjMxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ5MWZjM2JhNmQ5ODAwYjczOGE2YTI0NWY2NmNmNTg5NjNkMzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirokrjG/NH5dgEAxAyW6BBJ1IBTK
vP/Sqfnp/ErVFt9cBUaGEY7kibAW+gQuRYkDR/L0uK8wpbp+ZFYwV8R+gd3sx8Sz
A/RpqdPmnR803JteQd5+NfYJwuNW22oWA8f8JfyPsSrx8IZnnzzyfDza6ny3Hfll
6d7Oyk+ZwX/m5yPqwZQZ0M2R3WRBRHh/d6PnjuiQpGBmcRw2D4739RtlsbzRWULu
7yux3aAiQQk/UXko37G8NdC1Vz35p0hmJpfTNK9Ud6y4/ZTaZB+nCJBr6X4z1px6
pM3jdnv3pbZY+hIyy+0SXAXDEmisl4P3j29a2xBVkn5J8WsX2X4YHpisYwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFObZH8O6bZgAtzimokX2bPWJY9OAMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xLzV0a2Z3N3B0bUFDM09LYWlSZlpzOVlsajA0QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZ0GCCsGAQUFBwEHAQH/BIGNMIGKMDgEAgABMDIDBAEC
OAgDBAEFt0wDBAAtDnEDBACTvYAwDAMEAJO9gwMEAJO9hAMEAJO9hwMEALBv2TBO
BAIAAjBIAwcAKg4MgAADAwcAKg4MgAMjAwcAKg4MgAQDAwcAKg4MgAdDAwcAKg+Z
gAAGAwcAKg+ZgAGVAwcAKg+ZgAWYAwcAKg+ZgAk2MA0GCSqGSIb3DQEBCwUAA4IB
AQA2ymkuSUB8IwqmnHAorLC3adLt3TKP7yAQTpUj2A5wZvHXNmUY9t/ScP3aNzdx
BDwePlHc5cNX/9Z8ZuWoLyazMN3QDCggOVn6Z4gxidGe7fDpCishj1Z5Zl1P8fEq
Ksna2R/oddtgeBEApzcIx9ahUg/ug7c9aUi6dT84+dnw7j7F6Cot85izrUnbePRs
wHjvP+LAMk31GtO9pLEBVB2MpKw1BqieH6pxBMJ0Z7E++IBWhwhO0VWqbXI6qLsa
9FglGr4qjUJ6fQLgMldUrTq1blcTcjtzhTPKkyP6NDNh7bFphKfC6H2fvp/wRRHm
XJS8t/mvxy7mHHKgiOjQyzlk
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:26 2024 by rpki-client on console-fra.rpki-client.org