Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b54f2a-d898-4d03-b789-9cb261e66762/1/5pEenRRg9HMkfANaek7-ovEWk58.roa
File: 5pEenRRg9HMkfANaek7-ovEWk58.roa (raw, json)
Hash identifier: K+jjo5sYDhI2HJah0GtZGmOzywpYaaTYaxDKcikJ9WU=
Subject key identifier: E6:91:1E:9D:14:60:F4:73:24:7C:03:5A:7A:4E:FE:A2:F1:16:93:9F
Certificate issuer: /CN=10dd3a72f790b25ee3d229ac99f69a71bf1d8294
Certificate serial: 01857130A283D6EDCD63714C0910C7FD7FB2
Authority key identifier: 10:DD:3A:72:F7:90:B2:5E:E3:D2:29:AC:99:F6:9A:71:BF:1D:82:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EN06cveQsl7j0imsmfaacb8dgpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b54f2a-d898-4d03-b789-9cb261e66762/1/5pEenRRg9HMkfANaek7-ovEWk58.roa
Signing time: Mon 02 Jan 2023 06:34:50 +0000
ROA not before: Mon 02 Jan 2023 06:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203116
IP address blocks: 185.143.24.0/22 maxlen: 22
2a07:4540::/29 maxlen: 29
2a07:4540:a::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:a2:83:d6:ed:cd:63:71:4c:09:10:c7:fd:7f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10dd3a72f790b25ee3d229ac99f69a71bf1d8294
Validity
Not Before: Jan 2 06:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6911e9d1460f473247c035a7a4efea2f116939f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f6:4e:e2:b4:9b:ae:fc:dd:01:e0:59:1d:78:
92:7e:af:d1:45:c0:eb:84:1a:9a:1e:3d:d1:a3:aa:
90:b3:ce:9a:86:d0:55:a7:73:79:1c:c7:58:89:42:
a6:5d:87:84:bf:1b:7e:0b:87:66:4c:7d:00:2b:cb:
f7:45:7c:30:b0:45:77:26:68:f8:4d:6c:e6:f8:48:
9c:d3:4f:25:03:fb:6c:41:37:d9:38:97:82:9e:40:
8b:93:54:d4:e7:56:2b:69:2e:50:e6:20:d3:13:39:
68:2e:ac:d1:c3:7f:a9:75:d0:7b:3b:e6:c3:41:50:
41:c4:be:c1:e2:b6:23:ae:08:5a:c7:a2:95:4e:b6:
75:a5:51:b9:4e:3d:82:81:0a:de:7b:5b:f6:4a:15:
db:e8:72:0f:2d:2a:38:3f:79:b9:16:63:a2:14:68:
a2:2e:e9:d8:7c:dc:2f:a8:2a:c7:67:e6:85:c3:8d:
62:5f:3f:f5:d3:0e:19:04:4e:b3:af:fd:15:e2:19:
c0:f9:22:38:6f:d9:51:e0:b2:5c:23:06:9b:a2:56:
0a:2f:94:42:a1:06:ba:16:7f:fc:7d:35:b8:31:11:
d8:53:47:91:89:83:a3:2f:97:e5:04:af:83:e4:e4:
19:02:de:71:ba:45:cb:50:0d:d8:23:4f:de:05:62:
da:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:91:1E:9D:14:60:F4:73:24:7C:03:5A:7A:4E:FE:A2:F1:16:93:9F
X509v3 Authority Key Identifier:
keyid:10:DD:3A:72:F7:90:B2:5E:E3:D2:29:AC:99:F6:9A:71:BF:1D:82:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EN06cveQsl7j0imsmfaacb8dgpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b54f2a-d898-4d03-b789-9cb261e66762/1/5pEenRRg9HMkfANaek7-ovEWk58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b54f2a-d898-4d03-b789-9cb261e66762/1/EN06cveQsl7j0imsmfaacb8dgpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.24.0/22
IPv6:
2a07:4540::/29
Signature Algorithm: sha256WithRSAEncryption
27:e9:2c:51:d8:37:27:2e:81:2b:6a:a2:51:80:89:f6:89:39:
81:20:90:af:88:bf:04:86:a1:9c:73:c0:23:cf:f7:0f:18:19:
24:e1:2d:92:92:95:bc:a4:bb:4b:74:1b:95:f7:bf:dd:9b:d3:
fa:09:dd:de:8e:63:aa:ec:9f:8e:df:44:6b:e1:30:81:20:46:
46:57:76:fd:28:a7:29:d8:0c:c7:3d:29:89:d2:2c:b2:8d:30:
3c:c8:7b:ec:86:bc:45:87:d3:40:16:f9:dc:b6:d9:eb:91:a4:
1f:23:e6:4c:ff:4e:02:0a:d7:ec:11:3a:90:59:ab:bf:2e:c1:
f7:78:0b:08:f1:77:c0:91:d7:5d:cd:a2:2d:62:97:68:28:fe:
67:06:e8:de:cc:a8:ca:db:86:d2:a4:53:be:d4:a8:6d:78:83:
3e:17:9c:ad:52:1c:34:f9:38:da:df:92:e7:10:fc:6b:30:d7:
e6:db:8e:0b:c7:9c:8e:d0:70:82:a2:fe:9d:2a:02:e2:1d:6a:
28:a8:97:ba:29:34:66:64:eb:66:7e:97:3c:17:93:b5:05:6a:
42:50:9d:23:dd:7a:2a:50:0a:0a:ca:a2:4f:2f:23:61:3c:e9:
dd:dc:32:33:3b:18:e1:99:29:37:62:ef:32:91:19:7f:a3:4a:
ee:b5:24:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxMKKD1u3NY3FMCRDH/X+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZGQzYTcyZjc5MGIyNWVlM2QyMjlhYzk5ZjY5YTcxYmYx
ZDgyOTQwHhcNMjMwMTAyMDYzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjkxMWU5ZDE0NjBmNDczMjQ3YzAzNWE3YTRlZmVhMmYxMTY5MzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvZO4rSbrvzdAeBZHXiSfq/RRcDr
hBqaHj3Ro6qQs86ahtBVp3N5HMdYiUKmXYeEvxt+C4dmTH0AK8v3RXwwsEV3Jmj4
TWzm+Eic008lA/tsQTfZOJeCnkCLk1TU51YraS5Q5iDTEzloLqzRw3+pddB7O+bD
QVBBxL7B4rYjrghax6KVTrZ1pVG5Tj2CgQree1v2ShXb6HIPLSo4P3m5FmOiFGii
LunYfNwvqCrHZ+aFw41iXz/10w4ZBE6zr/0V4hnA+SI4b9lR4LJcIwabolYKL5RC
oQa6Fn/8fTW4MRHYU0eRiYOjL5flBK+D5OQZAt5xukXLUA3YI0/eBWLa/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOaRHp0UYPRzJHwDWnpO/qLxFpOfMB8GA1UdIwQY
MBaAFBDdOnL3kLJe49IprJn2mnG/HYKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRU4wNmN2ZVFzbDdqMGltc21mYWFjYjhkZ3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iNTRmMmEtZDg5OC00ZDAzLWI3ODkt
OWNiMjYxZTY2NzYyLzEvNXBFZW5SUmc5SE1rZkFOYWVrNy1vdkVXazU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iNTRmMmEtZDg5OC00ZDAzLWI3ODktOWNiMjYxZTY2NzYy
LzEvRU4wNmN2ZVFzbDdqMGltc21mYWFjYjhkZ3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY8YMA0E
AgACMAcDBQMqB0VAMA0GCSqGSIb3DQEBCwUAA4IBAQAn6SxR2DcnLoEraqJRgIn2
iTmBIJCviL8EhqGcc8Ajz/cPGBkk4S2SkpW8pLtLdBuV97/dm9P6Cd3ejmOq7J+O
30Rr4TCBIEZGV3b9KKcp2AzHPSmJ0iyyjTA8yHvshrxFh9NAFvncttnrkaQfI+ZM
/04CCtfsETqQWau/LsH3eAsI8XfAkdddzaItYpdoKP5nBujezKjK24bSpFO+1Kht
eIM+F5ytUhw0+Tja35LnEPxrMNfm244Lx5yO0HCCov6dKgLiHWooqJe6KTRmZOtm
fpc8F5O1BWpCUJ0j3XoqUAoKyqJPLyNhPOnd3DIzOxjhmSk3Yu8ykRl/o0rutSRv
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:32 2024 by rpki-client on console-ams.rpki-client.org