Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/5_dypGEjxSdoG_HSndprNKDqGuU.roa
File: 5_dypGEjxSdoG_HSndprNKDqGuU.roa (raw, json)
Hash identifier: uKInMIKyqKL2ZMonamJbAvCeGM1AwbP9CKTLtkweHkc=
Subject key identifier: E7:F7:72:A4:61:23:C5:27:68:1B:F1:D2:9D:DA:6B:34:A0:EA:1A:E5
Certificate issuer: /CN=2875f185823dbc6a82d105b3ca16077db5729377
Certificate serial: 01856DCAF8CE5078B69C9E452E487E97B699
Authority key identifier: 28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/5_dypGEjxSdoG_HSndprNKDqGuU.roa
Signing time: Sun 01 Jan 2023 14:44:56 +0000
ROA not before: Sun 01 Jan 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.60.4.0/24 maxlen: 24
185.60.5.0/24 maxlen: 24
185.60.6.0/24 maxlen: 24
185.60.7.0/24 maxlen: 24
149.19.179.0/24 maxlen: 24
149.19.176.0/24 maxlen: 24
149.19.177.0/24 maxlen: 24
149.19.178.0/24 maxlen: 24
195.206.186.0/24 maxlen: 24
195.206.184.0/24 maxlen: 24
195.206.185.0/24 maxlen: 24
195.206.187.0/24 maxlen: 24
195.206.188.0/24 maxlen: 24
195.206.189.0/24 maxlen: 24
195.206.190.0/24 maxlen: 24
195.206.191.0/24 maxlen: 24
185.91.43.0/24 maxlen: 24
185.91.40.0/24 maxlen: 24
185.91.41.0/24 maxlen: 24
185.91.42.0/24 maxlen: 24
185.86.23.0/24 maxlen: 24
185.86.20.0/24 maxlen: 24
185.86.21.0/24 maxlen: 24
185.86.22.0/24 maxlen: 24
185.2.79.0/24 maxlen: 24
185.34.80.0/24 maxlen: 24
185.34.81.0/24 maxlen: 24
185.34.82.0/24 maxlen: 24
185.34.83.0/24 maxlen: 24
185.61.88.0/24 maxlen: 24
185.61.89.0/24 maxlen: 24
185.61.90.0/24 maxlen: 24
185.61.91.0/24 maxlen: 24
37.157.48.0/24 maxlen: 24
37.157.49.0/24 maxlen: 24
37.157.50.0/24 maxlen: 24
37.157.51.0/24 maxlen: 24
37.157.52.0/24 maxlen: 24
37.157.53.0/24 maxlen: 24
37.157.54.0/24 maxlen: 24
37.157.55.0/24 maxlen: 24
185.2.76.0/24 maxlen: 24
185.2.77.0/24 maxlen: 24
185.2.78.0/24 maxlen: 24
2a00:b840::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f8:ce:50:78:b6:9c:9e:45:2e:48:7e:97:b6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2875f185823dbc6a82d105b3ca16077db5729377
Validity
Not Before: Jan 1 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7f772a46123c527681bf1d29dda6b34a0ea1ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ed:67:81:b4:fa:c2:e7:3a:cf:b9:4a:3d:ed:
62:c0:97:7e:a9:7b:ed:61:9d:c2:71:5b:1d:61:53:
cc:c6:05:c1:e7:80:76:b9:18:ea:e0:a7:15:0b:5e:
f4:9b:68:e4:4f:8e:59:25:d6:06:86:2b:1a:f2:aa:
9d:f6:a3:71:4d:ec:02:cf:23:2c:85:8f:1e:67:09:
a4:88:55:ce:43:c4:00:43:7e:7e:66:31:e4:79:35:
ce:37:fa:62:5b:c7:3f:67:24:2f:f3:7d:89:dc:75:
e9:30:ea:41:c2:99:33:31:44:b4:60:cf:82:53:f6:
32:ed:64:57:1e:54:9e:94:e0:3c:9f:47:7f:9e:82:
c6:52:46:36:1d:e6:70:c7:01:1d:13:55:f1:fb:f3:
5d:1d:24:74:ab:a3:5d:60:a1:70:b5:47:34:2e:29:
ed:5f:50:ea:44:86:f9:e0:31:6d:79:ee:45:5b:00:
46:71:d9:9b:96:cb:7c:18:63:39:89:ac:cd:78:15:
b2:5c:28:ed:3b:36:63:85:69:cf:ec:01:28:04:f3:
f9:08:2f:74:79:ff:ba:40:25:04:f1:55:b7:a9:48:
e1:f5:01:0c:c6:0f:be:21:9c:6e:a2:39:38:30:a0:
cb:ae:a1:0d:30:5f:d4:b1:52:91:69:87:40:62:03:
52:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F7:72:A4:61:23:C5:27:68:1B:F1:D2:9D:DA:6B:34:A0:EA:1A:E5
X509v3 Authority Key Identifier:
keyid:28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/5_dypGEjxSdoG_HSndprNKDqGuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.48.0/21
149.19.176.0/22
185.2.76.0/22
185.34.80.0/22
185.60.4.0/22
185.61.88.0/22
185.86.20.0/22
185.91.40.0/22
195.206.184.0/21
IPv6:
2a00:b840::/29
Signature Algorithm: sha256WithRSAEncryption
48:32:d0:65:71:f8:22:38:a1:0b:b8:5c:0b:45:50:af:a4:a8:
af:d0:38:42:c0:4b:de:fa:b0:45:86:09:df:7e:f3:a7:e9:1d:
e7:cb:e3:54:b6:b4:8e:9a:17:9e:a2:37:ca:fd:61:f3:fe:c9:
4e:51:4f:6d:0a:0e:03:42:6d:12:91:7d:60:3f:60:00:5d:8e:
47:ec:0b:ff:f3:25:e8:e7:28:11:7a:d5:48:92:8a:6a:d2:65:
25:bd:67:c0:1f:d4:3e:8d:9e:0c:15:da:6d:fa:7d:bc:66:74:
4b:f0:81:f3:83:55:67:04:c6:85:e1:5b:b2:0e:a4:b6:2d:c7:
bc:97:dd:77:d1:bd:c5:13:cd:f4:5d:b3:5a:95:cc:70:47:6f:
95:f9:fb:26:5c:05:fd:cd:ff:72:89:fb:4a:f0:21:c2:91:d7:
4b:2c:44:bb:d0:f5:21:c1:bc:ac:48:84:df:a0:29:c7:59:71:
12:68:88:04:ad:96:05:f6:b8:74:85:2a:b2:41:a1:bc:c7:53:
28:7a:25:41:27:6a:93:38:ae:79:c1:7b:51:7f:62:93:a6:9f:
1b:72:30:0a:7f:c7:99:dd:08:98:9a:3b:cc:af:79:21:cb:de:
fd:d0:77:78:68:9c:03:f5:43:9b:f6:c3:72:52:84:07:8e:19:
f9:e3:d2:11
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVtyvjOUHi2nJ5FLkh+l7aZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzVmMTg1ODIzZGJjNmE4MmQxMDViM2NhMTYwNzdkYjU3
MjkzNzcwHhcNMjMwMTAxMTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Y3NzJhNDYxMjNjNTI3NjgxYmYxZDI5ZGRhNmIzNGEwZWExYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu1ngbT6wuc6z7lKPe1iwJd+qXvt
YZ3CcVsdYVPMxgXB54B2uRjq4KcVC170m2jkT45ZJdYGhisa8qqd9qNxTewCzyMs
hY8eZwmkiFXOQ8QAQ35+ZjHkeTXON/piW8c/ZyQv832J3HXpMOpBwpkzMUS0YM+C
U/Yy7WRXHlSelOA8n0d/noLGUkY2HeZwxwEdE1Xx+/NdHSR0q6NdYKFwtUc0Lint
X1DqRIb54DFtee5FWwBGcdmblst8GGM5iazNeBWyXCjtOzZjhWnP7AEoBPP5CC90
ef+6QCUE8VW3qUjh9QEMxg++IZxuojk4MKDLrqENMF/UsVKRaYdAYgNSWwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOf3cqRhI8UnaBvx0p3aazSg6hrlMB8GA1UdIwQY
MBaAFCh18YWCPbxqgtEFs8oWB321cpN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hYeGhZSTl2R3FDMFFXenloWUhmYlZ5azNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hMDRkYTYtOTg4Ny00MmE1LThlZDct
OTRlNWQ0OWNjNjI4LzEvNV9keXBHRWp4U2RvR19IU25kcHJOS0RxR3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hMDRkYTYtOTg4Ny00MmE1LThlZDctOTRlNWQ0OWNjNjI4
LzEvS0hYeGhZSTl2R3FDMFFXenloWUhmYlZ5azNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJZ0wAwQC
lROwAwQCuQJMAwQCuSJQAwQCuTwEAwQCuT1YAwQCuVYUAwQCuVsoAwQDw864MA0E
AgACMAcDBQMqALhAMA0GCSqGSIb3DQEBCwUAA4IBAQBIMtBlcfgiOKELuFwLRVCv
pKiv0DhCwEve+rBFhgnffvOn6R3ny+NUtrSOmheeojfK/WHz/slOUU9tCg4DQm0S
kX1gP2AAXY5H7Av/8yXo5ygRetVIkopq0mUlvWfAH9Q+jZ4MFdpt+n28ZnRL8IHz
g1VnBMaF4VuyDqS2Lce8l9130b3FE830XbNalcxwR2+V+fsmXAX9zf9yiftK8CHC
kddLLES70PUhwbysSITfoCnHWXESaIgErZYF9rh0hSqyQaG8x1MoeiVBJ2qTOK55
wXtRf2KTpp8bcjAKf8eZ3QiYmjvMr3khy9790Hd4aJwD9UOb9sNyUoQHjhn549IR
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:12 2024 by rpki-client on console-ams.rpki-client.org