Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/5nVK-e-FsHglw8U5I1MIGX65pMc.roa
File: 5nVK-e-FsHglw8U5I1MIGX65pMc.roa (raw, json)
Hash identifier: 4uJ1imuYg2ZvXwpJT4U60QJbLuzhdyHM59S/V1oXlvo=
Subject key identifier: E6:75:4A:F9:EF:85:B0:78:25:C3:C5:39:23:53:08:19:7E:B9:A4:C7
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018806F96C52FCE2C6716D31803825268F5D
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/5nVK-e-FsHglw8U5I1MIGX65pMc.roa
Signing time: Wed 10 May 2023 18:43:09 +0000
ROA not before: Wed 10 May 2023 18:43:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
86.104.1.0/24 maxlen: 24
86.104.0.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:06:f9:6c:52:fc:e2:c6:71:6d:31:80:38:25:26:8f:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: May 10 18:43:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6754af9ef85b07825c3c539235308197eb9a4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:45:3b:20:cb:21:e4:13:43:2e:55:d7:01:ea:
db:d0:01:ea:07:0e:ef:ce:ac:fe:86:7b:35:fd:32:
36:d2:52:62:f6:91:81:f5:d8:b2:eb:41:6c:6b:54:
b2:79:80:b1:28:f0:04:a2:02:28:8f:f6:d1:a1:87:
59:23:ee:97:c7:c1:c5:99:13:ac:af:6d:f4:cf:aa:
8e:8e:29:c0:dc:37:6f:fd:93:31:4d:8a:2d:85:11:
83:1a:0c:87:43:23:84:62:66:34:66:70:09:df:7a:
b8:84:31:fe:4a:6d:05:c3:7e:c4:1c:45:c3:08:90:
50:ee:c5:ce:3c:7a:21:04:3c:3f:35:75:5b:87:8d:
af:ba:e9:93:2f:62:e7:32:e1:02:eb:9a:04:b1:23:
5c:2b:c5:1e:b4:92:08:30:8d:fe:d4:fd:77:34:7d:
ad:a6:ff:34:81:66:94:27:65:e5:25:16:34:78:72:
bb:ea:2e:f8:6a:d6:0a:c8:1d:c1:b9:09:4d:29:ef:
77:02:8c:0b:21:1c:84:ef:68:8c:60:b0:66:a1:16:
fa:82:5b:4f:c2:42:45:d1:32:0c:93:68:85:bd:b4:
6d:76:c9:a7:41:29:e4:1c:28:31:d9:1b:67:ec:48:
db:8c:45:8c:59:e5:41:0f:c7:43:a1:8d:dd:99:f6:
e0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:75:4A:F9:EF:85:B0:78:25:C3:C5:39:23:53:08:19:7E:B9:A4:C7
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/5nVK-e-FsHglw8U5I1MIGX65pMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.179.255
77.81.90.0/23
86.104.0.0/23
86.106.116.0/24
89.37.93.0-89.37.94.255
89.41.27.0/24
89.42.154.0/24
93.119.125.0/24
176.223.160.0/24
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:1e:eb:52:49:0e:21:59:77:17:58:51:4e:e2:1e:e9:9b:3c:
47:5d:b9:7a:56:8e:6c:a8:d3:d6:c0:eb:66:b1:ef:7b:fd:63:
23:85:9d:d0:05:3d:4f:37:d4:17:92:67:8c:8d:db:ac:e8:22:
d6:1d:55:b1:a3:a9:6d:42:92:29:66:98:55:ec:25:af:45:6b:
d1:88:05:4f:6b:56:52:c8:97:4c:68:93:77:94:e1:8f:61:49:
8a:70:7d:73:1a:eb:0e:36:01:50:e9:ce:3b:c4:de:aa:65:63:
21:e6:46:b3:7a:f6:1b:bf:cc:35:ff:63:18:2c:4e:03:47:75:
d5:4b:78:41:e5:83:f3:50:ff:0f:bf:f7:95:97:39:36:07:33:
fd:0b:de:f3:12:d5:de:64:7d:f5:36:61:37:e1:9f:79:e9:60:
17:f5:7c:2e:f8:30:9d:4c:2f:d5:57:25:93:ec:4a:d0:d9:51:
19:9f:4d:d2:27:d7:a5:5a:c4:fb:7c:7b:a7:27:4a:86:15:9e:
9d:24:7f:b7:3c:dd:49:75:0b:d0:b7:3a:3d:22:c2:bb:9b:d5:
2c:c5:91:5a:08:1e:aa:7f:17:16:20:fe:12:18:86:26:fc:73:
a1:12:d5:74:28:3a:6a:e8:4e:64:95:79:6f:53:a2:68:91:18:
94:94:03:a3
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYgG+WxS/OLGcW0xgDglJo9dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwNTEwMTg0MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjc1NGFmOWVmODViMDc4MjVjM2M1MzkyMzUzMDgxOTdlYjlhNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikU7IMsh5BNDLlXXAerb0AHqBw7v
zqz+hns1/TI20lJi9pGB9diy60Fsa1SyeYCxKPAEogIoj/bRoYdZI+6Xx8HFmROs
r230z6qOjinA3Ddv/ZMxTYothRGDGgyHQyOEYmY0ZnAJ33q4hDH+Sm0Fw37EHEXD
CJBQ7sXOPHohBDw/NXVbh42vuumTL2LnMuEC65oEsSNcK8UetJIIMI3+1P13NH2t
pv80gWaUJ2XlJRY0eHK76i74atYKyB3BuQlNKe93AowLIRyE72iMYLBmoRb6gltP
wkJF0TIMk2iFvbRtdsmnQSnkHCgx2Rtn7EjbjEWMWeVBD8dDoY3dmfbgbwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOZ1SvnvhbB4JcPFOSNTCBl+uaTHMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvNW5WSy1lLUZzSGdsdzhVNUkxTUlHWDY1cE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeMAwDBAAuZrED
BAIuZrADBAFNUVoDBAFWaAADBABWanQwDAMEAFklXQMEAFklXgMEAFkpGwMEAFkq
mgMEAF13fQMEALDfoAMEAbzQ3AMEALzQ3wMEAbzRfAMEAMEe/zANBgkqhkiG9w0B
AQsFAAOCAQEATx7rUkkOIVl3F1hRTuIe6Zs8R125elaObKjT1sDrZrHve/1jI4Wd
0AU9TzfUF5JnjI3brOgi1h1VsaOpbUKSKWaYVewlr0Vr0YgFT2tWUsiXTGiTd5Th
j2FJinB9cxrrDjYBUOnOO8TeqmVjIeZGs3r2G7/MNf9jGCxOA0d11Ut4QeWD81D/
D7/3lZc5Ngcz/Qve8xLV3mR99TZhN+GfeelgF/V8LvgwnUwv1Vclk+xK0NlRGZ9N
0ifXpVrE+3x7pydKhhWenSR/tzzdSXUL0Lc6PSLCu5vVLMWRWggeqn8XFiD+EhiG
JvxzoRLVdCg6auhOZJV5b1OiaJEYlJQDow==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:26 2023 by rpki-client on console-ams.rpki-client.org