Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/ArQvw-LZd1b3sE9FW-XTBNsNxyU.roa
File: ArQvw-LZd1b3sE9FW-XTBNsNxyU.roa (raw, json)
Hash identifier: dmqQD5GUzqDCARRfifJoA+7yT61/G+JXC9b25mvEBQ4=
Subject key identifier: 02:B4:2F:C3:E2:D9:77:56:F7:B0:4F:45:5B:E5:D3:04:DB:0D:C7:25
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018572C37E7C63126CEB7DAB5430323B199B
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/ArQvw-LZd1b3sE9FW-XTBNsNxyU.roa
Signing time: Mon 02 Jan 2023 13:54:52 +0000
ROA not before: Mon 02 Jan 2023 13:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211642
IP address blocks: 185.219.42.0/24 maxlen: 24
185.219.43.0/24 maxlen: 24
185.219.40.0/24 maxlen: 24
185.219.41.0/24 maxlen: 24
45.128.206.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
185.240.102.0/24 maxlen: 24
45.128.207.0/24 maxlen: 24
5.253.62.0/24 maxlen: 24
5.253.60.0/24 maxlen: 24
5.253.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:7e:7c:63:12:6c:eb:7d:ab:54:30:32:3b:19:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Jan 2 13:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02b42fc3e2d97756f7b04f455be5d304db0dc725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7e:6c:dc:29:bc:bf:97:3a:8c:5a:a1:82:5a:
9d:9b:6c:ca:bc:50:15:1d:26:ce:91:d6:e7:0a:44:
65:de:3a:02:f0:e6:74:b7:4b:ab:ad:fc:e3:cd:56:
4e:a3:03:ea:dc:e6:b6:9f:d4:65:06:d1:f2:95:a1:
cd:2a:d9:05:7d:cb:89:94:0d:2e:49:f2:36:80:c0:
08:8a:2c:a3:7c:7d:91:2c:41:41:22:b4:30:86:48:
11:df:16:ec:53:63:b0:32:30:11:fe:b9:f3:96:e6:
2b:82:4d:fb:d5:41:79:5f:a1:f6:66:a2:4a:f6:5e:
21:3a:f4:da:0d:59:76:2c:f8:e1:2c:78:37:76:9a:
bd:0c:dc:b4:3d:44:2f:cb:4c:ca:ad:31:c2:3b:70:
39:87:a0:aa:75:a4:9a:44:2d:cc:21:59:bc:fb:85:
19:20:e1:71:4c:90:a6:09:3b:ec:dc:d7:cf:14:4f:
a4:f0:ef:88:3e:67:18:62:35:9b:6d:8b:2b:c7:d2:
00:a4:96:9f:c2:de:8d:b9:7d:2f:e0:91:3a:3e:0d:
12:e7:33:79:7d:61:66:58:2e:cd:56:ac:96:0d:ce:
88:bd:75:19:7d:d8:ce:ba:f6:f1:1e:a1:d9:cd:b4:
4e:90:ba:ca:be:0d:17:8c:43:07:05:65:24:a2:ff:
d8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B4:2F:C3:E2:D9:77:56:F7:B0:4F:45:5B:E5:D3:04:DB:0D:C7:25
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/ArQvw-LZd1b3sE9FW-XTBNsNxyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.60.0-5.253.62.255
45.128.204.0/24
45.128.206.0/23
185.219.40.0/22
185.240.102.0/24
Signature Algorithm: sha256WithRSAEncryption
27:8e:a5:f5:b7:13:0d:42:67:52:fe:fd:38:f4:b3:b6:ee:a7:
4b:14:b0:b9:80:35:d4:d8:f7:e1:b0:51:48:84:5f:e8:f9:4d:
42:c6:b5:e9:57:a2:92:26:dc:14:8e:cd:ee:4d:e6:36:ac:8a:
e9:72:47:37:99:fe:bb:17:dc:c8:54:0e:ed:f6:d2:9d:5c:d9:
50:33:db:02:39:44:c2:77:76:36:bc:cd:86:19:ff:ee:44:ea:
9a:7f:54:af:06:2a:5e:5d:5c:31:21:0e:38:ec:2d:b3:96:c9:
a1:ae:46:b5:fe:c4:0a:12:27:68:41:b2:70:8c:ac:a6:8f:34:
1d:df:3e:50:3d:89:f7:dd:a7:82:7e:64:6d:e9:0c:b9:50:ed:
12:9a:cc:50:68:b9:09:b1:a4:36:ad:45:79:8e:45:2b:af:c6:
5e:be:91:dc:f6:e8:50:fe:ab:64:01:d3:1c:cc:6b:3e:87:28:
d3:69:3d:33:ea:8f:75:a4:a1:8d:e8:20:98:1d:ac:fe:e5:2b:
6f:26:5e:a6:7a:41:83:37:f2:ea:fe:6a:94:33:6d:d3:dd:51:
8b:dc:e4:7f:ce:ae:78:60:fb:88:60:52:1a:fd:5b:0a:70:f2:
1f:cb:cf:5c:87:16:f5:4d:46:8f:53:61:4e:fc:34:55:31:d3:
5b:c5:08:62
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVyw358YxJs632rVDAyOxmbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjMwMTAyMTM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmI0MmZjM2UyZDk3NzU2ZjdiMDRmNDU1YmU1ZDMwNGRiMGRjNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX5s3Cm8v5c6jFqhglqdm2zKvFAV
HSbOkdbnCkRl3joC8OZ0t0urrfzjzVZOowPq3Oa2n9RlBtHylaHNKtkFfcuJlA0u
SfI2gMAIiiyjfH2RLEFBIrQwhkgR3xbsU2OwMjAR/rnzluYrgk371UF5X6H2ZqJK
9l4hOvTaDVl2LPjhLHg3dpq9DNy0PUQvy0zKrTHCO3A5h6CqdaSaRC3MIVm8+4UZ
IOFxTJCmCTvs3NfPFE+k8O+IPmcYYjWbbYsrx9IApJafwt6NuX0v4JE6Pg0S5zN5
fWFmWC7NVqyWDc6IvXUZfdjOuvbxHqHZzbROkLrKvg0XjEMHBWUkov/YiQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAK0L8Pi2XdW97BPRVvl0wTbDcclMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvQXJRdnctTFpkMWIzc0U5RlctWFRCTnNOeHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAIF/TwD
BAAF/T4DBAAtgMwDBAEtgM4DBAK52ygDBAC58GYwDQYJKoZIhvcNAQELBQADggEB
ACeOpfW3Ew1CZ1L+/Tj0s7bup0sUsLmANdTY9+GwUUiEX+j5TULGtelXopIm3BSO
ze5N5jasiulyRzeZ/rsX3MhUDu320p1c2VAz2wI5RMJ3dja8zYYZ/+5E6pp/VK8G
Kl5dXDEhDjjsLbOWyaGuRrX+xAoSJ2hBsnCMrKaPNB3fPlA9iffdp4J+ZG3pDLlQ
7RKazFBouQmxpDatRXmORSuvxl6+kdz26FD+q2QB0xzMaz6HKNNpPTPqj3WkoY3o
IJgdrP7lK28mXqZ6QYM38ur+apQzbdPdUYvc5H/Ornhg+4hgUhr9Wwpw8h/Lz1yH
FvVNRo9TYU78NFUx01vFCGI=
-----END CERTIFICATE-----
Generated at Tue Nov 14 08:02:52 2023 by rpki-client on console-fra.rpki-client.org