Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e5e0ce-4a06-4341-a367-763f5ba2eab1/1/DS5lQNm3IA6p__H7dAtA-ea_h-s.roa
File: DS5lQNm3IA6p__H7dAtA-ea_h-s.roa (raw, json)
Hash identifier: gN1yumH9zuy2xi1Rq786xQbE+VRs4tL8suEhPdzgnvE=
Subject key identifier: 0D:2E:65:40:D9:B7:20:0E:A9:FF:F1:FB:74:0B:40:F9:E6:BF:87:EB
Certificate issuer: /CN=38040937b018e3b40697e82151b588b2809dae60
Certificate serial: 01857082CF685FE0548CC7592DD6463245DC
Authority key identifier: 38:04:09:37:B0:18:E3:B4:06:97:E8:21:51:B5:88:B2:80:9D:AE:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OAQJN7AY47QGl-ghUbWIsoCdrmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e5e0ce-4a06-4341-a367-763f5ba2eab1/1/DS5lQNm3IA6p__H7dAtA-ea_h-s.roa
Signing time: Mon 02 Jan 2023 03:24:59 +0000
ROA not before: Mon 02 Jan 2023 03:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202169
IP address blocks: 185.240.80.0/23 maxlen: 23
185.240.82.0/23 maxlen: 23
185.19.190.0/24 maxlen: 24
185.19.191.0/24 maxlen: 24
185.19.188.0/23 maxlen: 23
91.215.48.0/22 maxlen: 22
2a00:4920::/32 maxlen: 34
2a00:4920::/33 maxlen: 34
2a00:4920:8000::/33 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:cf:68:5f:e0:54:8c:c7:59:2d:d6:46:32:45:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38040937b018e3b40697e82151b588b2809dae60
Validity
Not Before: Jan 2 03:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d2e6540d9b7200ea9fff1fb740b40f9e6bf87eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:02:5d:26:36:f9:99:60:6b:65:0c:be:ec:c6:
ba:eb:d3:6b:43:da:5b:cf:24:c1:08:d2:86:92:e3:
07:49:d9:5c:34:39:ba:d8:f0:dc:63:b2:1d:38:f2:
31:39:20:57:ed:5f:4d:e7:25:6c:0b:42:51:9a:54:
5c:a5:4c:4a:f8:d7:02:b9:ec:e6:85:ad:18:ac:07:
11:60:69:ed:a7:94:68:12:59:ef:02:40:b1:0e:9e:
45:2e:f0:3c:53:9b:52:ea:0b:6a:2a:2f:7c:ac:c6:
88:e5:0e:e0:13:4e:39:1e:ea:8a:46:ae:63:6c:5c:
a1:01:20:fd:34:f4:2d:52:29:f9:a1:ad:60:d8:d9:
23:63:fc:2b:34:b9:58:f9:d6:8f:ef:82:6c:03:f8:
9b:e9:99:9e:22:06:9e:65:31:1a:bd:1d:2d:4d:50:
f2:d7:dc:e7:39:08:4c:c3:0b:2b:87:c9:1f:db:56:
d5:bf:36:e9:1f:b1:e9:fb:41:4a:37:1e:36:64:ec:
aa:d1:d6:8c:f3:8a:06:22:2b:7c:a4:21:e9:48:ae:
57:88:4c:2b:40:08:8b:fe:e4:2a:eb:73:17:1c:0d:
c5:36:3f:c5:ef:fb:76:16:0f:f9:96:02:13:21:c2:
6c:56:a4:9d:34:18:36:9a:5f:a1:4a:c2:ff:79:d4:
d1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2E:65:40:D9:B7:20:0E:A9:FF:F1:FB:74:0B:40:F9:E6:BF:87:EB
X509v3 Authority Key Identifier:
keyid:38:04:09:37:B0:18:E3:B4:06:97:E8:21:51:B5:88:B2:80:9D:AE:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OAQJN7AY47QGl-ghUbWIsoCdrmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e5e0ce-4a06-4341-a367-763f5ba2eab1/1/DS5lQNm3IA6p__H7dAtA-ea_h-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e5e0ce-4a06-4341-a367-763f5ba2eab1/1/OAQJN7AY47QGl-ghUbWIsoCdrmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.48.0/22
185.19.188.0/22
185.240.80.0/22
IPv6:
2a00:4920::/32
Signature Algorithm: sha256WithRSAEncryption
6c:b5:08:08:70:01:d5:e1:80:3c:eb:ee:39:59:53:a5:d6:0a:
5a:07:55:41:69:03:12:e7:b9:bb:0b:bf:77:02:c5:25:1d:c7:
77:fa:f4:19:09:f2:8a:83:07:b8:71:84:3d:a7:9f:2c:36:e4:
a0:80:bc:30:3e:a0:4c:b7:c5:0e:d7:86:67:42:35:8c:55:5c:
1e:b7:9c:20:b0:b9:64:56:a2:ff:21:01:fb:9f:f5:a0:b6:28:
0b:8a:17:89:1b:60:e8:03:7b:3d:7d:1f:45:1d:ba:a5:7a:40:
4e:55:6e:24:1d:9d:46:d1:9d:29:25:16:15:d8:88:e4:e6:23:
33:96:f1:37:ed:0a:5a:df:d2:72:e3:d5:c4:0d:b3:46:2d:f5:
1d:bb:e9:2d:a8:73:8e:b7:bc:8d:bb:4d:1c:9c:92:9f:7a:bc:
b0:c6:45:7e:d3:4a:57:00:b0:86:68:0f:6f:fb:f3:49:be:b0:
16:d0:17:35:4e:1b:44:b6:15:41:f1:67:5c:39:58:39:cc:f5:
d8:87:b2:29:da:cc:05:39:e1:85:07:92:e8:6f:de:aa:5c:2b:
74:eb:4f:89:df:d3:08:96:c5:e6:74:0c:6e:35:4d:8b:b5:dd:
34:85:26:5b:af:cb:c1:46:5c:d6:1f:fd:bb:be:d5:e0:56:d7:
5c:cb:3f:e6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwgs9oX+BUjMdZLdZGMkXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDQwOTM3YjAxOGUzYjQwNjk3ZTgyMTUxYjU4OGIyODA5
ZGFlNjAwHhcNMjMwMTAyMDMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJlNjU0MGQ5YjcyMDBlYTlmZmYxZmI3NDBiNDBmOWU2YmY4N2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgJdJjb5mWBrZQy+7Ma669NrQ9pb
zyTBCNKGkuMHSdlcNDm62PDcY7IdOPIxOSBX7V9N5yVsC0JRmlRcpUxK+NcCuezm
ha0YrAcRYGntp5RoElnvAkCxDp5FLvA8U5tS6gtqKi98rMaI5Q7gE045HuqKRq5j
bFyhASD9NPQtUin5oa1g2NkjY/wrNLlY+daP74JsA/ib6ZmeIgaeZTEavR0tTVDy
19znOQhMwwsrh8kf21bVvzbpH7Hp+0FKNx42ZOyq0daM84oGIit8pCHpSK5XiEwr
QAiL/uQq63MXHA3FNj/F7/t2Fg/5lgITIcJsVqSdNBg2ml+hSsL/edTRawIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA0uZUDZtyAOqf/x+3QLQPnmv4frMB8GA1UdIwQY
MBaAFDgECTewGOO0BpfoIVG1iLKAna5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FRSk43QVk0N1FHbC1naFViV0lzb0Nkcm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lNWUwY2UtNGEwNi00MzQxLWEzNjct
NzYzZjViYTJlYWIxLzEvRFM1bFFObTNJQTZwX19IN2RBdEEtZWFfaC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lNWUwY2UtNGEwNi00MzQxLWEzNjctNzYzZjViYTJlYWIx
LzEvT0FRSk43QVk0N1FHbC1naFViV0lzb0Nkcm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW9cwAwQC
uRO8AwQCufBQMA0EAgACMAcDBQAqAEkgMA0GCSqGSIb3DQEBCwUAA4IBAQBstQgI
cAHV4YA86+45WVOl1gpaB1VBaQMS57m7C793AsUlHcd3+vQZCfKKgwe4cYQ9p58s
NuSggLwwPqBMt8UO14ZnQjWMVVwet5wgsLlkVqL/IQH7n/WgtigLiheJG2DoA3s9
fR9FHbqlekBOVW4kHZ1G0Z0pJRYV2Ijk5iMzlvE37Qpa39Jy49XEDbNGLfUdu+kt
qHOOt7yNu00cnJKferywxkV+00pXALCGaA9v+/NJvrAW0Bc1ThtEthVB8WdcOVg5
zPXYh7Ip2swFOeGFB5Lob96qXCt060+J39MIlsXmdAxuNU2Ltd00hSZbr8vBRlzW
H/27vtXgVtdcyz/m
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:21 2024 by rpki-client on console-fra.rpki-client.org