Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5Ea-bjKK_SQJKn7RidAhwbE3JGM.roa
File: 5Ea-bjKK_SQJKn7RidAhwbE3JGM.roa (raw, json)
Hash identifier: bGtgZG20WPhcQm5xA5+73J+Tyz6/Lec4V+EShoXc+d4=
Subject key identifier: E4:46:BE:6E:32:8A:FD:24:09:2A:7E:D1:89:D0:21:C1:B1:37:24:63
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185710305F6B367E536460C25C4B1E35839
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5Ea-bjKK_SQJKn7RidAhwbE3JGM.roa
Signing time: Mon 02 Jan 2023 05:45:01 +0000
ROA not before: Mon 02 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 91.217.250.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
45.89.32.0/22 maxlen: 24
84.245.57.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:05:f6:b3:67:e5:36:46:0c:25:c4:b1:e3:58:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e446be6e328afd24092a7ed189d021c1b1372463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:44:41:5b:dc:a6:e7:d4:dd:be:1d:9f:93:
f9:1b:12:74:7e:85:fd:34:64:56:4a:7a:65:4c:9f:
0a:5e:03:00:7f:c4:4a:a0:a5:60:a8:7b:05:a5:9c:
a6:af:4f:e4:eb:a8:63:25:8d:3c:19:62:f4:2a:73:
3c:eb:b7:eb:94:5e:a6:34:1d:76:7a:f6:91:47:7d:
4c:c4:7b:c5:54:73:63:3a:22:ac:69:6b:3f:ad:07:
aa:8b:b6:be:c8:f3:43:3b:e8:08:0b:a9:be:19:57:
ac:50:71:f2:b9:b6:84:10:97:ed:99:e2:8f:5a:f9:
0f:af:14:9f:48:c1:95:d3:7c:9e:29:41:65:5f:86:
e1:ef:c1:3b:82:22:64:a5:e0:8f:b9:d7:ce:3f:cd:
5a:86:f2:33:74:d9:67:3d:93:50:98:c7:40:99:90:
cc:37:49:2d:c2:d1:63:e1:43:8c:db:e7:2d:6f:ed:
50:86:48:af:3b:4e:c6:63:cb:8b:a1:20:99:16:36:
45:21:b6:e2:22:76:58:d5:f7:68:8c:ca:9e:fb:f6:
55:f1:d0:ce:7f:4e:14:09:b0:b6:ea:0e:09:82:52:
8e:2f:0d:e0:eb:3f:72:26:ba:eb:49:7f:4f:ac:d9:
85:34:ba:c0:5f:40:15:45:b7:a6:16:47:4f:35:43:
ff:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:46:BE:6E:32:8A:FD:24:09:2A:7E:D1:89:D0:21:C1:B1:37:24:63
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/5Ea-bjKK_SQJKn7RidAhwbE3JGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
84.245.57.0/24
91.217.249.0-91.217.250.255
Signature Algorithm: sha256WithRSAEncryption
32:7e:7a:0e:17:97:cc:9a:60:5c:46:75:f6:12:31:66:63:4f:
10:89:81:4f:43:96:16:cf:44:b0:de:43:96:97:b0:6f:8c:1f:
82:f8:2a:90:d6:11:d1:6b:ea:45:89:ab:87:60:8d:8b:75:fc:
b7:1a:3c:6f:cb:a2:dc:d4:e4:83:ce:4c:8f:46:df:5a:a0:fd:
20:e9:a8:db:fb:ec:07:68:8c:92:45:af:92:8f:71:c0:93:7a:
e0:81:fa:c3:c6:c1:63:23:4c:d2:74:48:9b:2a:35:c4:8c:87:
0f:15:cd:f7:49:bf:9b:5c:90:39:22:be:8b:6d:a0:0e:b9:29:
00:2c:41:bc:ed:32:aa:b6:36:6c:a5:80:1c:8f:8f:17:e9:ac:
af:4a:18:02:90:dc:3e:1e:5c:f8:18:e2:0a:a4:39:8b:b3:97:
26:d1:21:80:7d:e4:9c:a0:10:b8:e3:4d:ba:d9:df:22:db:12:
32:5a:69:e4:b3:72:f1:4c:4f:e9:ad:2b:cf:e6:63:9e:c8:8d:
1f:24:35:e0:eb:46:54:d0:47:ab:06:18:0c:f2:13:c7:96:0e:
6c:1f:2d:8c:07:41:1f:40:33:7b:58:67:a5:32:70:75:7a:e9:
b4:6d:e9:d5:a8:46:34:14:52:dd:88:51:78:f1:41:e2:5c:46:
a6:ae:52:d0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxAwX2s2flNkYMJcSx41g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQ2YmU2ZTMyOGFmZDI0MDkyYTdlZDE4OWQwMjFjMWIxMzcyNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcNEQVvcpufU3b4dn5P5GxJ0foX9
NGRWSnplTJ8KXgMAf8RKoKVgqHsFpZymr0/k66hjJY08GWL0KnM867frlF6mNB12
evaRR31MxHvFVHNjOiKsaWs/rQeqi7a+yPNDO+gIC6m+GVesUHHyubaEEJftmeKP
WvkPrxSfSMGV03yeKUFlX4bh78E7giJkpeCPudfOP81ahvIzdNlnPZNQmMdAmZDM
N0ktwtFj4UOM2+ctb+1QhkivO07GY8uLoSCZFjZFIbbiInZY1fdojMqe+/ZV8dDO
f04UCbC26g4JglKOLw3g6z9yJrrrSX9PrNmFNLrAX0AVRbemFkdPNUP/EwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFORGvm4yiv0kCSp+0YnQIcGxNyRjMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNUVhLWJqS0tfU1FKS243UmlkQWh3YkUzSkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCLVkgAwQA
VPU5MAwDBABb2fkDBABb2fowDQYJKoZIhvcNAQELBQADggEBADJ+eg4Xl8yaYFxG
dfYSMWZjTxCJgU9DlhbPRLDeQ5aXsG+MH4L4KpDWEdFr6kWJq4dgjYt1/LcaPG/L
otzU5IPOTI9G31qg/SDpqNv77AdojJJFr5KPccCTeuCB+sPGwWMjTNJ0SJsqNcSM
hw8VzfdJv5tckDkivottoA65KQAsQbztMqq2NmylgByPjxfprK9KGAKQ3D4eXPgY
4gqkOYuzlybRIYB95JygELjjTbrZ3yLbEjJaaeSzcvFMT+mtK8/mY57IjR8kNeDr
RlTQR6sGGAzyE8eWDmwfLYwHQR9AM3tYZ6UycHV66bRt6dWoRjQUUt2IUXjxQeJc
RqauUtA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:57 2023 by rpki-client on console-fra.rpki-client.org