Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1-f1AsNeOLJG8wkiYYvNcUme_0xs.roa
File: 1-f1AsNeOLJG8wkiYYvNcUme_0xs.roa (raw, json)
Hash identifier: 4+g0D8K1bUgyJYSV9a0F0Uz74RLCoNvAAsnOZMrepCo=
Subject key identifier: F9:FD:40:B0:D7:8E:2C:91:BC:C2:48:98:62:F3:5C:52:67:BF:D3:1B
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 018C20DB2354490C6859B04191B4374D4E36
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1-f1AsNeOLJG8wkiYYvNcUme_0xs.roa
Signing time: Thu 30 Nov 2023 15:31:21 +0000
ROA not before: Thu 30 Nov 2023 15:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
185.24.255.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
2a04:2f00:ff06::/48 maxlen: 48
2a04:2f00:1::/48 maxlen: 48
2a04:2f00:ff01::/48 maxlen: 48
2a04:2f00:ff08::/48 maxlen: 48
2a04:2f00:3::/48 maxlen: 48
2a04:2f00:ff03::/48 maxlen: 48
2a04:2f00:e::/48 maxlen: 48
2a04:2f00:ff09::/48 maxlen: 48
2a04:2f00:2::/48 maxlen: 48
2a04:2f00:ff02::/48 maxlen: 48
2a04:2f00:d::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:db:23:54:49:0c:68:59:b0:41:91:b4:37:4d:4e:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Nov 30 15:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9fd40b0d78e2c91bcc2489862f35c5267bfd31b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1a:74:66:fe:dc:43:3f:c7:cb:2a:da:cf:3d:
1c:9a:0f:36:ca:3c:c3:37:16:d5:97:0f:c5:26:7f:
0e:de:04:e0:a5:58:e9:4f:35:2e:d0:f5:9a:d0:4f:
40:42:0e:a3:70:c1:ec:4e:77:22:63:1e:bc:45:27:
e7:dd:a1:d7:07:40:76:f3:3e:2c:da:90:f1:7d:28:
f8:16:6a:a5:83:fe:ec:48:19:c5:8b:74:99:84:2a:
6d:8c:14:6a:dc:dd:1c:54:28:74:6a:66:3c:86:96:
a3:ea:fa:13:09:51:e9:13:32:74:8e:91:08:5c:77:
23:9f:f8:2f:01:69:fd:1e:33:3f:da:4c:73:99:56:
a6:03:0c:79:1e:a7:a6:fc:a9:ea:0e:a3:5e:68:c3:
c4:2c:02:ee:b7:01:bc:75:9a:2d:0d:bd:3b:62:10:
22:fd:91:92:8d:45:bb:ab:10:8e:d5:2c:f0:8c:22:
94:19:2e:d8:a1:d2:48:18:ae:20:a2:4c:e9:f1:e9:
2f:9d:4e:18:c3:44:ac:bf:15:8f:c4:6f:94:ff:e8:
13:16:8b:cc:fe:fc:d2:23:73:45:87:67:10:52:4b:
05:ee:90:c6:75:f7:1b:f1:db:b1:76:de:c7:98:b7:
ef:9d:be:12:16:53:a2:a0:38:05:8c:86:94:39:c3:
d1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FD:40:B0:D7:8E:2C:91:BC:C2:48:98:62:F3:5C:52:67:BF:D3:1B
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1-f1AsNeOLJG8wkiYYvNcUme_0xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.113.0-5.145.114.255
5.145.117.0-5.145.119.255
185.24.252.0/23
185.24.255.0/24
IPv6:
2a04:2f00::/46
2a04:2f00:d::-2a04:2f00:e:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff01::-2a04:2f00:ff03:ffff:ffff:ffff:ffff:ffff
2a04:2f00:ff06::/48
2a04:2f00:ff08::/47
Signature Algorithm: sha256WithRSAEncryption
ac:6f:f6:75:02:1c:25:10:d3:ef:0c:34:48:e1:22:d9:59:bd:
cb:8a:0a:24:dd:d8:f8:47:68:b5:79:24:14:8f:7a:de:bc:9d:
0f:3f:26:1e:58:50:68:c7:8b:22:fa:d6:f5:19:8a:c7:91:63:
e8:e5:78:51:00:a8:2f:de:3a:e7:98:50:de:cf:85:5f:fa:44:
65:66:59:28:34:1b:0c:8f:e9:55:aa:41:de:a3:32:8e:d6:e6:
a6:60:27:4a:c6:f1:c8:74:ec:be:e6:31:68:de:fb:38:d4:8e:
8b:6b:cf:57:d8:a2:56:fb:19:1b:ed:3e:b2:82:aa:ee:b8:9b:
f6:e9:be:22:a6:d4:4c:99:74:8b:d9:41:17:8f:4f:13:cb:3c:
91:6a:d3:ad:9c:d8:cc:34:64:06:58:9b:96:26:e0:af:d3:99:
d5:aa:24:d1:ee:21:c7:90:4b:61:ba:31:6b:4c:59:76:01:27:
3c:44:ad:1b:82:ca:01:6b:89:e5:e4:72:aa:b5:6d:a6:42:a6:
5c:e8:09:f7:6d:00:76:51:5d:58:0c:1a:1f:33:0e:0a:1b:16:
27:eb:a5:aa:dc:03:fa:9d:9d:f1:98:38:9e:f8:82:38:b3:1e:
77:bb:e0:6f:08:69:22:6f:82:12:1e:d1:4e:5a:63:a5:48:e8:
97:f7:b4:f8
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYwg2yNUSQxoWbBBkbQ3TU42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjMxMTMwMTUzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWZkNDBiMGQ3OGUyYzkxYmNjMjQ4OTg2MmYzNWM1MjY3YmZkMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxp0Zv7cQz/Hyyrazz0cmg82yjzD
NxbVlw/FJn8O3gTgpVjpTzUu0PWa0E9AQg6jcMHsTnciYx68RSfn3aHXB0B28z4s
2pDxfSj4Fmqlg/7sSBnFi3SZhCptjBRq3N0cVCh0amY8hpaj6voTCVHpEzJ0jpEI
XHcjn/gvAWn9HjM/2kxzmVamAwx5Hqem/KnqDqNeaMPELALutwG8dZotDb07YhAi
/ZGSjUW7qxCO1SzwjCKUGS7YodJIGK4gokzp8ekvnU4Yw0SsvxWPxG+U/+gTFovM
/vzSI3NFh2cQUksF7pDGdfcb8duxdt7HmLfvnb4SFlOioDgFjIaUOcPRMwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFPn9QLDXjiyRvMJImGLzXFJnv9MbMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvMS1mMUFzTmVPTEpHOHdraVlZdk5jVW1lXzB4cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvOGNjNTA2LTdlNzEtNDcwNS1hMjg5LWI0MjM2NDg5NTA4
My8xLzF1SnBSbEtxS1lVUjdhLS1HTkt4emJ4NUpqZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBjAYIKwYBBQUHAQcBAf8EfTB7MC4EAgABMCgwDAMEAAWR
cQMEAAWRcjAMAwQABZF1AwQDBZFwAwQBuRj8AwQAuRj/MEkEAgACMEMDBwIqBC8A
AAAwEgMHACoELwAADQMHACoELwAADjASAwcAKgQvAP8BAwcCKgQvAP8AAwcAKgQv
AP8GAwcBKgQvAP8IMA0GCSqGSIb3DQEBCwUAA4IBAQCsb/Z1AhwlENPvDDRI4SLZ
Wb3Ligok3dj4R2i1eSQUj3revJ0PPyYeWFBox4si+tb1GYrHkWPo5XhRAKgv3jrn
mFDez4Vf+kRlZlkoNBsMj+lVqkHeozKO1uamYCdKxvHIdOy+5jFo3vs41I6La89X
2KJW+xkb7T6ygqruuJv26b4iptRMmXSL2UEXj08TyzyRatOtnNjMNGQGWJuWJuCv
05nVqiTR7iHHkEthujFrTFl2ASc8RK0bgsoBa4nl5HKqtW2mQqZc6An3bQB2UV1Y
DBofMw4KGxYn66Wq3AP6nZ3xmDie+II4sx53u+BvCGkib4ISHtFOWmOlSOiX97T4
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:46 2024 by rpki-client on console-ams.rpki-client.org