Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/9aDmi9UNDxJH-QflmzekC_dABuI.roa
File: 9aDmi9UNDxJH-QflmzekC_dABuI.roa (raw, json)
Hash identifier: ASpNh9rfvR77zIjbZsKu78mm/UyDx26iwevYN2jsrfE=
Subject key identifier: F5:A0:E6:8B:D5:0D:0F:12:47:F9:07:E5:9B:37:A4:0B:F7:40:06:E2
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 0187F09F537C79018E77C7BBD9B84B5AB381
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/9aDmi9UNDxJH-QflmzekC_dABuI.roa
Signing time: Sat 06 May 2023 10:33:06 +0000
ROA not before: Sat 06 May 2023 10:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60423
IP address blocks: 5.145.119.0/24 maxlen: 24
185.24.253.0/24 maxlen: 24
185.24.252.0/24 maxlen: 24
5.145.117.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
5.145.113.0/24 maxlen: 24
5.145.114.0/24 maxlen: 24
2a04:2f00::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:9f:53:7c:79:01:8e:77:c7:bb:d9:b8:4b:5a:b3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: May 6 10:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5a0e68bd50d0f1247f907e59b37a40bf74006e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d7:1a:34:5f:b7:60:cc:00:2f:42:cc:8d:99:
a7:90:6d:ac:ef:0b:61:af:42:d3:30:45:1c:58:15:
82:9a:a6:cb:7e:74:37:1d:e0:c6:45:4c:7f:d9:bd:
8c:f8:3b:8c:5f:53:00:92:18:ff:73:8c:b7:2c:52:
65:e9:e3:21:6f:59:59:7e:0d:b5:7e:94:10:62:3a:
80:4b:51:02:15:a3:cd:52:50:07:2b:ad:1d:de:8f:
8a:35:bb:41:bd:ce:ab:0b:93:f0:21:84:b3:4f:46:
79:24:2e:f0:9f:b9:82:8b:97:0c:f0:e9:02:21:c6:
d1:95:1a:df:d8:03:ec:e5:46:34:8a:aa:67:81:97:
2d:4d:70:71:2b:fb:62:e4:e4:ed:f6:ad:28:49:e2:
07:32:ff:eb:2e:82:b2:06:62:d9:de:29:59:96:a6:
85:25:0b:41:49:1f:09:bd:fa:4a:c5:9b:3f:12:40:
f4:ed:87:3f:d5:a4:1e:bc:ad:37:9c:fd:a1:8e:23:
de:f3:a9:32:2b:6f:10:96:49:ce:0d:59:79:d0:36:
42:87:40:af:7e:6c:53:62:d2:a7:79:68:8c:e9:b1:
b6:dc:f0:67:7c:66:ad:02:a0:7b:e9:c3:00:28:71:
e4:73:64:d1:c5:ef:a6:26:ca:92:aa:30:78:da:3d:
32:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A0:E6:8B:D5:0D:0F:12:47:F9:07:E5:9B:37:A4:0B:F7:40:06:E2
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/9aDmi9UNDxJH-QflmzekC_dABuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.113.0-5.145.114.255
5.145.117.0-5.145.119.255
185.24.252.0/23
IPv6:
2a04:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
10:5c:2a:78:23:f9:23:f3:42:9d:08:b0:07:c7:f7:05:3c:f1:
7b:b6:67:e8:81:e1:75:ef:90:61:94:c8:43:25:90:46:44:32:
47:09:fe:37:a9:5d:92:1d:0a:24:e8:c1:92:46:7e:10:8a:92:
14:ea:c4:66:01:99:08:1d:d5:25:65:b2:8e:fe:c7:aa:b5:8b:
98:3f:c2:5c:2d:45:ad:94:4e:9d:6e:e1:8c:8c:d9:0b:f7:b0:
f0:a7:43:f5:5b:18:69:7e:9e:7c:2f:7d:92:3d:b7:99:b4:3e:
2d:39:cf:be:cf:fc:78:0a:a6:81:b5:3b:81:5b:83:14:49:7c:
f1:01:c7:95:1c:1d:13:0d:6f:46:d9:39:c8:b4:61:14:47:79:
8d:96:60:bb:af:c5:10:2f:91:cb:5f:5c:2b:ff:a3:cf:06:83:
1e:ef:e1:d1:39:94:73:3a:44:82:01:76:2d:2f:ba:c6:20:9d:
22:11:70:72:c7:5e:55:aa:89:b6:84:29:88:ec:24:01:43:33:
f6:19:bb:04:54:8d:8c:7e:36:04:83:d2:1e:ff:15:44:c8:c7:
bc:02:3e:19:33:98:d2:f1:c4:92:e4:8c:ce:06:72:cd:28:8e:
6b:98:99:de:0d:51:94:c5:38:45:f9:42:f4:12:48:f7:50:f9:
a5:18:14:82
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYfwn1N8eQGOd8e72bhLWrOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjMwNTA2MTAzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWEwZTY4YmQ1MGQwZjEyNDdmOTA3ZTU5YjM3YTQwYmY3NDAwNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNcaNF+3YMwAL0LMjZmnkG2s7wth
r0LTMEUcWBWCmqbLfnQ3HeDGRUx/2b2M+DuMX1MAkhj/c4y3LFJl6eMhb1lZfg21
fpQQYjqAS1ECFaPNUlAHK60d3o+KNbtBvc6rC5PwIYSzT0Z5JC7wn7mCi5cM8OkC
IcbRlRrf2APs5UY0iqpngZctTXBxK/ti5OTt9q0oSeIHMv/rLoKyBmLZ3ilZlqaF
JQtBSR8JvfpKxZs/EkD07Yc/1aQevK03nP2hjiPe86kyK28QlknODVl50DZCh0Cv
fmxTYtKneWiM6bG23PBnfGatAqB76cMAKHHkc2TRxe+mJsqSqjB42j0y/QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPWg5ovVDQ8SR/kH5Zs3pAv3QAbiMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvOWFEbWk5VU5EeEpILVFmbG16ZWtDX2RBQnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAAFkXED
BAAFkXIwDAMEAAWRdQMEAwWRcAMEAbkY/DAPBAIAAjAJAwcAKgQvAAAAMA0GCSqG
SIb3DQEBCwUAA4IBAQAQXCp4I/kj80KdCLAHx/cFPPF7tmfogeF175BhlMhDJZBG
RDJHCf43qV2SHQok6MGSRn4QipIU6sRmAZkIHdUlZbKO/seqtYuYP8JcLUWtlE6d
buGMjNkL97Dwp0P1Wxhpfp58L32SPbeZtD4tOc++z/x4CqaBtTuBW4MUSXzxAceV
HB0TDW9G2TnItGEUR3mNlmC7r8UQL5HLX1wr/6PPBoMe7+HROZRzOkSCAXYtL7rG
IJ0iEXByx15Vqom2hCmI7CQBQzP2GbsEVI2MfjYEg9Ie/xVEyMe8Aj4ZM5jS8cSS
5IzOBnLNKI5rmJneDVGUxThF+UL0Ekj3UPmlGBSC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:13 2023 by rpki-client on console-ams.rpki-client.org