Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/mH27srsNO8f2gpqQ5TDw7sNUjTI.roa
File: mH27srsNO8f2gpqQ5TDw7sNUjTI.roa (raw, json)
Hash identifier: WXNq9iQ//uGYc++4oRD9TR3QyW2umNfCuUQOTY0xwWI=
Subject key identifier: 98:7D:BB:B2:BB:0D:3B:C7:F6:82:9A:90:E5:30:F0:EE:C3:54:8D:32
Certificate issuer: /CN=14435c7fdc48289ec559f01ea51dac1723f091ed
Certificate serial: 01857246F60DAE9EA0760D35507D0A7734FD
Authority key identifier: 14:43:5C:7F:DC:48:28:9E:C5:59:F0:1E:A5:1D:AC:17:23:F0:91:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FENcf9xIKJ7FWfAepR2sFyPwke0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/mH27srsNO8f2gpqQ5TDw7sNUjTI.roa
Signing time: Mon 02 Jan 2023 11:38:51 +0000
ROA not before: Mon 02 Jan 2023 11:38:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59518
IP address blocks: 5.158.201.0/24 maxlen: 24
5.158.205.0/24 maxlen: 24
5.158.200.0/21 maxlen: 24
5.158.200.0/24 maxlen: 24
5.158.204.0/24 maxlen: 24
5.158.206.0/24 maxlen: 24
5.158.203.0/24 maxlen: 24
5.158.202.0/24 maxlen: 24
5.158.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:f6:0d:ae:9e:a0:76:0d:35:50:7d:0a:77:34:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14435c7fdc48289ec559f01ea51dac1723f091ed
Validity
Not Before: Jan 2 11:38:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=987dbbb2bb0d3bc7f6829a90e530f0eec3548d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e3:47:94:e0:26:ed:f1:d4:45:b3:14:c4:f2:
15:dd:a7:da:f4:cd:1c:ff:92:65:28:34:34:bc:ad:
86:04:6a:55:5f:77:46:08:37:fd:c8:8b:c3:0a:f2:
64:44:eb:4a:25:fc:4b:8d:5a:81:54:de:87:a2:30:
72:93:aa:3a:42:96:05:1e:a1:4d:ff:3d:e9:8e:32:
a3:56:d0:b4:38:f5:78:ce:03:35:dd:03:34:21:95:
37:bf:c3:bd:74:cf:48:7f:b0:22:81:fc:83:52:9d:
57:b5:3b:46:25:34:80:52:46:d9:d2:f6:7b:95:79:
fc:c2:fc:ec:c9:c9:28:45:66:00:fe:9d:00:84:2b:
de:6b:c4:a7:0c:3c:94:28:fe:cd:93:60:a7:c2:bd:
9f:fa:8b:30:cf:50:0c:61:58:21:d3:0a:50:71:78:
3b:38:ff:6c:b1:28:74:0f:da:04:ba:b1:bc:e7:5f:
ca:da:60:02:2e:d9:61:6e:c8:da:f9:c9:f3:c5:ac:
77:b5:8f:b5:28:80:59:6f:11:4b:da:db:a6:60:bc:
80:25:27:cb:af:b3:ba:68:54:07:b1:10:31:b9:06:
f8:5e:fb:58:16:73:cb:a3:c6:0e:d4:97:e8:e1:76:
72:8e:ed:ba:94:c0:ce:14:ff:db:df:6a:6d:bd:8f:
39:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:7D:BB:B2:BB:0D:3B:C7:F6:82:9A:90:E5:30:F0:EE:C3:54:8D:32
X509v3 Authority Key Identifier:
keyid:14:43:5C:7F:DC:48:28:9E:C5:59:F0:1E:A5:1D:AC:17:23:F0:91:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FENcf9xIKJ7FWfAepR2sFyPwke0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/mH27srsNO8f2gpqQ5TDw7sNUjTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a7fec4-df2d-45eb-8520-73c2740ea8bf/1/FENcf9xIKJ7FWfAepR2sFyPwke0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.200.0/21
Signature Algorithm: sha256WithRSAEncryption
73:1f:84:c1:11:a8:07:9e:24:1c:7c:c3:31:d6:36:89:c7:1f:
42:70:60:70:68:3d:8e:fc:18:00:41:fd:73:43:30:cf:ba:01:
b6:45:3c:55:b3:87:77:fb:c2:53:e9:a9:18:a7:f2:5b:15:d3:
90:20:cb:0a:8c:4e:9a:ce:27:d0:6e:8d:c6:fd:0c:fc:7c:0e:
e5:d6:1b:35:ad:86:d1:8d:72:ce:38:e8:bc:cb:8a:ee:4e:60:
42:52:1a:b4:e9:d9:4a:a4:87:09:69:79:03:58:26:12:69:8c:
4c:72:e0:2f:d9:68:07:4b:50:e1:7b:3e:fb:36:83:1a:6e:90:
ed:d4:58:fd:57:c4:cd:43:ee:36:e5:22:a4:5d:10:91:7a:98:
f2:cd:00:20:5d:68:fa:a9:92:83:bc:0f:d3:f3:40:96:2d:b4:
b2:61:20:63:d7:c9:00:7f:a3:67:43:84:74:86:d9:32:50:fd:
f2:33:16:bb:32:a2:f2:39:3e:41:c9:de:ca:0d:7b:3d:27:5b:
a1:07:3b:01:da:de:9a:2e:f2:30:99:16:88:e7:99:88:fe:19:
df:ef:fd:d1:0f:94:36:51:6a:ea:ef:0f:4d:1e:3b:1c:7a:6d:
02:12:36:c9:86:12:58:f3:d1:a2:15:1c:a7:12:b1:6d:86:4f:
c0:53:fd:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRvYNrp6gdg01UH0KdzT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NDM1YzdmZGM0ODI4OWVjNTU5ZjAxZWE1MWRhYzE3MjNm
MDkxZWQwHhcNMjMwMTAyMTEzODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODdkYmJiMmJiMGQzYmM3ZjY4MjlhOTBlNTMwZjBlZWMzNTQ4ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+NHlOAm7fHURbMUxPIV3afa9M0c
/5JlKDQ0vK2GBGpVX3dGCDf9yIvDCvJkROtKJfxLjVqBVN6HojByk6o6QpYFHqFN
/z3pjjKjVtC0OPV4zgM13QM0IZU3v8O9dM9If7AigfyDUp1XtTtGJTSAUkbZ0vZ7
lXn8wvzsyckoRWYA/p0AhCvea8SnDDyUKP7Nk2Cnwr2f+oswz1AMYVgh0wpQcXg7
OP9ssSh0D9oEurG851/K2mACLtlhbsja+cnzxax3tY+1KIBZbxFL2tumYLyAJSfL
r7O6aFQHsRAxuQb4XvtYFnPLo8YO1Jfo4XZyju26lMDOFP/b32ptvY85bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJh9u7K7DTvH9oKakOUw8O7DVI0yMB8GA1UdIwQY
MBaAFBRDXH/cSCiexVnwHqUdrBcj8JHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkVOY2Y5eElLSjdGV2ZBZXBSMnNGeVB3a2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hN2ZlYzQtZGYyZC00NWViLTg1MjAt
NzNjMjc0MGVhOGJmLzEvbUgyN3Nyc05POGYyZ3BxUTVURHc3c05ValRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hN2ZlYzQtZGYyZC00NWViLTg1MjAtNzNjMjc0MGVhOGJm
LzEvRkVOY2Y5eElLSjdGV2ZBZXBSMnNGeVB3a2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBZ7IMA0G
CSqGSIb3DQEBCwUAA4IBAQBzH4TBEagHniQcfMMx1jaJxx9CcGBwaD2O/BgAQf1z
QzDPugG2RTxVs4d3+8JT6akYp/JbFdOQIMsKjE6azifQbo3G/Qz8fA7l1hs1rYbR
jXLOOOi8y4ruTmBCUhq06dlKpIcJaXkDWCYSaYxMcuAv2WgHS1Dhez77NoMabpDt
1Fj9V8TNQ+425SKkXRCRepjyzQAgXWj6qZKDvA/T80CWLbSyYSBj18kAf6NnQ4R0
htkyUP3yMxa7MqLyOT5Byd7KDXs9J1uhBzsB2t6aLvIwmRaI55mI/hnf7/3RD5Q2
UWrq7w9NHjscem0CEjbJhhJY89GiFRynErFthk/AU/39
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:31 2024 by rpki-client on console-fra.rpki-client.org