Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/5lEqrzNMd0AeviWh94aj8C8Rt6Y.roa
File: 5lEqrzNMd0AeviWh94aj8C8Rt6Y.roa (raw, json)
Hash identifier: X55TqQPykEoP0IAWMSDkDu2yn2LFWtoqaQdOOdWYpd0=
Subject key identifier: E6:51:2A:AF:33:4C:77:40:1E:BE:25:A1:F7:86:A3:F0:2F:11:B7:A6
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 01880737AD05DDE036369EE6228370C98247
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/5lEqrzNMd0AeviWh94aj8C8Rt6Y.roa
Signing time: Wed 10 May 2023 19:51:09 +0000
ROA not before: Wed 10 May 2023 19:51:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.206.58.0/24 maxlen: 24
185.206.59.0/24 maxlen: 24
31.42.131.0/24 maxlen: 24
31.42.129.0/24 maxlen: 24
31.42.128.0/24 maxlen: 24
31.42.144.0/24 maxlen: 24
31.42.145.0/24 maxlen: 24
31.42.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:37:ad:05:dd:e0:36:36:9e:e6:22:83:70:c9:82:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: May 10 19:51:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6512aaf334c77401ebe25a1f786a3f02f11b7a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:91:09:fe:26:2c:12:8a:85:5d:9a:a0:38:d1:
4d:9e:a4:cd:ba:76:06:df:61:24:75:66:5e:09:cc:
f4:8e:2a:89:2a:71:d9:81:80:b8:1c:7c:ca:e4:28:
2d:63:c2:dc:b9:15:00:f9:c0:2d:ab:07:6d:d1:9e:
6f:4b:4b:fe:03:f0:79:bb:3f:2f:a5:3b:8e:2d:27:
8b:97:3d:c1:da:4f:6a:98:6b:d5:06:f4:a1:93:4f:
ff:2c:8d:28:94:ed:40:25:8e:79:64:1e:e9:48:d9:
06:7b:39:c9:70:70:28:9e:3b:d0:25:0f:fe:f6:ab:
48:1b:f3:92:2f:e8:d7:cd:81:cd:21:16:a3:86:f2:
70:37:c0:b4:98:89:5f:c5:8a:4b:e2:62:79:96:9e:
f8:dc:11:1f:28:3a:f1:20:84:2c:26:08:e4:13:63:
fb:10:ac:09:0e:99:74:22:df:aa:17:d8:5a:4a:7e:
35:3e:c2:c2:6e:14:a4:4c:5c:d9:b0:ac:3b:58:a4:
5e:4c:2c:80:a4:f7:f7:70:bd:0f:8a:56:eb:ba:a5:
1e:dd:5e:f8:ff:df:64:b9:af:e6:d6:5a:fc:1d:d6:
2c:2e:b3:4e:6a:ac:17:13:95:db:ad:06:50:fb:68:
09:ac:31:68:81:2e:7a:d4:70:16:2b:fa:94:f7:03:
7f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:51:2A:AF:33:4C:77:40:1E:BE:25:A1:F7:86:A3:F0:2F:11:B7:A6
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/5lEqrzNMd0AeviWh94aj8C8Rt6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/23
31.42.131.0/24
31.42.144.0/23
31.42.153.0/24
185.206.58.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:38:54:c3:2c:98:16:b8:06:6b:f0:b6:2b:7d:4e:35:c9:07:
ff:7b:b7:e8:0b:f1:a3:e5:24:36:99:35:61:f9:ab:0a:40:75:
62:ea:9e:b5:34:40:d3:db:3f:97:29:73:cb:74:19:4d:a0:9c:
da:73:05:b6:13:52:ee:59:70:91:4d:93:c1:34:5c:6a:2a:f7:
32:4c:7a:a7:97:f1:9b:80:44:e3:58:c1:17:c9:93:39:5c:7d:
bb:ed:b0:d1:d3:03:5b:b2:bd:5e:e2:13:b6:4f:4e:96:51:70:
d1:0e:ea:9e:8e:08:de:99:c0:99:cc:f7:22:93:45:ef:35:d0:
3a:9f:0b:4a:e3:7b:e2:76:de:0d:ac:e9:70:0d:49:ae:11:f1:
00:3b:47:ed:fc:d7:0e:21:13:d3:40:60:d2:9f:b4:99:6f:cc:
4e:e3:7b:15:0d:3a:3f:d1:cd:da:85:8f:5b:17:83:51:19:3f:
ae:65:a3:27:59:78:19:59:4c:56:e2:50:26:d3:bd:3d:bb:85:
ae:95:9a:83:c8:56:02:64:82:fd:42:e2:e8:d8:83:e6:fb:5b:
33:58:b1:89:71:ba:17:ec:b4:f9:07:26:8b:22:17:67:13:19:
1b:5b:a8:18:7f:39:02:57:b6:cd:9d:70:91:6e:29:bf:c5:c5:
21:96:19:19
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgHN60F3eA2Np7mIoNwyYJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjMwNTEwMTk1MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjUxMmFhZjMzNGM3NzQwMWViZTI1YTFmNzg2YTNmMDJmMTFiN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5EJ/iYsEoqFXZqgONFNnqTNunYG
32EkdWZeCcz0jiqJKnHZgYC4HHzK5CgtY8LcuRUA+cAtqwdt0Z5vS0v+A/B5uz8v
pTuOLSeLlz3B2k9qmGvVBvShk0//LI0olO1AJY55ZB7pSNkGeznJcHAonjvQJQ/+
9qtIG/OSL+jXzYHNIRajhvJwN8C0mIlfxYpL4mJ5lp743BEfKDrxIIQsJgjkE2P7
EKwJDpl0It+qF9haSn41PsLCbhSkTFzZsKw7WKReTCyApPf3cL0PilbruqUe3V74
/99kua/m1lr8HdYsLrNOaqwXE5XbrQZQ+2gJrDFogS561HAWK/qU9wN/mQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOZRKq8zTHdAHr4lofeGo/AvEbemMB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvNWxFcXJ6Tk1kMEFldmlXaDk0YWo4QzhSdDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHyqAAwQA
HyqDAwQBHyqQAwQAHyqZAwQBuc46MA0GCSqGSIb3DQEBCwUAA4IBAQB/OFTDLJgW
uAZr8LYrfU41yQf/e7foC/Gj5SQ2mTVh+asKQHVi6p61NEDT2z+XKXPLdBlNoJza
cwW2E1LuWXCRTZPBNFxqKvcyTHqnl/GbgETjWMEXyZM5XH277bDR0wNbsr1e4hO2
T06WUXDRDuqejgjemcCZzPcik0XvNdA6nwtK43vidt4NrOlwDUmuEfEAO0ft/NcO
IRPTQGDSn7SZb8xO43sVDTo/0c3ahY9bF4NRGT+uZaMnWXgZWUxW4lAm0709u4Wu
lZqDyFYCZIL9QuLo2IPm+1szWLGJcboX7LT5ByaLIhdnExkbW6gYfzkCV7bNnXCR
bim/xcUhlhkZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:41 2024 by rpki-client on console-ams.rpki-client.org