Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/5a7jj3zfn_mHWqY5uNCzYge8Wfg.roa
File: 5a7jj3zfn_mHWqY5uNCzYge8Wfg.roa (raw, json)
Hash identifier: pOHUxYsbgU3oUoJz5LHc1Z8xTlmYkjMdLs0apYgmKmw=
Subject key identifier: E5:AE:E3:8F:7C:DF:9F:F9:87:5A:A6:39:B8:D0:B3:62:07:BC:59:F8
Certificate issuer: /CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Certificate serial: 01857169BFAC8104B7FE59216A5ECD44FFCE
Authority key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/5a7jj3zfn_mHWqY5uNCzYge8Wfg.roa
Signing time: Mon 02 Jan 2023 07:37:13 +0000
ROA not before: Mon 02 Jan 2023 07:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 193.111.200.0/24 maxlen: 24
109.224.233.0/24 maxlen: 24
195.74.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:bf:ac:81:04:b7:fe:59:21:6a:5e:cd:44:ff:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Validity
Not Before: Jan 2 07:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5aee38f7cdf9ff9875aa639b8d0b36207bc59f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:40:98:19:09:56:1d:71:85:18:9b:77:58:b0:
a8:0f:c1:8f:b7:e5:94:83:89:8f:0e:27:ee:53:9f:
4b:ba:46:b0:71:32:3d:3a:35:f6:ad:2f:86:15:0a:
fd:26:1d:bd:c4:50:d3:bc:bb:2b:d6:4a:46:2f:7e:
9f:d9:86:9c:07:86:12:c2:d4:4b:31:0e:92:10:de:
a2:7f:1a:b7:0a:a0:1c:07:c4:a9:4e:f0:76:63:a6:
8f:1a:72:5e:32:9f:1f:57:f1:0c:69:44:c9:99:21:
6c:18:72:bc:51:be:3e:5a:93:71:7c:64:ca:a4:25:
27:06:27:9e:e5:b6:cb:69:e6:cd:82:ee:2b:b6:6a:
7e:3f:4b:cb:9b:79:df:ad:6a:9b:3d:97:18:07:c2:
80:42:6c:d2:27:13:79:4c:58:38:d4:4a:79:11:a9:
70:2c:e2:9d:14:dc:cc:7f:24:90:06:58:86:d0:6c:
b1:83:ab:c5:c7:d3:2c:5d:d8:81:70:4d:0b:6e:ed:
9a:06:ae:df:7a:68:87:ab:e3:5c:09:a2:3d:af:e1:
77:62:ad:88:25:fd:bb:05:71:52:6e:b7:49:0d:4c:
ca:e0:49:b2:3b:d3:79:57:79:7e:af:f4:aa:06:96:
62:eb:8c:ae:0c:9d:05:e4:fc:91:a9:ce:eb:09:7b:
6a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AE:E3:8F:7C:DF:9F:F9:87:5A:A6:39:B8:D0:B3:62:07:BC:59:F8
X509v3 Authority Key Identifier:
keyid:02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/5a7jj3zfn_mHWqY5uNCzYge8Wfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.233.0/24
193.111.200.0/24
195.74.60.0/24
Signature Algorithm: sha256WithRSAEncryption
69:f2:8c:a8:71:06:08:60:2d:de:aa:6f:08:c7:fc:04:9d:7e:
f8:d9:c3:9a:54:b0:ab:cc:a2:33:d9:86:90:7c:ae:28:11:60:
ca:ef:d7:c7:f1:d6:c4:b9:48:8f:59:e4:de:25:ec:96:ad:3a:
27:4c:15:08:1f:e0:c2:c2:d3:4e:9f:11:04:90:c3:9a:8f:d5:
68:96:d4:2f:af:cd:af:e8:5b:7d:d9:13:64:14:3f:a5:4b:f9:
ea:7f:6c:0c:a3:d3:af:0f:fe:47:76:46:a6:b9:57:db:a5:55:
cf:9a:21:17:c5:69:22:1a:e8:4f:e7:57:47:99:0c:07:86:18:
2c:2f:a9:ef:b0:fe:ac:f0:78:69:68:59:b8:0c:2d:1c:5c:31:
c4:13:ae:cf:fc:c6:fa:e2:f9:cf:f9:13:a3:71:47:81:51:e9:
66:0f:c7:24:3e:53:29:fd:10:5c:97:11:95:8b:3a:b8:4e:89:
4b:92:16:1f:56:b2:0c:f6:c3:4b:41:38:2b:3b:c6:90:3a:ff:
78:3c:ac:b1:36:d7:c1:f9:d9:b5:74:fa:9f:e0:80:68:68:b6:
b8:ef:fe:b5:41:4f:39:b2:0e:ab:15:cc:29:83:25:4d:0e:7c:
13:b9:3b:15:5e:45:2c:09:c8:bf:d8:55:24:b5:a7:5b:de:83:
6f:2b:dd:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxab+sgQS3/lkhal7NRP/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjk4MGMxMGQ3MTEwZjkxZmZmOWUwZWNlYjYzOWQ5ZTc1
YjM1ZTIwHhcNMjMwMTAyMDczNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFlZTM4ZjdjZGY5ZmY5ODc1YWE2MzliOGQwYjM2MjA3YmM1OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0CYGQlWHXGFGJt3WLCoD8GPt+WU
g4mPDifuU59LukawcTI9OjX2rS+GFQr9Jh29xFDTvLsr1kpGL36f2YacB4YSwtRL
MQ6SEN6ifxq3CqAcB8SpTvB2Y6aPGnJeMp8fV/EMaUTJmSFsGHK8Ub4+WpNxfGTK
pCUnBiee5bbLaebNgu4rtmp+P0vLm3nfrWqbPZcYB8KAQmzSJxN5TFg41Ep5Ealw
LOKdFNzMfySQBliG0Gyxg6vFx9MsXdiBcE0Lbu2aBq7femiHq+NcCaI9r+F3Yq2I
Jf27BXFSbrdJDUzK4EmyO9N5V3l+r/SqBpZi64yuDJ0F5PyRqc7rCXtquQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOWu449835/5h1qmObjQs2IHvFn4MB8GA1UdIwQY
MBaAFAK5gMENcRD5H/+eDs62OdnnWzXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUt
NzBjMGE1MDZkNzk3LzEvNWE3amozemZuX21IV3FZNXVOQ3pZZ2U4V2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUtNzBjMGE1MDZkNzk3
LzEvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDpAwQA
wW/IAwQAw0o8MA0GCSqGSIb3DQEBCwUAA4IBAQBp8oyocQYIYC3eqm8Ix/wEnX74
2cOaVLCrzKIz2YaQfK4oEWDK79fH8dbEuUiPWeTeJeyWrTonTBUIH+DCwtNOnxEE
kMOaj9VoltQvr82v6Ft92RNkFD+lS/nqf2wMo9OvD/5HdkamuVfbpVXPmiEXxWki
GuhP51dHmQwHhhgsL6nvsP6s8HhpaFm4DC0cXDHEE67P/Mb64vnP+ROjcUeBUelm
D8ckPlMp/RBclxGVizq4TolLkhYfVrIM9sNLQTgrO8aQOv94PKyxNtfB+dm1dPqf
4IBoaLa47/61QU85sg6rFcwpgyVNDnwTuTsVXkUsCci/2FUktadb3oNvK93y
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:33 2024 by rpki-client on console-fra.rpki-client.org