Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/5mmFg8de5IZdzgrYHc_D84LoOs0.roa
File: 5mmFg8de5IZdzgrYHc_D84LoOs0.roa (raw, json)
Hash identifier: sHbD+nbc97c2uSNV4kjcNm2oJ4ULKEgm72b4hjX39pY=
Subject key identifier: E6:69:85:83:C7:5E:E4:86:5D:CE:0A:D8:1D:CF:C3:F3:82:E8:3A:CD
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01856CF85B7FB5581708F7EF90D4699BDAE1
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/5mmFg8de5IZdzgrYHc_D84LoOs0.roa
Signing time: Sun 01 Jan 2023 10:54:53 +0000
ROA not before: Sun 01 Jan 2023 10:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212588
IP address blocks: 82.118.237.0/24 maxlen: 24
2a01:8740:5::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:5b:7f:b5:58:17:08:f7:ef:90:d4:69:9b:da:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 1 10:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6698583c75ee4865dce0ad81dcfc3f382e83acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cd:ca:79:6b:46:b9:e8:47:0c:dd:25:bb:48:
57:8e:a7:c0:5f:ad:d6:ee:57:a8:4c:8e:de:57:81:
cf:57:e1:82:46:ca:d7:44:43:a1:1a:6e:48:e5:61:
c7:ab:76:4d:4c:04:9d:e2:cf:29:2b:43:95:c4:82:
27:83:91:02:82:30:f7:12:83:e8:7e:6a:ca:45:9c:
e0:81:4b:ca:cf:8b:b9:04:62:a5:cc:b3:a7:6d:1e:
16:4d:ad:15:0c:6a:51:9d:21:7a:8e:31:f7:93:8e:
c4:39:4d:bd:bd:ea:5b:6e:f9:d6:8d:c1:93:8a:3d:
fe:86:f4:d8:0c:45:cd:ac:fa:40:fc:5b:20:80:9d:
31:2b:69:5a:6f:47:a5:37:4f:9a:22:c3:6c:ba:1d:
c8:2f:7a:8f:af:16:c5:bf:b2:eb:92:59:47:f9:3c:
04:87:b9:12:eb:27:53:43:29:38:33:ef:d4:31:be:
11:ec:44:e2:76:a1:ed:f4:d2:45:74:ec:3f:94:70:
03:ab:4b:66:49:51:e9:ce:3c:e9:07:68:d8:6e:8d:
fe:dd:8d:a9:79:6b:6f:33:fb:1c:e8:25:fb:ee:37:
26:18:73:83:c0:a0:41:d7:c2:c2:da:be:f2:88:2d:
bd:09:62:ba:ae:d8:cc:27:62:33:c1:bb:44:a1:b1:
04:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:69:85:83:C7:5E:E4:86:5D:CE:0A:D8:1D:CF:C3:F3:82:E8:3A:CD
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/5mmFg8de5IZdzgrYHc_D84LoOs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.237.0/24
IPv6:
2a01:8740:5::/48
Signature Algorithm: sha256WithRSAEncryption
6d:7e:4a:9e:ef:0d:b6:8b:94:7f:d7:46:73:9e:a6:f7:d0:8f:
e5:de:71:6c:5f:1d:a1:58:ef:cc:6d:f5:c8:90:c2:92:f7:b1:
d9:2d:94:cd:5d:db:17:7d:f6:17:5c:f4:6a:3d:d2:46:37:7c:
56:f4:ec:3b:68:c2:08:47:f4:f4:72:93:ce:b4:6b:bd:28:49:
5f:47:11:4f:15:94:8f:9a:c1:3a:8a:22:c4:43:06:d6:3c:68:
9f:28:1e:3f:01:5d:05:72:7d:6e:fe:f9:3a:2a:00:9a:a5:27:
1a:71:a0:85:a9:d7:d9:0c:1a:4a:c2:97:c3:ce:f8:29:59:e8:
80:3a:51:ec:4c:e3:87:5c:ae:3b:f3:fd:bc:6b:ed:dd:70:6e:
bc:e6:22:1a:23:6b:fa:86:38:0a:b5:68:28:39:b0:eb:27:35:
af:38:77:77:6b:3e:d6:45:9c:96:97:34:38:9e:21:fd:70:39:
47:ef:0f:6d:60:ce:9b:5f:b1:59:13:b9:5f:a8:50:09:0c:cf:
4b:65:51:ea:66:23:84:81:10:ee:30:fd:a3:a4:79:3c:e1:97:
85:22:23:07:59:22:8b:e9:c9:72:4b:af:f6:30:40:f7:c0:c9:
e5:1c:b7:45:52:db:a2:66:e9:ba:41:de:46:21:3f:64:78:92:
ba:b4:a3:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs+Ft/tVgXCPfvkNRpm9rhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjMwMTAxMTA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY5ODU4M2M3NWVlNDg2NWRjZTBhZDgxZGNmYzNmMzgyZTgzYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs3KeWtGuehHDN0lu0hXjqfAX63W
7leoTI7eV4HPV+GCRsrXREOhGm5I5WHHq3ZNTASd4s8pK0OVxIIng5ECgjD3EoPo
fmrKRZzggUvKz4u5BGKlzLOnbR4WTa0VDGpRnSF6jjH3k47EOU29vepbbvnWjcGT
ij3+hvTYDEXNrPpA/FsggJ0xK2lab0elN0+aIsNsuh3IL3qPrxbFv7LrkllH+TwE
h7kS6ydTQyk4M+/UMb4R7ETidqHt9NJFdOw/lHADq0tmSVHpzjzpB2jYbo3+3Y2p
eWtvM/sc6CX77jcmGHODwKBB18LC2r7yiC29CWK6rtjMJ2IzwbtEobEEMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOZphYPHXuSGXc4K2B3Pw/OC6DrNMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvNW1tRmc4ZGU1SVpkemdyWUhjX0Q4NExvT3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUnbtMA8E
AgACMAkDBwAqAYdAAAUwDQYJKoZIhvcNAQELBQADggEBAG1+Sp7vDbaLlH/XRnOe
pvfQj+XecWxfHaFY78xt9ciQwpL3sdktlM1d2xd99hdc9Go90kY3fFb07DtowghH
9PRyk860a70oSV9HEU8VlI+awTqKIsRDBtY8aJ8oHj8BXQVyfW7++ToqAJqlJxpx
oIWp19kMGkrCl8PO+ClZ6IA6UexM44dcrjvz/bxr7d1wbrzmIhoja/qGOAq1aCg5
sOsnNa84d3drPtZFnJaXNDieIf1wOUfvD21gzptfsVkTuV+oUAkMz0tlUepmI4SB
EO4w/aOkeTzhl4UiIwdZIovpyXJLr/YwQPfAyeUct0VS26Jm6bpB3kYhP2R4krq0
o2I=
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:50 2024 by rpki-client on console-ams.rpki-client.org