Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/0fWJfr_GEwtfjCDNHSzuW-7MNCE.roa
File: 0fWJfr_GEwtfjCDNHSzuW-7MNCE.roa (raw, json)
Hash identifier: 0lO4RzOJ+mOrxXTEmg5jxpr6m+KHhLFlrAdB0znyIO0=
Subject key identifier: D1:F5:89:7E:BF:C6:13:0B:5F:8C:20:CD:1D:2C:EE:5B:EE:CC:34:21
Certificate issuer: /CN=5b70f736a4b0524a476f6f1be2964ae99b64789f
Certificate serial: 018AEFEB7436F8010398924F7E659BC98AB1
Authority key identifier: 5B:70:F7:36:A4:B0:52:4A:47:6F:6F:1B:E2:96:4A:E9:9B:64:78:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/0fWJfr_GEwtfjCDNHSzuW-7MNCE.roa
Signing time: Mon 02 Oct 2023 10:24:59 +0000
ROA not before: Mon 02 Oct 2023 10:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5378
IP address blocks: 83.146.0.0/22 maxlen: 22
83.146.4.0/23 maxlen: 23
83.146.0.0/18 maxlen: 18
87.74.0.0/15 maxlen: 15
212.158.192.0/18 maxlen: 18
87.75.240.0/23 maxlen: 23
87.75.242.0/23 maxlen: 23
87.75.244.0/22 maxlen: 22
87.75.248.0/22 maxlen: 22
84.9.0.0/16 maxlen: 16
87.75.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 03 Oct 2023 14:27:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:eb:74:36:f8:01:03:98:92:4f:7e:65:9b:c9:8a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b70f736a4b0524a476f6f1be2964ae99b64789f
Validity
Not Before: Oct 2 10:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1f5897ebfc6130b5f8c20cd1d2cee5beecc3421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:08:ea:12:77:bb:7c:25:37:9b:54:06:cc:e1:
60:a4:da:85:df:1f:a4:b2:2f:de:46:f0:fe:af:86:
b1:b2:b4:58:f5:f8:6f:b0:c7:81:10:bc:2e:23:11:
d8:4e:99:1f:16:74:00:a7:2c:91:08:b4:98:5f:b4:
8e:ba:61:4c:3a:b0:dc:9a:5f:69:f9:f1:bd:d7:aa:
c0:d2:27:0f:23:63:bf:7a:6d:f0:a1:6e:e6:82:45:
bd:e1:aa:40:03:e6:46:ed:7b:d2:4e:04:9c:1d:9b:
1d:cf:3c:b8:45:1f:af:66:75:9b:97:76:ea:cb:6a:
9b:39:22:53:4d:27:6e:6f:53:3a:87:ee:f5:ee:09:
04:78:c3:57:69:fd:91:79:1f:12:6d:2b:81:60:83:
b9:97:c0:73:e9:b4:55:2e:39:bc:e0:3e:7a:57:a9:
45:28:e3:03:04:3e:a7:51:de:9f:a3:0c:b4:ae:8f:
7f:ca:dc:51:62:b3:73:1c:fe:97:66:df:74:a6:d0:
f6:9f:81:07:a8:36:ad:c6:24:f5:a3:ae:0d:d7:33:
ec:93:92:7d:05:37:09:8a:1d:11:d0:1a:02:6a:75:
7f:a1:19:8c:59:da:04:87:74:53:82:bd:a2:5a:e6:
fc:30:f0:35:0e:36:f9:86:7b:6d:76:00:9f:e4:c0:
37:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F5:89:7E:BF:C6:13:0B:5F:8C:20:CD:1D:2C:EE:5B:EE:CC:34:21
X509v3 Authority Key Identifier:
keyid:5B:70:F7:36:A4:B0:52:4A:47:6F:6F:1B:E2:96:4A:E9:9B:64:78:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/0fWJfr_GEwtfjCDNHSzuW-7MNCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9a3846-85d9-4d94-9eb0-29784d7b68a2/1/W3D3NqSwUkpHb28b4pZK6ZtkeJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.146.0.0/18
84.9.0.0/16
87.74.0.0/15
212.158.192.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:e1:22:20:60:a4:b8:76:9c:de:ce:55:5c:9f:ef:0d:d6:67:
3f:df:34:ce:b5:39:ed:fe:ed:9f:f1:32:92:2f:22:c3:d3:bf:
ce:85:8b:4c:b6:c9:81:88:bb:f0:7c:46:09:ab:c4:4a:07:f7:
4d:d1:59:2a:9a:30:60:fe:36:a7:d2:ea:1f:87:7d:64:fc:2a:
68:1e:c0:c2:90:bf:4e:07:81:39:61:33:c5:a4:fe:6e:ba:f5:
d2:25:d2:b6:14:44:4c:b6:1b:ba:dc:3b:7d:c1:cb:52:0c:af:
ef:19:67:0a:e6:7c:f5:a3:4e:60:ba:5e:88:ff:27:91:68:fb:
db:b5:66:72:32:3d:94:75:54:2f:79:02:ae:62:f6:5c:b9:57:
75:19:40:ae:ca:51:ff:50:05:ee:6d:08:40:1a:3d:0c:81:d9:
b2:77:de:6b:bf:ac:59:9e:7b:e8:e9:ab:64:12:b9:9a:c6:4d:
60:49:bc:a6:ed:d0:13:c7:89:5f:54:e9:aa:e7:3b:0c:2c:5a:
29:4a:f8:0a:d7:72:be:3f:ef:97:3b:75:bd:bd:e5:45:72:bb:
49:58:69:b4:5a:c1:81:bc:e9:58:a3:cb:08:2e:71:c7:44:9f:
49:d7:61:1b:9d:bb:35:1e:bc:ca:fa:c3:74:2c:37:de:34:e9:
94:79:89:b6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYrv63Q2+AEDmJJPfmWbyYqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNzBmNzM2YTRiMDUyNGE0NzZmNmYxYmUyOTY0YWU5OWI2
NDc4OWYwHhcNMjMxMDAyMTAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY1ODk3ZWJmYzYxMzBiNWY4YzIwY2QxZDJjZWU1YmVlY2MzNDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQjqEne7fCU3m1QGzOFgpNqF3x+k
si/eRvD+r4axsrRY9fhvsMeBELwuIxHYTpkfFnQApyyRCLSYX7SOumFMOrDcml9p
+fG916rA0icPI2O/em3woW7mgkW94apAA+ZG7XvSTgScHZsdzzy4RR+vZnWbl3bq
y2qbOSJTTSdub1M6h+717gkEeMNXaf2ReR8SbSuBYIO5l8Bz6bRVLjm84D56V6lF
KOMDBD6nUd6fowy0ro9/ytxRYrNzHP6XZt90ptD2n4EHqDatxiT1o64N1zPsk5J9
BTcJih0R0BoCanV/oRmMWdoEh3RTgr2iWub8MPA1Djb5hnttdgCf5MA3BQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNH1iX6/xhMLX4wgzR0s7lvuzDQhMB8GA1UdIwQY
MBaAFFtw9zaksFJKR29vG+KWSumbZHifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzNEM05xU3dVa3BIYjI4YjRwWks2WnRrZUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YTM4NDYtODVkOS00ZDk0LTllYjAt
Mjk3ODRkN2I2OGEyLzEvMGZXSmZyX0dFd3RmakNETkhTenVXLTdNTkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YTM4NDYtODVkOS00ZDk0LTllYjAtMjk3ODRkN2I2OGEy
LzEvVzNEM05xU3dVa3BIYjI4YjRwWks2WnRrZUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwQGU5IAAwMA
VAkDAwFXSgMEBtSewDANBgkqhkiG9w0BAQsFAAOCAQEAH+EiIGCkuHac3s5VXJ/v
DdZnP980zrU57f7tn/Eyki8iw9O/zoWLTLbJgYi78HxGCavESgf3TdFZKpowYP42
p9LqH4d9ZPwqaB7AwpC/TgeBOWEzxaT+brr10iXSthRETLYbutw7fcHLUgyv7xln
CuZ89aNOYLpeiP8nkWj727VmcjI9lHVUL3kCrmL2XLlXdRlArspR/1AF7m0IQBo9
DIHZsnfea7+sWZ576OmrZBK5msZNYEm8pu3QE8eJX1Tpquc7DCxaKUr4Ctdyvj/v
lzt1vb3lRXK7SVhptFrBgbzpWKPLCC5xx0SfSddhG527NR68yvrDdCw33jTplHmJ
tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org