Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/d5gomSYcJALVeoF7e-nA3LnJil8.roa
File: d5gomSYcJALVeoF7e-nA3LnJil8.roa (raw, json)
Hash identifier: 3d07tCRbgPASAdHgVdhImOQb7Ah/V2WMnh4CkS8C9IA=
Subject key identifier: 77:98:28:99:26:1C:24:02:D5:7A:81:7B:7B:E9:C0:DC:B9:C9:8A:5F
Certificate issuer: /CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Certificate serial: 01856DC1EA8CD9BD7C9057552544F2789253
Authority key identifier: F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/d5gomSYcJALVeoF7e-nA3LnJil8.roa
Signing time: Sun 01 Jan 2023 14:35:03 +0000
ROA not before: Sun 01 Jan 2023 14:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210892
IP address blocks: 79.135.124.0/24 maxlen: 24
79.135.126.0/24 maxlen: 24
5.1.45.0/24 maxlen: 24
109.224.223.0/24 maxlen: 24
2a11:2b07:f003::/48 maxlen: 48
2a11:2b07:f000::/48 maxlen: 48
2a11:2b07:f002::/48 maxlen: 48
2a11:2b07:f001::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:ea:8c:d9:bd:7c:90:57:55:25:44:f2:78:92:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2d593b1c87b81739ec41910295bf385f2c9a992
Validity
Not Before: Jan 1 14:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77982899261c2402d57a817b7be9c0dcb9c98a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:74:34:a3:f4:02:a9:ed:92:07:ff:9c:44:
93:10:d0:b5:24:87:28:b2:17:22:d4:2a:09:fb:14:
1e:ae:8b:e7:a4:79:50:a3:e6:af:c9:09:35:05:f1:
b6:fe:af:b6:68:c2:3a:f6:f1:a9:10:95:4a:6b:48:
8c:76:08:79:2f:3f:ad:8f:b6:51:fa:c0:f8:97:fc:
64:63:69:f3:97:56:41:c7:20:cd:55:bc:ec:b2:c5:
d3:56:70:14:92:a5:d6:6d:d5:9d:46:87:a5:77:b7:
75:0c:7a:3e:5a:52:fd:d2:5d:72:c1:9a:95:f9:f5:
5f:30:fa:87:dc:ff:d9:5e:47:54:4b:5a:9c:fd:a1:
0e:24:47:78:76:41:68:b5:20:a8:e7:ed:fd:89:6e:
72:af:f9:f0:89:60:3c:c2:a2:3d:49:5d:89:5f:ed:
e4:70:ae:4c:3d:ff:aa:2f:c2:90:f1:66:2a:45:37:
72:17:bf:21:d5:34:ff:be:c4:0f:5d:00:11:23:3c:
52:6f:50:7b:ef:c1:f8:55:2b:58:34:05:03:3b:34:
13:f4:9a:d3:c6:94:8f:62:5e:0b:9f:d2:b3:21:51:
14:6b:a7:b4:eb:09:0b:13:fd:45:d0:09:6d:3b:f4:
da:fb:2d:27:1d:f2:90:ef:13:c5:8c:59:0b:fa:5a:
04:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:98:28:99:26:1C:24:02:D5:7A:81:7B:7B:E9:C0:DC:B9:C9:8A:5F
X509v3 Authority Key Identifier:
keyid:F2:D5:93:B1:C8:7B:81:73:9E:C4:19:10:29:5B:F3:85:F2:C9:A9:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8tWTsch7gXOexBkQKVvzhfLJqZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/d5gomSYcJALVeoF7e-nA3LnJil8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/9391a6-dd3f-4933-9da2-9b8d68ee87fc/1/8tWTsch7gXOexBkQKVvzhfLJqZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.45.0/24
79.135.124.0/24
79.135.126.0/24
109.224.223.0/24
IPv6:
2a11:2b07:f000::/46
Signature Algorithm: sha256WithRSAEncryption
00:48:e2:97:40:20:b5:a0:b0:76:5f:cd:f3:d7:4f:da:82:d2:
22:5b:9f:87:70:5c:d6:61:35:5e:9d:61:89:14:5c:bb:70:c7:
1f:27:47:eb:83:a9:c2:9c:1f:9c:c6:7d:29:49:ad:78:de:4b:
c2:c3:07:0c:6a:eb:eb:a3:98:21:74:ae:8f:2a:1a:90:21:2d:
70:95:d2:b9:cc:c6:4f:36:85:7a:a1:2e:b7:ea:3c:0c:a0:a0:
5b:53:d0:3e:e3:db:86:64:40:22:10:02:b3:75:bc:72:35:51:
d2:32:4f:de:4d:36:31:56:0e:3f:8d:95:44:89:a7:8d:f7:92:
5d:1e:69:45:75:46:21:f7:42:3b:11:86:dd:ee:e0:b2:d8:1f:
12:ad:eb:ea:b7:9f:76:08:e8:a3:b0:e2:9c:b1:b4:f2:60:4d:
44:46:0a:28:8f:f2:3f:ac:36:7f:4f:fe:54:32:2a:b8:37:be:
8c:07:b9:5d:98:d8:53:21:8d:b6:6f:e8:d1:0c:60:36:d1:1f:
4d:f2:c8:6e:7d:97:8e:30:c1:cf:cd:da:37:65:50:12:c3:fa:
3f:fa:ba:dc:75:39:07:23:45:31:5f:8d:e6:2c:06:f1:07:50:
0d:bc:16:f2:e3:94:d5:78:7e:bb:52:5f:b0:2e:1b:98:aa:c5:
5c:49:d4:85
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVtweqM2b18kFdVJUTyeJJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZDU5M2IxYzg3YjgxNzM5ZWM0MTkxMDI5NWJmMzg1ZjJj
OWE5OTIwHhcNMjMwMTAxMTQzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Nzk4Mjg5OTI2MWMyNDAyZDU3YTgxN2I3YmU5YzBkY2I5Yzk4YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBd0NKP0Aqntkgf/nESTENC1JIco
shci1CoJ+xQerovnpHlQo+avyQk1BfG2/q+2aMI69vGpEJVKa0iMdgh5Lz+tj7ZR
+sD4l/xkY2nzl1ZBxyDNVbzsssXTVnAUkqXWbdWdRoeld7d1DHo+WlL90l1ywZqV
+fVfMPqH3P/ZXkdUS1qc/aEOJEd4dkFotSCo5+39iW5yr/nwiWA8wqI9SV2JX+3k
cK5MPf+qL8KQ8WYqRTdyF78h1TT/vsQPXQARIzxSb1B778H4VStYNAUDOzQT9JrT
xpSPYl4Ln9KzIVEUa6e06wkLE/1F0AltO/Ta+y0nHfKQ7xPFjFkL+loEXwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHeYKJkmHCQC1XqBe3vpwNy5yYpfMB8GA1UdIwQY
MBaAFPLVk7HIe4FznsQZEClb84XyyamSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTIt
OWI4ZDY4ZWU4N2ZjLzEvZDVnb21TWWNKQUxWZW9GN2UtbkEzTG5KaWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS85MzkxYTYtZGQzZi00OTMzLTlkYTItOWI4ZDY4ZWU4N2Zj
LzEvOHRXVHNjaDdnWE9leEJrUUtWdnpoZkxKcVpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQABQEtAwQA
T4d8AwQAT4d+AwQAbeDfMA8EAgACMAkDBwIqESsH8AAwDQYJKoZIhvcNAQELBQAD
ggEBAABI4pdAILWgsHZfzfPXT9qC0iJbn4dwXNZhNV6dYYkUXLtwxx8nR+uDqcKc
H5zGfSlJrXjeS8LDBwxq6+ujmCF0ro8qGpAhLXCV0rnMxk82hXqhLrfqPAygoFtT
0D7j24ZkQCIQArN1vHI1UdIyT95NNjFWDj+NlUSJp433kl0eaUV1RiH3QjsRht3u
4LLYHxKt6+q3n3YI6KOw4pyxtPJgTURGCiiP8j+sNn9P/lQyKrg3vowHuV2Y2FMh
jbZv6NEMYDbRH03yyG59l44wwc/N2jdlUBLD+j/6utx1OQcjRTFfjeYsBvEHUA28
FvLjlNV4frtSX7AuG5iqxVxJ1IU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:55 2023 by rpki-client on console-ams.rpki-client.org