Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/HQs332RYdGQesGloI0aQMJ0Bh28.roa
File: HQs332RYdGQesGloI0aQMJ0Bh28.roa (raw, json)
Hash identifier: 4tWJmSvuhYaNTwGT+/OaDg4QvDXxJbxsvLKnICoJ77M=
Subject key identifier: 1D:0B:37:DF:64:58:74:64:1E:B0:69:68:23:46:90:30:9D:01:87:6F
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0186C48FF15D5DD34F910AA0CB2AAF6766D3
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/HQs332RYdGQesGloI0aQMJ0Bh28.roa
Signing time: Thu 09 Mar 2023 04:10:13 +0000
ROA not before: Thu 09 Mar 2023 04:10:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41436
IP address blocks: 83.229.83.0/24 maxlen: 24
83.229.82.0/24 maxlen: 24
63.250.56.0/24 maxlen: 24
63.250.57.0/24 maxlen: 24
185.220.204.0/24 maxlen: 24
185.220.205.0/24 maxlen: 24
195.238.121.0/24 maxlen: 24
45.91.168.0/24 maxlen: 24
45.91.169.0/24 maxlen: 24
194.146.38.0/24 maxlen: 24
194.146.39.0/24 maxlen: 24
5.180.180.0/24 maxlen: 24
5.180.182.0/24 maxlen: 24
5.180.183.0/24 maxlen: 24
5.180.181.0/24 maxlen: 24
2a06:c5c0:200::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c4:8f:f1:5d:5d:d3:4f:91:0a:a0:cb:2a:af:67:66:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Mar 9 04:10:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0b37df645874641eb06968234690309d01876f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4f:8b:e6:79:c3:93:09:29:59:bb:3c:95:40:
27:4c:5c:9c:0a:ca:9b:1c:45:b7:39:9f:15:06:0b:
e2:b7:70:0b:07:80:99:04:5e:cd:51:2d:e0:2b:ce:
04:77:a9:e9:57:4c:ae:fb:48:ed:98:4c:6b:6a:24:
52:25:88:3e:a3:60:44:89:aa:38:79:fd:be:9f:0f:
48:10:35:05:7f:c5:de:3a:94:5d:13:43:95:86:1c:
ce:4d:af:e2:48:ef:c8:c1:78:83:06:bb:c8:5f:bb:
ec:5c:0f:9b:e6:17:2f:34:56:4a:22:fb:c4:21:c9:
7c:51:9e:6b:76:39:1c:f6:6b:09:9e:0e:d8:d9:fb:
bb:55:e9:ed:a3:b1:d6:2a:ae:94:dd:73:b5:db:9b:
18:01:58:c7:56:6c:4f:7d:e8:6c:f8:b2:57:45:38:
1e:ca:f0:af:39:68:15:23:de:c2:f2:f0:e8:8a:d2:
30:ed:5c:15:ea:10:e2:85:b3:e9:34:85:90:44:02:
2b:98:2e:60:31:96:37:e7:45:88:bc:82:75:95:08:
68:3e:a8:df:92:54:12:46:16:18:05:4b:a9:cc:8a:
44:aa:c1:03:61:1b:37:43:4c:4d:a0:5a:99:90:2e:
cb:5d:95:87:03:f9:3c:85:20:9d:46:aa:bc:02:6a:
a7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0B:37:DF:64:58:74:64:1E:B0:69:68:23:46:90:30:9D:01:87:6F
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/HQs332RYdGQesGloI0aQMJ0Bh28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.180.0/22
45.91.168.0/23
63.250.56.0/23
83.229.82.0/23
185.220.204.0/23
194.146.38.0/23
195.238.121.0/24
IPv6:
2a06:c5c0:200::/48
Signature Algorithm: sha256WithRSAEncryption
2f:06:15:8c:36:5e:0f:8a:1c:5d:47:56:5a:10:bf:cf:98:43:
53:84:be:4e:c3:5c:2f:2f:8b:94:ed:25:bf:5d:40:59:19:cb:
fc:23:02:af:55:d5:0a:9c:da:34:39:d3:06:3b:72:c7:0b:ec:
64:9e:30:89:b8:2e:75:2f:43:4d:83:42:fa:6e:f7:03:65:95:
6b:a8:11:0c:a5:81:8d:e5:ff:b5:80:b7:46:cd:4d:82:da:c8:
ec:e0:fe:f5:4b:9f:f8:21:05:38:0d:7a:ef:37:ae:11:b9:81:
1b:ff:04:ab:d7:28:b9:51:7d:57:8b:57:d6:66:26:d9:c7:ba:
95:ac:88:c4:23:3f:cb:e7:46:43:c8:40:bd:d9:d2:a6:d6:71:
f5:b9:a0:56:35:47:d6:2a:75:aa:c3:7d:30:c9:c5:cb:c4:4e:
6e:3f:a0:b3:a7:7a:26:ea:2b:f0:3b:27:03:66:18:fa:e0:b8:
cb:1c:1b:a6:9b:cc:a7:55:e5:24:4a:96:87:4b:b6:70:f9:4f:
fe:33:2e:4b:37:e3:b3:d9:b8:a8:fe:92:46:8f:3a:54:57:b8:
56:71:9b:95:e2:8e:80:75:18:be:3a:90:22:2a:a6:89:78:2c:
b9:c6:05:73:18:70:7b:c1:8a:a5:39:b4:a1:5e:c6:7f:96:60:
b6:56:ad:9e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYbEj/FdXdNPkQqgyyqvZ2bTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMwMzA5MDQxMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBiMzdkZjY0NTg3NDY0MWViMDY5NjgyMzQ2OTAzMDlkMDE4NzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0+L5nnDkwkpWbs8lUAnTFycCsqb
HEW3OZ8VBgvit3ALB4CZBF7NUS3gK84Ed6npV0yu+0jtmExraiRSJYg+o2BEiao4
ef2+nw9IEDUFf8XeOpRdE0OVhhzOTa/iSO/IwXiDBrvIX7vsXA+b5hcvNFZKIvvE
Icl8UZ5rdjkc9msJng7Y2fu7Vento7HWKq6U3XO125sYAVjHVmxPfehs+LJXRTge
yvCvOWgVI97C8vDoitIw7VwV6hDihbPpNIWQRAIrmC5gMZY350WIvIJ1lQhoPqjf
klQSRhYYBUupzIpEqsEDYRs3Q0xNoFqZkC7LXZWHA/k8hSCdRqq8Amqn1wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFB0LN99kWHRkHrBpaCNGkDCdAYdvMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvSFFzMzMyUllkR1Flc0dsb0kwYVFNSjBCaDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQCBbS0AwQB
LVuoAwQBP/o4AwQBU+VSAwQBudzMAwQBwpImAwQAw+55MA8EAgACMAkDBwAqBsXA
AgAwDQYJKoZIhvcNAQELBQADggEBAC8GFYw2Xg+KHF1HVloQv8+YQ1OEvk7DXC8v
i5TtJb9dQFkZy/wjAq9V1Qqc2jQ50wY7cscL7GSeMIm4LnUvQ02DQvpu9wNllWuo
EQylgY3l/7WAt0bNTYLayOzg/vVLn/ghBTgNeu83rhG5gRv/BKvXKLlRfVeLV9Zm
JtnHupWsiMQjP8vnRkPIQL3Z0qbWcfW5oFY1R9YqdarDfTDJxcvETm4/oLOneibq
K/A7JwNmGPrguMscG6abzKdV5SRKlodLtnD5T/4zLks347PZuKj+kkaPOlRXuFZx
m5XijoB1GL46kCIqpol4LLnGBXMYcHvBiqU5tKFexn+WYLZWrZ4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:31 2023 by rpki-client on console-fra.rpki-client.org