Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d2OxQoQwGWikgXtW0v0zoOIlIyc.roa
File: d2OxQoQwGWikgXtW0v0zoOIlIyc.roa (raw, json)
Hash identifier: 51wUJ3gmsDIzIpuaFBpHAqLUDiRM5gU2XvOX3ANEAWQ=
Subject key identifier: 77:63:B1:42:84:30:19:68:A4:81:7B:56:D2:FD:33:A0:E2:25:23:27
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 018B0E82A1D2DE8BB342AA0402095DA80BAA
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d2OxQoQwGWikgXtW0v0zoOIlIyc.roa
Signing time: Sun 08 Oct 2023 08:58:43 +0000
ROA not before: Sun 08 Oct 2023 08:58:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36007
IP address blocks: 103.13.211.0/24 maxlen: 24
45.91.171.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.241.67.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
2a06:c5c0:1700::/48 maxlen: 48
2a06:c5c0:1600::/48 maxlen: 48
2a06:c5c0:1500::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0e:82:a1:d2:de:8b:b3:42:aa:04:02:09:5d:a8:0b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Oct 8 08:58:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7763b14284301968a4817b56d2fd33a0e2252327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a3:f3:3f:43:7b:eb:21:22:7a:49:07:bd:3a:
b9:70:e2:b0:35:04:7e:ce:53:18:1b:8c:3b:ef:29:
92:52:6a:e5:01:9b:1e:fa:ce:29:83:d3:3e:16:53:
00:bd:77:93:6f:4a:16:5e:d1:2b:65:23:a1:7e:7f:
bf:d1:84:44:31:95:40:1f:1d:22:a1:7b:c1:ad:11:
ed:5c:74:ff:db:f9:7e:ad:bc:48:9e:5e:73:58:3a:
5e:b2:2d:11:72:a9:16:12:6f:c7:38:13:df:0c:35:
43:f9:5a:b8:75:5c:2a:70:0f:9a:20:69:ad:f9:41:
96:ce:ae:fa:90:78:8b:02:ab:66:f1:50:db:8f:bb:
58:8e:ff:4b:0a:a1:1b:55:9f:c9:86:d7:ab:b6:28:
e2:e3:9a:f9:e6:d4:59:c8:fd:68:61:c4:84:ec:a6:
39:77:ee:f0:7f:41:c7:1f:56:38:59:da:30:a6:ba:
a6:6c:be:48:15:dd:20:34:eb:8a:68:03:09:f9:1e:
8d:ed:02:d6:70:74:e0:f1:82:98:79:d7:e9:19:01:
92:ed:41:18:ba:83:35:c6:4e:31:1f:57:5a:f8:21:
80:74:79:98:fa:2a:2f:c5:c0:7d:a4:f9:06:02:24:
44:df:46:4a:8c:ed:8a:53:1c:f4:3e:7c:63:24:67:
16:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:63:B1:42:84:30:19:68:A4:81:7B:56:D2:FD:33:A0:E2:25:23:27
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d2OxQoQwGWikgXtW0v0zoOIlIyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.13.211.0/24
103.45.245.0-103.45.246.255
103.241.66.0/23
185.47.172.0/24
185.53.209.0/24
IPv6:
2a06:c5c0:1500::/48
2a06:c5c0:1600::/48
2a06:c5c0:1700::/48
Signature Algorithm: sha256WithRSAEncryption
59:11:3e:a1:9e:91:a4:32:5e:92:0b:e0:3c:b4:9f:5e:9d:6a:
52:bc:fd:9e:8d:a6:5d:5d:c0:ed:eb:9e:e7:83:8e:4d:bd:aa:
00:e9:35:1f:6c:6e:2b:4b:ef:d7:dc:0f:53:f7:6a:17:1c:4f:
a4:81:3b:28:2d:27:a2:61:1d:fc:8d:bf:3d:70:e1:49:3a:9d:
f4:cf:aa:25:6d:30:ea:07:0e:dd:fe:e9:5b:f1:32:08:6d:ec:
ac:6e:81:9e:35:76:de:cf:c1:56:82:0a:35:cd:23:ae:9a:6c:
7e:62:f3:93:1a:57:55:f0:3c:89:1b:51:2a:cc:cc:3d:c3:d3:
7f:06:16:6e:16:8c:e5:81:c4:59:9e:76:5b:7e:8a:d9:6d:b6:
6c:6a:00:59:68:36:79:2c:e3:2b:40:fe:e0:b2:51:11:83:70:
3a:f6:fa:57:58:c3:f8:3a:c0:f5:1f:cb:89:1e:0e:01:03:46:
b1:e1:ef:12:d0:e4:52:bd:aa:8c:1c:25:cf:9c:2c:64:09:26:
0b:98:42:7b:8a:c7:85:14:c5:f1:c4:f2:7b:b5:57:dc:aa:95:
09:12:98:63:f9:9a:2f:79:06:b9:69:0c:06:f5:da:38:13:64:
45:73:35:6a:4d:6d:84:bc:5e:45:4d:9e:fb:0c:52:01:6d:86:
c7:9d:a9:4e
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYsOgqHS3ouzQqoEAgldqAuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMxMDA4MDg1ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzYzYjE0Mjg0MzAxOTY4YTQ4MTdiNTZkMmZkMzNhMGUyMjUyMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaPzP0N76yEiekkHvTq5cOKwNQR+
zlMYG4w77ymSUmrlAZse+s4pg9M+FlMAvXeTb0oWXtErZSOhfn+/0YREMZVAHx0i
oXvBrRHtXHT/2/l+rbxInl5zWDpesi0RcqkWEm/HOBPfDDVD+Vq4dVwqcA+aIGmt
+UGWzq76kHiLAqtm8VDbj7tYjv9LCqEbVZ/Jhtertiji45r55tRZyP1oYcSE7KY5
d+7wf0HHH1Y4WdowprqmbL5IFd0gNOuKaAMJ+R6N7QLWcHTg8YKYedfpGQGS7UEY
uoM1xk4xH1da+CGAdHmY+iovxcB9pPkGAiRE30ZKjO2KUxz0PnxjJGcW0QIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFHdjsUKEMBlopIF7VtL9M6DiJSMnMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvZDJPeFFvUXdHV2lrZ1h0VzB2MHpvT0lsSXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA+BAIAATA4AwQALVurAwQA
W8qqAwQAW9+pAwQAZw3TMAwDBABnLfUDBABnLfYDBAFn8UIDBAC5L6wDBAC5NdEw
IQQCAAIwGwMHACoGxcAVAAMHACoGxcAWAAMHACoGxcAXADANBgkqhkiG9w0BAQsF
AAOCAQEAWRE+oZ6RpDJekgvgPLSfXp1qUrz9no2mXV3A7eue54OOTb2qAOk1H2xu
K0vv19wPU/dqFxxPpIE7KC0nomEd/I2/PXDhSTqd9M+qJW0w6gcO3f7pW/EyCG3s
rG6BnjV23s/BVoIKNc0jrppsfmLzkxpXVfA8iRtRKszMPcPTfwYWbhaM5YHEWZ52
W36K2W22bGoAWWg2eSzjK0D+4LJREYNwOvb6V1jD+DrA9R/LiR4OAQNGseHvEtDk
Ur2qjBwlz5wsZAkmC5hCe4rHhRTF8cTye7VX3KqVCRKYY/maL3kGuWkMBvXaOBNk
RXM1ak1thLxeRU2e+wxSAW2Gx52pTg==
-----END CERTIFICATE-----
Generated at Wed Dec 13 07:11:23 2023 by rpki-client on console-ams.rpki-client.org