Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d74urAZTe82OmBQWdPWp8T3JNOM.roa
File: d74urAZTe82OmBQWdPWp8T3JNOM.roa (raw, json)
Hash identifier: 0IZaQWcU7TQL8A4zPW/BKKd9PDX0VHGp84oDPfrW810=
Subject key identifier: 77:BE:2E:AC:06:53:7B:CD:8E:98:14:16:74:F5:A9:F1:3D:C9:34:E3
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0189F8D09D64EA34981B9AF7DF634A3BADC7
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d74urAZTe82OmBQWdPWp8T3JNOM.roa
Signing time: Tue 15 Aug 2023 10:49:28 +0000
ROA not before: Tue 15 Aug 2023 10:49:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36007
IP address blocks: 45.91.171.0/24 maxlen: 24
185.53.209.0/24 maxlen: 24
103.13.211.0/24 maxlen: 24
103.241.66.0/24 maxlen: 24
103.45.245.0/24 maxlen: 24
103.45.246.0/24 maxlen: 24
185.47.172.0/24 maxlen: 24
91.223.169.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
2a06:c5c0:1700::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:d0:9d:64:ea:34:98:1b:9a:f7:df:63:4a:3b:ad:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Aug 15 10:49:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77be2eac06537bcd8e98141674f5a9f13dc934e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:de:94:7e:89:27:df:fb:7c:d9:16:6f:5b:52:
04:db:5f:00:b8:17:d9:c4:21:f9:3a:2a:31:11:79:
0e:97:de:b6:ef:45:10:93:9f:18:73:28:8c:32:ae:
af:3f:e6:e7:0d:db:eb:4c:bf:b9:c6:fe:e7:b1:06:
19:24:9e:36:73:1d:36:f9:8f:90:58:1a:d9:32:54:
fa:86:28:02:82:37:ec:65:7a:ec:14:10:a2:9d:00:
aa:f8:d1:6f:c0:b5:ba:f6:da:7c:35:a8:78:fd:30:
72:2c:7a:df:b6:78:90:b9:61:9f:aa:f7:31:c9:3c:
f6:86:69:19:67:d2:01:2b:49:00:54:65:45:aa:7d:
d3:fd:15:2a:d4:a4:bf:06:4d:f9:27:ec:a0:c0:01:
73:41:ee:15:b4:93:71:62:56:b3:4b:5e:73:7c:98:
39:45:34:81:4b:f1:7b:78:6a:b3:06:50:aa:2d:0d:
c3:2d:10:f2:ca:71:0f:84:4a:5f:96:06:5a:33:d7:
1f:c2:c9:85:0e:87:5f:5b:11:f7:f1:c3:0a:85:4e:
e8:d8:db:a5:e3:56:6b:1c:29:2f:ec:1a:66:fe:29:
40:50:19:2c:7c:ac:f6:e8:f5:1c:01:a7:fd:64:5d:
9b:4a:bb:6b:14:9d:8c:7b:20:a4:c1:55:b6:bb:dd:
c6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:BE:2E:AC:06:53:7B:CD:8E:98:14:16:74:F5:A9:F1:3D:C9:34:E3
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/d74urAZTe82OmBQWdPWp8T3JNOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.171.0/24
91.202.170.0/24
91.223.169.0/24
103.13.211.0/24
103.45.245.0-103.45.246.255
103.241.66.0/24
185.47.172.0/24
185.53.209.0/24
IPv6:
2a06:c5c0:1700::/48
Signature Algorithm: sha256WithRSAEncryption
38:53:ea:b4:7f:45:f9:70:50:c7:35:d7:a4:0c:3f:42:a2:bd:
5f:5c:dd:06:d8:fa:4d:01:6e:4e:0d:dc:ca:69:e0:de:29:68:
dd:17:86:59:8c:f3:7d:68:ed:57:04:8d:56:bb:1e:b9:d4:f3:
e2:b6:4f:73:0d:1d:ef:98:cd:ca:3c:28:64:f1:7b:24:2f:71:
ba:39:3d:82:15:2a:26:57:72:8b:08:ff:d0:42:23:70:84:42:
b9:d5:f5:f5:94:21:1e:db:9a:13:4f:44:8c:11:86:3a:23:dd:
fe:99:db:aa:dd:e0:66:7a:a4:c3:1b:36:8b:76:23:39:45:ed:
41:93:50:ea:54:2e:82:8b:96:6d:a7:08:2e:37:d8:65:cc:36:
70:33:f4:ed:12:9e:56:11:73:33:e2:ce:47:4b:ec:33:75:01:
fc:71:af:a7:44:e1:42:6a:f6:96:6f:7e:81:b2:67:75:c7:7b:
78:39:f3:13:67:5b:15:e4:d5:32:81:27:28:d8:03:e0:45:ba:
d2:cd:df:74:37:53:89:95:0a:b4:9d:d0:99:12:97:32:03:a7:
59:14:5a:2b:60:66:a0:04:3d:ea:23:4c:38:24:3b:8c:8c:f8:
cf:2f:44:2d:7c:a1:73:72:99:f3:12:40:de:09:93:3b:b7:40:
55:12:82:e4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYn40J1k6jSYG5r332NKO63HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjMwODE1MTA0OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2JlMmVhYzA2NTM3YmNkOGU5ODE0MTY3NGY1YTlmMTNkYzkzNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/d6Ufokn3/t82RZvW1IE218AuBfZ
xCH5OioxEXkOl96270UQk58YcyiMMq6vP+bnDdvrTL+5xv7nsQYZJJ42cx02+Y+Q
WBrZMlT6higCgjfsZXrsFBCinQCq+NFvwLW69tp8Nah4/TByLHrftniQuWGfqvcx
yTz2hmkZZ9IBK0kAVGVFqn3T/RUq1KS/Bk35J+ygwAFzQe4VtJNxYlazS15zfJg5
RTSBS/F7eGqzBlCqLQ3DLRDyynEPhEpflgZaM9cfwsmFDodfWxH38cMKhU7o2Nul
41ZrHCkv7Bpm/ilAUBksfKz26PUcAaf9ZF2bSrtrFJ2MeyCkwVW2u93G8QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFHe+LqwGU3vNjpgUFnT1qfE9yTTjMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvZDc0dXJBWlRlODJPbUJRV2RQV3A4VDNKTk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQALVurAwQA
W8qqAwQAW9+pAwQAZw3TMAwDBABnLfUDBABnLfYDBABn8UIDBAC5L6wDBAC5NdEw
DwQCAAIwCQMHACoGxcAXADANBgkqhkiG9w0BAQsFAAOCAQEAOFPqtH9F+XBQxzXX
pAw/QqK9X1zdBtj6TQFuTg3cymng3ilo3ReGWYzzfWjtVwSNVrseudTz4rZPcw0d
75jNyjwoZPF7JC9xujk9ghUqJldyiwj/0EIjcIRCudX19ZQhHtuaE09EjBGGOiPd
/pnbqt3gZnqkwxs2i3YjOUXtQZNQ6lQugouWbacILjfYZcw2cDP07RKeVhFzM+LO
R0vsM3UB/HGvp0ThQmr2lm9+gbJndcd7eDnzE2dbFeTVMoEnKNgD4EW60s3fdDdT
iZUKtJ3QmRKXMgOnWRRaK2BmoAQ96iNMOCQ7jIz4zy9ELXyhc3KZ8xJA3gmTO7dA
VRKC5A==
Generated at Thu Aug 17 13:56:49 2023 by rpki-client on console-fra.rpki-client.org