Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/5keaPJQcSdPb6iA5upmIiOuihU4.roa
File: 5keaPJQcSdPb6iA5upmIiOuihU4.roa (raw, json)
Hash identifier: 0P8eksvHlhHvndrxmXDIagwTPdICQSgKEu4oJrq89dQ=
Subject key identifier: E6:47:9A:3C:94:1C:49:D3:DB:EA:20:39:BA:99:88:88:EB:A2:85:4E
Certificate issuer: /CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Certificate serial: 0189B160295C11E1E3A5D9EB493376AEDABA
Authority key identifier: 1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/5keaPJQcSdPb6iA5upmIiOuihU4.roa
Signing time: Tue 01 Aug 2023 13:53:36 +0000
ROA not before: Tue 01 Aug 2023 13:53:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 185.63.12.0/22 maxlen: 24
81.93.32.0/20 maxlen: 24
81.93.32.0/22 maxlen: 22
81.93.32.0/21 maxlen: 21
81.93.36.0/22 maxlen: 22
81.93.40.0/21 maxlen: 21
81.93.40.0/22 maxlen: 22
81.93.44.0/22 maxlen: 22
93.88.32.0/22 maxlen: 22
93.88.32.0/20 maxlen: 24
93.88.36.0/22 maxlen: 24
93.88.40.0/22 maxlen: 22
81.30.16.0/20 maxlen: 20
93.88.44.0/22 maxlen: 22
81.30.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b1:60:29:5c:11:e1:e3:a5:d9:eb:49:33:76:ae:da:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Validity
Not Before: Aug 1 13:53:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6479a3c941c49d3dbea2039ba998888eba2854e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c6:0e:c8:77:d6:9c:b9:cf:8c:67:43:44:bc:
1f:f6:2a:3c:5c:f4:87:7c:a2:b1:2e:d9:c3:44:4a:
24:86:07:20:ed:70:21:e1:b9:30:eb:d3:da:bd:64:
d9:ac:d4:ae:b1:33:cc:f3:1d:c9:ac:bc:a9:9d:d5:
cc:8f:b5:7d:28:5b:5d:c0:08:e5:6e:9d:0d:fd:d1:
94:88:27:63:b1:6f:ee:25:7a:33:fc:af:6d:36:f5:
58:bb:cc:95:48:12:d4:47:00:50:f6:4f:ed:65:b9:
df:e5:4a:9e:33:8b:13:92:3c:18:9a:f8:f8:77:c5:
62:4e:ca:fd:75:92:f1:f0:8f:f1:e2:25:19:8a:63:
94:7d:5f:9c:c7:0a:f2:4e:a5:ed:76:38:82:86:ea:
fa:bf:4c:dd:f5:58:23:a7:b9:2f:41:db:c1:93:1a:
a1:d0:8e:50:22:34:63:d5:9a:61:4e:15:19:9b:27:
a0:b2:a9:a1:f1:d4:6b:29:71:1d:cb:59:4a:56:37:
e5:6f:5d:15:2e:32:94:50:24:0a:22:72:6b:73:48:
af:f3:6d:5b:c5:44:6b:60:43:91:4a:f9:b6:9a:63:
bb:66:6d:04:ea:fc:a0:2e:87:96:e3:89:70:84:36:
80:de:70:68:bd:d6:ef:0c:97:78:a7:c2:e1:76:19:
34:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:47:9A:3C:94:1C:49:D3:DB:EA:20:39:BA:99:88:88:EB:A2:85:4E
X509v3 Authority Key Identifier:
keyid:1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/5keaPJQcSdPb6iA5upmIiOuihU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.16.0/20
81.93.32.0/20
93.88.32.0/20
185.63.12.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:7f:8e:52:c6:b9:06:66:e7:a8:62:00:1a:83:ea:c7:5f:dc:
06:81:2c:1a:99:da:80:09:ed:6d:af:8e:1e:11:a3:be:6e:b1:
68:15:0d:9c:ec:9a:35:d9:0b:6a:1f:58:2a:ca:5e:7c:c1:b8:
7d:cb:92:43:c6:07:1d:32:41:79:15:12:9e:a7:04:9d:2e:bf:
e0:38:0c:11:78:80:09:bd:8d:eb:d6:d6:dc:06:1f:a1:0b:d6:
1b:e1:31:7c:b3:56:5c:a4:16:ac:b6:a8:e4:cd:85:9c:1b:40:
35:19:86:b6:cb:80:48:43:b3:3b:2a:0e:00:bb:96:bc:41:69:
c6:a6:a6:6d:23:f4:d1:0e:1d:f0:d6:5e:7c:51:6a:a5:ef:10:
1f:18:36:44:fb:37:32:a5:00:24:0f:bd:04:7f:07:6c:be:d5:
e4:53:9c:28:0e:84:2c:18:e0:0b:9a:7a:fd:86:25:54:01:57:
d9:1e:09:fc:5f:04:1b:9b:2f:cb:b7:8d:cb:dd:44:11:65:e8:
18:e0:92:1e:02:30:74:a3:7a:2b:7a:84:59:2f:62:ea:2a:e4:
d9:52:72:44:cd:ee:2a:c2:74:99:47:12:36:99:ca:81:0c:51:
41:3c:0f:48:d3:10:5b:99:e5:69:53:7f:23:62:49:42:2d:c6:
3b:ae:10:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYmxYClcEeHjpdnrSTN2rtq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTFjN2FhMGIzOTVlMDYxMmVjNDIzZmUwN2ZiMDM4OWFh
YTQwMDMwHhcNMjMwODAxMTM1MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ3OWEzYzk0MWM0OWQzZGJlYTIwMzliYTk5ODg4OGViYTI4NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncYOyHfWnLnPjGdDRLwf9io8XPSH
fKKxLtnDREokhgcg7XAh4bkw69PavWTZrNSusTPM8x3JrLypndXMj7V9KFtdwAjl
bp0N/dGUiCdjsW/uJXoz/K9tNvVYu8yVSBLURwBQ9k/tZbnf5UqeM4sTkjwYmvj4
d8ViTsr9dZLx8I/x4iUZimOUfV+cxwryTqXtdjiChur6v0zd9Vgjp7kvQdvBkxqh
0I5QIjRj1ZphThUZmyegsqmh8dRrKXEdy1lKVjflb10VLjKUUCQKInJrc0iv821b
xURrYEORSvm2mmO7Zm0E6vygLoeW44lwhDaA3nBovdbvDJd4p8Lhdhk0OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOZHmjyUHEnT2+ogObqZiIjrooVOMB8GA1UdIwQY
MBaAFBrhx6oLOV4GEuxCP+B/sDiaqkADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2Ut
OTRmZGM5ZmJkY2FjLzEvNWtlYVBKUWNTZFBiNmlBNXVwbUlpT3VpaFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2UtOTRmZGM5ZmJkY2Fj
LzEvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR4QAwQE
UV0gAwQEXVggAwQCuT8MMA0GCSqGSIb3DQEBCwUAA4IBAQCsf45SxrkGZueoYgAa
g+rHX9wGgSwamdqACe1tr44eEaO+brFoFQ2c7Jo12QtqH1gqyl58wbh9y5JDxgcd
MkF5FRKepwSdLr/gOAwReIAJvY3r1tbcBh+hC9Yb4TF8s1ZcpBastqjkzYWcG0A1
GYa2y4BIQ7M7Kg4Au5a8QWnGpqZtI/TRDh3w1l58UWql7xAfGDZE+zcypQAkD70E
fwdsvtXkU5woDoQsGOALmnr9hiVUAVfZHgn8XwQbmy/Lt43L3UQRZegY4JIeAjB0
o3oreoRZL2LqKuTZUnJEze4qwnSZRxI2mcqBDFFBPA9I0xBbmeVpU38jYklCLcY7
rhCk
-----END CERTIFICATE-----
Generated at Thu Aug 3 13:24:12 2023 by rpki-client on console-ams.rpki-client.org