Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/5m0EHUVMhcTj6B3vW60ccWeSg8s.roa
File: 5m0EHUVMhcTj6B3vW60ccWeSg8s.roa (raw, json)
Hash identifier: 4X13Mhq+NYEvmO2/j9kXAm38yjTG6g62N0lmAdATCf0=
Subject key identifier: E6:6D:04:1D:45:4C:85:C4:E3:E8:1D:EF:5B:AD:1C:71:67:92:83:CB
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01891A749F089AA6EB3275DF584AA1B85577
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/5m0EHUVMhcTj6B3vW60ccWeSg8s.roa
Signing time: Mon 03 Jul 2023 06:33:17 +0000
ROA not before: Mon 03 Jul 2023 06:33:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
45.155.242.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1a:74:9f:08:9a:a6:eb:32:75:df:58:4a:a1:b8:55:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jul 3 06:33:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e66d041d454c85c4e3e81def5bad1c71679283cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:39:d2:b4:ac:57:d0:0b:d5:35:29:8c:d0:23:
c2:0e:1d:86:5f:1e:a4:ab:d0:b3:ac:f9:b9:34:e0:
20:9f:4a:99:45:0c:b5:4d:51:9d:4b:bd:fd:75:9f:
48:a7:90:e8:f9:95:0c:0f:ea:6c:b6:c6:83:57:cb:
f1:8c:25:a1:6b:01:da:f5:b7:dd:02:de:15:d2:8d:
1a:ba:16:45:72:8c:43:0d:e9:96:6f:8d:b8:15:ce:
0b:18:2f:bd:f9:cf:9e:4b:ad:a1:9c:a6:7d:33:08:
45:e6:e0:da:aa:fa:ee:76:fd:a4:ab:5d:88:63:ac:
34:6c:7f:50:4e:72:62:09:00:41:b8:87:7a:af:92:
e8:f1:eb:7c:77:bf:c9:14:47:4f:bd:77:98:35:9b:
4b:7c:dc:5b:dd:3a:b5:45:68:b0:e9:20:5e:c5:20:
a1:01:28:2a:a5:f7:47:86:01:dc:c9:62:b3:17:d8:
fa:c6:d8:5d:bb:bd:0b:b0:2d:db:b0:52:5c:4f:5a:
58:e6:02:83:26:a4:e3:86:41:96:49:d2:d7:ab:3c:
23:2c:29:fa:9e:f2:a3:0f:c5:d1:0e:92:66:9b:ec:
9b:4c:08:60:d2:f3:80:7b:9a:d2:21:1c:ca:98:b4:
59:9a:71:6d:01:00:4d:28:62:da:8b:8a:43:e8:43:
18:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6D:04:1D:45:4C:85:C4:E3:E8:1D:EF:5B:AD:1C:71:67:92:83:CB
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/5m0EHUVMhcTj6B3vW60ccWeSg8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/23
194.143.217.0-194.143.218.255
194.143.222.0/23
Signature Algorithm: sha256WithRSAEncryption
24:77:86:4f:2b:df:79:fb:c7:53:33:69:3d:11:4e:62:85:5d:
c5:32:99:ba:4a:90:c9:a0:b8:d6:87:5f:54:a7:81:8f:0b:3a:
8f:fb:85:35:32:f1:cd:59:d1:8b:44:f2:bc:15:19:2c:bc:64:
17:8f:0f:a2:95:3e:b1:b5:d9:77:12:94:97:52:3a:30:3f:9f:
03:d1:c1:b6:6d:41:88:bb:1c:e1:8e:e7:8f:e9:98:84:24:c7:
95:98:a8:e9:a6:eb:78:6c:4c:ad:d1:74:ec:65:de:f2:25:a1:
a8:5d:1c:7e:26:87:8e:fd:2d:85:dd:05:b5:ce:e4:1f:77:93:
ef:9f:01:d5:92:b9:fc:fb:51:f3:11:e5:8d:c2:01:61:34:5c:
5e:4e:2d:b4:2d:10:7b:cc:29:56:ae:2a:66:d4:ee:e6:fd:e2:
43:af:73:1d:9b:fe:cd:9d:7a:e0:07:68:01:71:34:63:29:23:
42:60:56:aa:dd:e7:b8:f3:27:3b:bf:8b:ad:9b:14:5c:24:6a:
7a:d5:91:bd:e7:f3:3a:0c:d4:9c:5d:22:4b:de:54:77:26:84:
88:f7:10:02:6b:1c:e2:06:09:a0:d3:15:57:5a:64:d5:1d:4e:
bb:cd:75:97:51:6b:6b:6b:2b:ed:08:c9:14:2e:4d:9b:d3:19:
74:2b:1d:d5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYkadJ8ImqbrMnXfWEqhuFV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwNzAzMDYzMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjZkMDQxZDQ1NGM4NWM0ZTNlODFkZWY1YmFkMWM3MTY3OTI4M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TnStKxX0AvVNSmM0CPCDh2GXx6k
q9CzrPm5NOAgn0qZRQy1TVGdS739dZ9Ip5Do+ZUMD+pstsaDV8vxjCWhawHa9bfd
At4V0o0auhZFcoxDDemWb424Fc4LGC+9+c+eS62hnKZ9MwhF5uDaqvrudv2kq12I
Y6w0bH9QTnJiCQBBuId6r5Lo8et8d7/JFEdPvXeYNZtLfNxb3Tq1RWiw6SBexSCh
ASgqpfdHhgHcyWKzF9j6xthdu70LsC3bsFJcT1pY5gKDJqTjhkGWSdLXqzwjLCn6
nvKjD8XRDpJmm+ybTAhg0vOAe5rSIRzKmLRZmnFtAQBNKGLai4pD6EMYkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOZtBB1FTIXE4+gd71utHHFnkoPLMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvNW0wRUhVVk1oY1RqNkIzdlc2MGNjV2VTZzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLZvyMAwD
BADCj9kDBADCj9oDBAHCj94wDQYJKoZIhvcNAQELBQADggEBACR3hk8r33n7x1Mz
aT0RTmKFXcUymbpKkMmguNaHX1SngY8LOo/7hTUy8c1Z0YtE8rwVGSy8ZBePD6KV
PrG12XcSlJdSOjA/nwPRwbZtQYi7HOGO54/pmIQkx5WYqOmm63hsTK3RdOxl3vIl
oahdHH4mh479LYXdBbXO5B93k++fAdWSufz7UfMR5Y3CAWE0XF5OLbQtEHvMKVau
KmbU7ub94kOvcx2b/s2deuAHaAFxNGMpI0JgVqrd57jzJzu/i62bFFwkanrVkb3n
8zoM1JxdIkveVHcmhIj3EAJrHOIGCaDTFVdaZNUdTrvNdZdRa2trK+0IyRQuTZvT
GXQrHdU=
-----END CERTIFICATE-----
Generated at Tue Aug 1 14:00:04 2023 by rpki-client on console-ams.rpki-client.org