Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5LqmAnJxexgEYrPmrNflrpLj3Ss.roa
File: 5LqmAnJxexgEYrPmrNflrpLj3Ss.roa (raw, json)
Hash identifier: 4laP2jHDiNRaxV+bcDTkVJGFAmbXzuvDv+sn0gvkOCE=
Subject key identifier: E4:BA:A6:02:72:71:7B:18:04:62:B3:E6:AC:D7:E5:AE:92:E3:DD:2B
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01886BD9F08300F2BA1705CE7CF95E620C5E
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5LqmAnJxexgEYrPmrNflrpLj3Ss.roa
Signing time: Tue 30 May 2023 08:50:24 +0000
ROA not before: Tue 30 May 2023 08:50:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.108.0/24 maxlen: 24
46.23.110.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:d9:f0:83:00:f2:ba:17:05:ce:7c:f9:5e:62:0c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 30 08:50:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4baa60272717b180462b3e6acd7e5ae92e3dd2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:81:22:52:c0:e8:e8:0b:7d:56:76:fa:00:b4:
78:dd:6d:19:e0:97:1b:54:f4:28:69:7b:eb:c6:f3:
87:63:7c:ec:b5:59:ab:73:74:bc:ae:f4:cd:9c:1b:
00:8b:e7:48:ce:b4:f6:87:98:7c:88:0e:08:b5:b3:
d6:fa:91:60:bf:18:d6:25:21:45:be:d2:28:ab:89:
eb:b9:2a:d3:b7:e1:20:42:3b:cf:bc:0c:de:c6:46:
be:25:65:af:df:1a:6e:c0:80:2f:18:51:d8:72:d2:
91:0d:50:66:da:55:42:38:a5:26:4a:fd:6d:d9:63:
23:9f:62:1a:0c:87:c8:69:7b:e7:64:06:35:e2:cd:
df:2b:60:7c:91:11:c8:c3:e5:a1:48:ad:75:44:2a:
70:e0:43:e3:b6:d4:91:36:5f:6f:21:cd:31:5e:8e:
a4:27:14:d9:95:ae:70:4a:b8:bc:c4:82:30:e0:5a:
42:e5:b7:1e:4a:1e:a7:36:c9:02:a4:8c:24:2b:5d:
29:b7:6a:37:c4:d6:db:c6:39:f0:fd:bb:df:81:93:
24:e0:06:6d:b0:b9:08:e6:c7:c4:ac:53:52:f2:11:
2d:20:76:e6:21:7c:c9:81:69:e4:13:3f:ec:58:ac:
de:e8:a6:7c:a4:c8:70:a8:51:69:66:a5:b9:68:72:
76:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BA:A6:02:72:71:7B:18:04:62:B3:E6:AC:D7:E5:AE:92:E3:DD:2B
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5LqmAnJxexgEYrPmrNflrpLj3Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
46.23.108.0/24
46.23.110.0/24
109.205.212.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:61:c0:42:b6:73:b9:dd:bb:f2:eb:75:8b:e7:44:d3:4c:25:
25:80:c5:9b:68:2b:59:75:19:64:25:ba:26:39:1a:b9:57:78:
0e:c9:69:16:4a:d5:31:64:3e:9f:be:da:5f:ed:1d:83:57:a3:
06:95:e8:c9:30:71:fc:e6:8e:9f:69:b5:27:f2:fe:da:83:f0:
18:6a:a0:a0:8c:cb:af:b9:2b:0c:58:fd:e0:63:ad:31:ce:ef:
76:9e:b6:c5:d1:2b:7f:a6:ad:7f:c0:b9:75:3d:43:29:e7:85:
0d:47:7d:b2:0a:e7:36:25:ce:3a:1c:a0:2f:ee:bd:74:5b:e1:
6a:f5:4f:8f:25:91:d9:fd:ba:f9:cf:01:93:ad:2b:14:4f:ae:
b1:b9:70:8a:c3:0b:75:45:ad:c3:2a:08:81:07:53:be:5c:55:
1d:79:79:49:cb:d9:cd:73:71:b8:16:6d:a1:7d:a3:55:2f:da:
bf:00:86:28:8a:45:07:c6:98:17:60:fb:9e:a3:13:a6:6f:92:
4c:4f:0b:00:4b:88:81:45:7e:96:d4:85:b2:cf:50:cc:1b:7b:
fa:d0:71:91:36:8c:f9:a5:75:1a:af:fb:60:0f:39:33:32:43:
f7:33:a8:eb:2f:e0:01:0a:13:93:36:76:ab:a5:81:94:f6:a5:
0d:3e:63:fa
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYhr2fCDAPK6FwXOfPleYgxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNTMwMDg1MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGJhYTYwMjcyNzE3YjE4MDQ2MmIzZTZhY2Q3ZTVhZTkyZTNkZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4EiUsDo6At9Vnb6ALR43W0Z4Jcb
VPQoaXvrxvOHY3zstVmrc3S8rvTNnBsAi+dIzrT2h5h8iA4ItbPW+pFgvxjWJSFF
vtIoq4nruSrTt+EgQjvPvAzexka+JWWv3xpuwIAvGFHYctKRDVBm2lVCOKUmSv1t
2WMjn2IaDIfIaXvnZAY14s3fK2B8kRHIw+WhSK11RCpw4EPjttSRNl9vIc0xXo6k
JxTZla5wSri8xIIw4FpC5bceSh6nNskCpIwkK10pt2o3xNbbxjnw/bvfgZMk4AZt
sLkI5sfErFNS8hEtIHbmIXzJgWnkEz/sWKze6KZ8pMhwqFFpZqW5aHJ2XQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOS6pgJycXsYBGKz5qzX5a6S490rMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNUxxbUFuSnhleGdFWXJQbXJOZmxycExqM1NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABbIDAwQA
LhdgAwQALhdiAwQCLhdkAwQALhdsAwQALhduAwQAbc3UAwQAuVHZMA0GCSqGSIb3
DQEBCwUAA4IBAQAsYcBCtnO53bvy63WL50TTTCUlgMWbaCtZdRlkJbomORq5V3gO
yWkWStUxZD6fvtpf7R2DV6MGlejJMHH85o6fabUn8v7ag/AYaqCgjMuvuSsMWP3g
Y60xzu92nrbF0St/pq1/wLl1PUMp54UNR32yCuc2Jc46HKAv7r10W+Fq9U+PJZHZ
/br5zwGTrSsUT66xuXCKwwt1Ra3DKgiBB1O+XFUdeXlJy9nNc3G4Fm2hfaNVL9q/
AIYoikUHxpgXYPueoxOmb5JMTwsAS4iBRX6W1IWyz1DMG3v60HGRNoz5pXUar/tg
DzkzMkP3M6jrL+ABChOTNnarpYGU9qUNPmP6
-----END CERTIFICATE-----
Generated at Thu Dec 21 18:05:35 2023 by rpki-client on console-fra.rpki-client.org