Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5WTZ0MeYpf1Dp3Kv-LZS5yIEYgA.roa
File: 5WTZ0MeYpf1Dp3Kv-LZS5yIEYgA.roa (raw, json)
Hash identifier: qJ91rdo172qsLNk9G+VHa9pQqKOVZlF/OZm+zL15doM=
Subject key identifier: E5:64:D9:D0:C7:98:A5:FD:43:A7:72:AF:F8:B6:52:E7:22:04:62:00
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01867908FBFC17456A8274612BBD09A90CA2
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5WTZ0MeYpf1Dp3Kv-LZS5yIEYgA.roa
Signing time: Wed 22 Feb 2023 12:11:17 +0000
ROA not before: Wed 22 Feb 2023 12:11:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.100.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:08:fb:fc:17:45:6a:82:74:61:2b:bd:09:a9:0c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 22 12:11:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e564d9d0c798a5fd43a772aff8b652e722046200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c6:e4:33:bc:e4:00:39:98:9e:c7:22:ff:6a:
2a:8c:07:e1:f0:7f:61:c0:72:bc:1d:81:9a:62:ac:
4a:5d:5b:19:d6:32:8b:ca:d7:38:4a:b8:d3:70:2e:
ca:2b:c3:ca:a8:c1:39:8b:8c:48:48:09:e7:7c:28:
0c:a7:7d:0d:53:50:e6:4a:42:04:ff:a4:e1:3a:86:
b2:4f:4a:62:71:5d:01:bf:18:48:11:d9:63:bc:78:
a0:ab:69:9f:31:47:da:8b:af:61:b9:f2:af:47:9f:
a2:8b:fe:83:85:04:34:9e:45:47:03:75:ca:62:49:
e7:14:82:bf:e3:58:8d:6c:99:e3:54:ba:3a:ad:29:
ce:ef:4d:a1:7e:86:fb:a6:0e:56:c9:75:73:cd:b9:
88:9b:2d:56:76:60:72:c8:0c:6e:54:e5:84:1c:b7:
53:11:0b:a2:cb:e8:7b:ff:51:2d:58:aa:6b:c9:73:
32:6a:8c:45:2b:36:00:1d:17:02:42:a7:09:18:b9:
d9:dd:51:11:87:79:06:c6:d6:88:f4:0a:d3:10:6e:
d3:0a:ad:5f:a6:df:43:02:36:e8:c8:d8:ad:e0:18:
ad:42:9d:29:c4:f7:c0:90:7a:8f:a8:ad:68:fd:f4:
08:2a:b2:dd:da:87:24:12:2e:c1:2b:c0:26:c7:80:
66:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:64:D9:D0:C7:98:A5:FD:43:A7:72:AF:F8:B6:52:E7:22:04:62:00
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/5WTZ0MeYpf1Dp3Kv-LZS5yIEYgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
85.158.146.0/24
109.205.210.0/24
164.215.100.0/24
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:ce:ad:3b:1c:ab:87:3c:89:73:5a:02:c9:a1:65:59:5a:7d:
08:a3:2b:ce:54:57:9f:69:f8:24:80:94:e0:7c:4f:69:40:26:
97:7b:ac:df:c0:8e:82:1c:be:bb:4b:ca:3b:a1:a8:e7:35:97:
36:4c:15:a2:09:0b:ee:41:35:8e:84:fa:80:34:e0:a6:ec:35:
0f:ef:51:e1:38:5f:60:f4:cb:f9:9d:e7:22:29:07:02:17:7d:
7f:d0:4b:3c:08:1b:28:a9:cc:04:3d:1f:5c:be:b8:41:01:51:
2a:f2:fb:d7:8e:ad:9a:37:e9:31:ac:a4:a2:24:ea:3d:49:3b:
07:98:b8:b1:b5:50:d4:2c:60:47:12:c6:4b:8a:7d:98:45:71:
75:4d:9f:dd:de:f5:e7:d4:b6:ca:ce:f6:78:d4:19:50:20:47:
dc:f4:ed:5c:ca:c7:fa:0e:78:fc:84:e2:81:e0:11:56:86:d4:
9c:9b:14:63:3e:ef:34:ce:d8:ef:31:38:fe:5a:dc:e7:55:c6:
bb:71:71:11:19:e0:83:8c:dc:76:8f:dd:da:07:64:df:9a:1e:
af:21:0d:84:4a:62:8f:e1:c1:01:01:fc:53:b1:52:23:bd:f1:
fe:74:28:cb:54:fd:d2:37:0f:9b:73:e4:ab:4d:27:41:74:90:
09:30:fd:2f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZ5CPv8F0VqgnRhK70JqQyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjIyMTIxMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTY0ZDlkMGM3OThhNWZkNDNhNzcyYWZmOGI2NTJlNzIyMDQ2MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcbkM7zkADmYnsci/2oqjAfh8H9h
wHK8HYGaYqxKXVsZ1jKLytc4SrjTcC7KK8PKqME5i4xISAnnfCgMp30NU1DmSkIE
/6ThOoayT0picV0BvxhIEdljvHigq2mfMUfai69hufKvR5+ii/6DhQQ0nkVHA3XK
YknnFIK/41iNbJnjVLo6rSnO702hfob7pg5WyXVzzbmImy1WdmByyAxuVOWEHLdT
EQuiy+h7/1EtWKpryXMyaoxFKzYAHRcCQqcJGLnZ3VERh3kGxtaI9ArTEG7TCq1f
pt9DAjboyNit4BitQp0pxPfAkHqPqK1o/fQIKrLd2ockEi7BK8Amx4BmTQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOVk2dDHmKX9Q6dyr/i2UuciBGIAMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvNVdUWjBNZVlwZjFEcDNLdi1MWlM1eUlFWWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBQrwAwQC
BQr8AwQAVZ6SAwQAbc3SAwQApNdkAwQApNdnMA0GCSqGSIb3DQEBCwUAA4IBAQDZ
zq07HKuHPIlzWgLJoWVZWn0IoyvOVFefafgkgJTgfE9pQCaXe6zfwI6CHL67S8o7
oajnNZc2TBWiCQvuQTWOhPqANOCm7DUP71HhOF9g9Mv5neciKQcCF31/0Es8CBso
qcwEPR9cvrhBAVEq8vvXjq2aN+kxrKSiJOo9STsHmLixtVDULGBHEsZLin2YRXF1
TZ/d3vXn1LbKzvZ41BlQIEfc9O1cysf6Dnj8hOKB4BFWhtScmxRjPu80ztjvMTj+
WtznVca7cXERGeCDjNx2j93aB2Tfmh6vIQ2ESmKP4cEBAfxTsVIjvfH+dCjLVP3S
Nw+bc+SrTSdBdJAJMP0v
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org