Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/anyGTivdJLnUBFpvaE_BiVx6cqg.roa
File: anyGTivdJLnUBFpvaE_BiVx6cqg.roa (raw, json)
Hash identifier: zCuKQztkwSExb62nHFVKpLXq4J02DopDUxdfZn2DJLI=
Subject key identifier: 6A:7C:86:4E:2B:DD:24:B9:D4:04:5A:6F:68:4F:C1:89:5C:7A:72:A8
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01898CEC0CE362818E687488C13D75973AAC
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/anyGTivdJLnUBFpvaE_BiVx6cqg.roa
Signing time: Tue 25 Jul 2023 12:00:27 +0000
ROA not before: Tue 25 Jul 2023 12:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212025
IP address blocks: 85.158.145.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.10.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:ec:0c:e3:62:81:8e:68:74:88:c1:3d:75:97:3a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jul 25 12:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a7c864e2bdd24b9d4045a6f684fc1895c7a72a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:d1:ed:36:d2:64:80:79:67:52:fc:d3:60:
7e:a6:05:06:ef:2d:f0:ca:4f:fb:73:5a:cf:3f:7f:
fc:1d:30:57:89:77:4b:ac:cb:ff:29:76:55:43:83:
3b:bc:94:08:25:52:45:ce:60:59:a9:7d:f1:80:be:
3d:72:3b:30:aa:b5:06:50:71:09:bc:bd:31:2b:7b:
5c:3c:b8:94:51:80:a8:00:8b:b6:f7:db:ff:44:93:
4e:ea:52:3f:e0:b5:18:bb:be:22:2d:df:bd:c5:e5:
65:8c:5e:cb:57:6f:3b:f5:6c:eb:c1:48:9c:ec:7d:
9d:c0:2b:2c:6f:2b:b8:8e:46:1c:17:7f:ca:4d:b4:
de:09:05:3c:2e:3d:2b:d9:cd:8e:f3:ed:f2:19:35:
bb:9e:80:ce:0d:f0:e2:4f:c3:10:15:67:c6:96:f2:
47:dd:22:2b:df:a0:7a:71:15:a9:9f:cb:ee:53:b1:
3d:0c:9b:12:a8:e6:73:c3:b1:ca:f6:55:c4:3d:1f:
8c:1e:2e:07:44:2e:a2:d0:c6:c0:70:03:72:5d:f9:
03:39:5d:36:55:3b:88:b0:0e:5c:8a:a3:35:ac:84:
1e:ed:19:8b:e6:cc:7a:9a:d9:4d:26:0f:96:a1:bb:
87:a9:74:0d:49:f0:1e:2d:a3:b9:71:68:70:47:51:
f4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7C:86:4E:2B:DD:24:B9:D4:04:5A:6F:68:4F:C1:89:5C:7A:72:A8
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/anyGTivdJLnUBFpvaE_BiVx6cqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.249.0/24
5.178.2.0/24
85.158.145.0/24
Signature Algorithm: sha256WithRSAEncryption
14:9a:68:3a:03:a8:d9:2f:80:b2:f6:c3:34:49:ef:07:f9:5e:
96:14:e9:4d:1b:0d:e6:ff:b1:fc:1d:81:0e:ac:7a:22:ef:90:
ee:fd:df:06:50:94:9f:22:fc:a7:97:c5:99:db:1b:62:56:a8:
b4:34:6d:38:84:11:ec:21:b0:99:ef:52:a6:9f:3c:99:e3:e7:
6a:b3:80:25:b5:ca:c9:3a:24:18:09:86:bb:a6:63:53:ee:05:
4d:ec:1e:ed:74:72:d6:7a:d3:b5:e4:0c:5a:29:12:24:61:e9:
13:f1:b8:cd:8b:a2:3f:ef:4d:a7:48:90:e0:a0:2b:85:97:61:
b2:ed:75:c3:9f:57:51:9f:34:db:83:47:12:d5:ed:af:53:0c:
16:e8:09:69:bb:d5:8f:c5:51:46:72:f1:83:99:a2:60:4c:f2:
c0:c0:54:6c:e1:21:76:bf:40:4f:8f:0b:4c:8d:c3:e6:36:73:
0b:f3:69:7b:10:dc:61:af:3f:d8:c8:26:bd:b5:f2:1c:6c:ef:
b4:89:fe:4d:6c:bc:af:b1:ed:87:df:1e:f1:8a:2a:07:24:9f:
93:77:25:1a:4b:ab:69:0f:5a:c9:c0:e3:ab:fd:0f:3a:c7:b2:
3a:90:65:ad:d7:23:ba:6a:3a:bc:60:26:df:41:f4:20:14:f6:
91:7e:51:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmM7AzjYoGOaHSIwT11lzqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNzI1MTIwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTdjODY0ZTJiZGQyNGI5ZDQwNDVhNmY2ODRmYzE4OTVjN2E3MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbzR7TbSZIB5Z1L802B+pgUG7y3w
yk/7c1rPP3/8HTBXiXdLrMv/KXZVQ4M7vJQIJVJFzmBZqX3xgL49cjswqrUGUHEJ
vL0xK3tcPLiUUYCoAIu299v/RJNO6lI/4LUYu74iLd+9xeVljF7LV2879WzrwUic
7H2dwCssbyu4jkYcF3/KTbTeCQU8Lj0r2c2O8+3yGTW7noDODfDiT8MQFWfGlvJH
3SIr36B6cRWpn8vuU7E9DJsSqOZzw7HK9lXEPR+MHi4HRC6i0MbAcANyXfkDOV02
VTuIsA5ciqM1rIQe7RmL5sx6mtlNJg+WobuHqXQNSfAeLaO5cWhwR1H0PQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGp8hk4r3SS51ARab2hPwYlcenKoMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvYW55R1RpdmRKTG5VQkZwdmFFX0JpVng2Y3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABQr5AwQA
BbICAwQAVZ6RMA0GCSqGSIb3DQEBCwUAA4IBAQAUmmg6A6jZL4Cy9sM0Se8H+V6W
FOlNGw3m/7H8HYEOrHoi75Du/d8GUJSfIvynl8WZ2xtiVqi0NG04hBHsIbCZ71Km
nzyZ4+dqs4AltcrJOiQYCYa7pmNT7gVN7B7tdHLWetO15AxaKRIkYekT8bjNi6I/
702nSJDgoCuFl2Gy7XXDn1dRnzTbg0cS1e2vUwwW6Alpu9WPxVFGcvGDmaJgTPLA
wFRs4SF2v0BPjwtMjcPmNnML82l7ENxhrz/YyCa9tfIcbO+0if5NbLyvse2H3x7x
iioHJJ+TdyUaS6tpD1rJwOOr/Q86x7I6kGWt1yO6ajq8YCbfQfQgFPaRflE4
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:09 2024 by rpki-client on console-ams.rpki-client.org