Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/uDjyL6drAa2EQgDn0kGwj2RDD1U.roa
File: uDjyL6drAa2EQgDn0kGwj2RDD1U.roa (raw, json)
Hash identifier: OWp0sHdTjvqVWcP4VNb0CH7xhX8990YEPxjkdZIsGb0=
Subject key identifier: B8:38:F2:2F:A7:6B:01:AD:84:42:00:E7:D2:41:B0:8F:64:43:0F:55
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0187606CE8135F098F5370A2842AF1914B15
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/uDjyL6drAa2EQgDn0kGwj2RDD1U.roa
Signing time: Sat 08 Apr 2023 10:32:42 +0000
ROA not before: Sat 08 Apr 2023 10:32:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 85.158.150.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
37.128.202.0/24 maxlen: 24
37.128.200.0/24 maxlen: 24
37.128.201.0/24 maxlen: 24
37.128.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:60:6c:e8:13:5f:09:8f:53:70:a2:84:2a:f1:91:4b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 8 10:32:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b838f22fa76b01ad844200e7d241b08f64430f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:36:13:e0:e8:8c:ea:55:3e:e4:90:a0:34:69:
b6:d5:5c:7e:c3:a6:5f:44:1c:55:3b:4f:b0:88:ad:
32:13:9e:64:ab:1e:da:10:83:bd:ac:d7:92:10:5d:
c8:9f:98:ca:30:28:b3:3c:cf:83:ba:16:e2:05:a3:
2b:54:0b:b4:b3:42:3b:6a:bb:51:ce:ed:7f:ec:40:
2b:9a:88:02:77:72:e5:90:ff:6d:f6:43:13:b2:af:
5c:32:65:ac:82:0b:2b:ef:45:4a:06:ed:e5:5d:69:
8f:88:f0:e1:57:54:59:ab:99:8b:6b:cd:bb:fd:5c:
cd:dc:c8:e9:c2:db:50:3d:1b:c4:64:bd:39:ef:36:
21:9f:65:8e:32:d8:3c:fe:b6:f9:44:2e:ea:9e:79:
c6:36:8f:26:5d:a8:75:72:e6:9f:6f:57:10:ea:5c:
57:b8:fc:de:51:11:2d:71:d9:b2:c9:28:e2:f4:0e:
56:5b:8a:87:d3:01:4e:92:75:9c:03:89:17:73:83:
33:25:5d:c3:ef:70:b9:7e:43:c6:7e:e1:8a:6a:f3:
71:b7:a2:03:71:6f:3d:74:97:7d:dd:9e:cf:d4:e6:
bc:be:9c:b0:48:5b:f0:16:6b:c2:80:43:82:90:4e:
ac:be:09:63:f3:72:f4:d6:89:7b:e3:ab:11:88:07:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:38:F2:2F:A7:6B:01:AD:84:42:00:E7:D2:41:B0:8F:64:43:0F:55
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/uDjyL6drAa2EQgDn0kGwj2RDD1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
37.128.200.0/22
85.158.150.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:2f:a4:11:0f:2b:bd:ee:4b:de:6f:8d:bc:86:74:05:41:f5:
a7:76:5d:a2:a4:83:4c:f3:93:b3:78:45:db:84:0b:fd:33:f1:
e5:81:3b:ca:03:8c:c5:8f:e8:ac:d8:a9:d6:c8:67:b0:5e:a9:
7e:4c:16:7d:e6:bc:e1:2c:02:0c:a8:3d:5b:d9:63:bc:65:86:
17:35:8c:28:20:02:a8:65:12:cd:30:99:51:c2:b8:ae:3f:cc:
ab:7a:18:fb:32:12:fd:e9:16:13:ca:6d:d2:7c:6c:57:70:3d:
a5:64:b8:c6:f9:2d:72:3e:01:44:66:72:c8:76:ef:42:ba:0a:
0e:e8:4e:cb:ee:0e:e3:2b:91:39:79:4e:a5:c1:a8:9b:7b:56:
21:bd:85:87:98:49:0a:35:b4:58:db:14:f6:6e:7a:53:0c:5f:
3b:8b:f2:ea:da:1c:54:9f:37:34:1d:73:df:e3:e6:79:32:98:
bb:66:e9:48:73:63:c5:f7:3c:cc:d6:fb:0f:03:ad:b1:da:2f:
b0:72:d5:d3:00:7d:f9:4a:dc:15:d9:0e:54:5d:df:4c:9e:cd:
a4:26:3a:9d:f4:21:79:07:6a:a0:c9:2f:ee:c8:5c:7b:eb:f9:
b6:f1:e9:22:30:8f:64:94:76:e6:48:75:ae:33:04:dd:d4:df:
d3:55:85:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdgbOgTXwmPU3CihCrxkUsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNDA4MTAzMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODM4ZjIyZmE3NmIwMWFkODQ0MjAwZTdkMjQxYjA4ZjY0NDMwZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzYT4OiM6lU+5JCgNGm21Vx+w6Zf
RBxVO0+wiK0yE55kqx7aEIO9rNeSEF3In5jKMCizPM+DuhbiBaMrVAu0s0I7artR
zu1/7EArmogCd3LlkP9t9kMTsq9cMmWsggsr70VKBu3lXWmPiPDhV1RZq5mLa827
/VzN3MjpwttQPRvEZL057zYhn2WOMtg8/rb5RC7qnnnGNo8mXah1cuafb1cQ6lxX
uPzeUREtcdmyySji9A5WW4qH0wFOknWcA4kXc4MzJV3D73C5fkPGfuGKavNxt6ID
cW89dJd93Z7P1Oa8vpywSFvwFmvCgEOCkE6svglj83L01ol746sRiAd1cQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLg48i+nawGthEIA59JBsI9kQw9VMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdURqeUw2ZHJBYTJFUWdEbjBrR3dqMlJERDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBbIEAwQC
JYDIAwQAVZ6WMA0GCSqGSIb3DQEBCwUAA4IBAQDML6QRDyu97kveb428hnQFQfWn
dl2ipINM85OzeEXbhAv9M/HlgTvKA4zFj+is2KnWyGewXql+TBZ95rzhLAIMqD1b
2WO8ZYYXNYwoIAKoZRLNMJlRwriuP8yrehj7MhL96RYTym3SfGxXcD2lZLjG+S1y
PgFEZnLIdu9CugoO6E7L7g7jK5E5eU6lwaibe1YhvYWHmEkKNbRY2xT2bnpTDF87
i/Lq2hxUnzc0HXPf4+Z5Mpi7ZulIc2PF9zzM1vsPA62x2i+wctXTAH35StwV2Q5U
Xd9Mns2kJjqd9CF5B2qgyS/uyFx76/m28ekiMI9klHbmSHWuMwTd1N/TVYXW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org