Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/v6t5NTq78RupX_pnGq1I_4OXJfc.roa
File: v6t5NTq78RupX_pnGq1I_4OXJfc.roa (raw, json)
Hash identifier: CMV9vwPZisu1z/4UxGE/agT/ovAjaSFmZhPoyV3HE0g=
Subject key identifier: BF:AB:79:35:3A:BB:F1:1B:A9:5F:FA:67:1A:AD:48:FF:83:97:25:F7
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018750E5240786F10683F7E8F768065160AB
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/v6t5NTq78RupX_pnGq1I_4OXJfc.roa
Signing time: Wed 05 Apr 2023 10:10:06 +0000
ROA not before: Wed 05 Apr 2023 10:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.108.0/24 maxlen: 24
46.23.110.0/24 maxlen: 24
5.178.2.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:50:e5:24:07:86:f1:06:83:f7:e8:f7:68:06:51:60:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 5 10:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfab79353abbf11ba95ffa671aad48ff839725f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:11:89:dc:96:87:90:f8:73:be:73:ef:3c:9d:
fd:2f:7a:d9:12:0a:a5:21:0a:aa:d8:b1:c1:8b:50:
d2:df:b3:87:00:a3:9e:e5:21:42:3a:b2:12:52:f1:
c1:1b:f1:92:fc:0e:5e:bd:ee:1e:f1:16:52:3b:0f:
f0:03:d5:9e:a3:18:6c:2a:02:54:e0:2a:f7:4b:f7:
d3:2d:ea:31:87:fa:68:13:be:bd:9a:cc:b2:7b:5d:
c9:4e:75:bb:ce:d8:e2:95:e1:75:3d:ee:53:81:44:
3a:98:a8:eb:6e:8e:49:72:4e:99:15:2b:4c:28:cc:
de:6c:f5:db:2b:91:6e:78:fc:c5:19:27:e5:b3:67:
c2:47:f5:e3:45:d4:47:c5:a1:cc:3a:3c:6f:48:52:
e8:54:99:db:fe:3a:8e:30:4f:5a:65:10:80:11:1e:
12:47:42:7c:5e:67:6e:5e:13:92:59:f7:9d:7f:74:
b0:49:51:47:95:1d:81:6f:a7:58:a5:f6:6b:dd:12:
3d:41:94:d7:05:5f:01:30:28:b3:11:5c:ab:10:fe:
60:fb:f1:34:ac:77:95:49:22:4c:76:42:ab:bf:84:
0b:1f:46:9e:a0:4d:dc:4e:40:fb:87:ce:9b:81:9b:
a9:c3:8f:6c:30:f2:f0:4e:81:dd:71:b1:68:68:5d:
13:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AB:79:35:3A:BB:F1:1B:A9:5F:FA:67:1A:AD:48:FF:83:97:25:F7
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/v6t5NTq78RupX_pnGq1I_4OXJfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.2.0/23
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
46.23.108.0/24
46.23.110.0/24
109.205.212.0/24
185.81.217.0/24
Signature Algorithm: sha256WithRSAEncryption
72:4a:71:67:0a:99:9d:50:ee:1f:fa:dd:29:72:8a:8e:30:78:
b6:51:a1:ec:7e:83:af:49:65:1f:99:c3:85:58:97:43:ca:b2:
ef:c9:9a:99:61:b0:72:91:66:0d:6e:c1:c0:91:db:90:70:cf:
31:84:80:19:b5:e7:65:2a:a2:ef:97:ca:3c:3b:2b:cc:75:6e:
c8:66:18:90:3b:a7:6d:2d:c6:65:cb:8a:d8:a6:29:b2:85:ab:
87:c3:58:e0:02:10:dd:44:d7:d9:44:0d:b0:41:c5:49:b1:cb:
89:a1:9f:ab:07:82:a8:8e:46:ce:94:3c:9f:c8:8c:ab:ac:94:
76:8c:f3:1f:e5:79:65:2a:39:73:45:d3:e5:93:ba:60:59:f7:
c0:36:ec:c9:c9:78:a3:46:2b:2f:84:7d:37:84:eb:af:75:96:
b4:71:86:d0:68:3d:6e:e9:d1:68:0b:02:57:0e:cb:4b:30:d1:
49:20:8e:04:5e:73:22:23:a1:36:91:4a:9a:ec:a1:f0:22:81:
2a:c3:06:23:a4:f6:0e:9e:40:5b:b5:9b:e3:c8:87:92:df:10:
58:09:01:bc:31:89:be:23:ee:d9:90:46:50:c7:84:94:f6:56:
9a:42:be:86:23:40:06:90:52:33:dd:27:53:f2:54:cb:ed:e4:
84:2e:ca:2c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYdQ5SQHhvEGg/fo92gGUWCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNDA1MTAxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmFiNzkzNTNhYmJmMTFiYTk1ZmZhNjcxYWFkNDhmZjgzOTcyNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBGJ3JaHkPhzvnPvPJ39L3rZEgql
IQqq2LHBi1DS37OHAKOe5SFCOrISUvHBG/GS/A5eve4e8RZSOw/wA9WeoxhsKgJU
4Cr3S/fTLeoxh/poE769msyye13JTnW7ztjileF1Pe5TgUQ6mKjrbo5Jck6ZFStM
KMzebPXbK5FuePzFGSfls2fCR/XjRdRHxaHMOjxvSFLoVJnb/jqOME9aZRCAER4S
R0J8XmduXhOSWfedf3SwSVFHlR2Bb6dYpfZr3RI9QZTXBV8BMCizEVyrEP5g+/E0
rHeVSSJMdkKrv4QLH0aeoE3cTkD7h86bgZupw49sMPLwToHdcbFoaF0TIwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL+reTU6u/EbqV/6ZxqtSP+DlyX3MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdjZ0NU5UcTc4UnVwWF9wbkdxMUlfNE9YSmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBBbICAwQA
LhdgAwQALhdiAwQCLhdkAwQALhdsAwQALhduAwQAbc3UAwQAuVHZMA0GCSqGSIb3
DQEBCwUAA4IBAQBySnFnCpmdUO4f+t0pcoqOMHi2UaHsfoOvSWUfmcOFWJdDyrLv
yZqZYbBykWYNbsHAkduQcM8xhIAZtedlKqLvl8o8OyvMdW7IZhiQO6dtLcZly4rY
pimyhauHw1jgAhDdRNfZRA2wQcVJscuJoZ+rB4KojkbOlDyfyIyrrJR2jPMf5Xll
KjlzRdPlk7pgWffANuzJyXijRisvhH03hOuvdZa0cYbQaD1u6dFoCwJXDstLMNFJ
II4EXnMiI6E2kUqa7KHwIoEqwwYjpPYOnkBbtZvjyIeS3xBYCQG8MYm+I+7ZkEZQ
x4SU9laaQr6GI0AGkFIz3SdT8lTL7eSELsos
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org