Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/zUvRRc5xM-LTO6IzFD_VT_b-lHw.roa
File: zUvRRc5xM-LTO6IzFD_VT_b-lHw.roa (raw, json)
Hash identifier: 5+3HLwFg5kBFAjVtE/57YLTL1g2C27qeDzVdhKqGn1k=
Subject key identifier: CD:4B:D1:45:CE:71:33:E2:D3:3B:A2:33:14:3F:D5:4F:F6:FE:94:7C
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0186990C3BC08234EE017B984DF3AEC07203
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/zUvRRc5xM-LTO6IzFD_VT_b-lHw.roa
Signing time: Tue 28 Feb 2023 17:22:41 +0000
ROA not before: Tue 28 Feb 2023 17:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.100.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:0c:3b:c0:82:34:ee:01:7b:98:4d:f3:ae:c0:72:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 28 17:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd4bd145ce7133e2d33ba233143fd54ff6fe947c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:29:44:8f:ea:43:ff:09:9c:27:eb:fc:22:e7:
fa:6f:19:84:43:d6:78:2a:f2:ef:ff:73:ae:cf:88:
ba:11:f9:e5:02:a9:9f:17:15:08:ae:65:3d:b8:d5:
bb:99:66:aa:d2:62:59:56:55:6d:81:fe:6d:db:66:
2d:46:cf:7f:a7:08:75:ea:7c:3e:48:9b:67:aa:ea:
70:87:c7:35:b9:00:82:be:f9:69:a8:69:4b:07:85:
7a:99:1d:a0:34:7a:08:ea:d7:87:89:86:7f:28:0e:
f8:df:5f:c0:59:d4:1b:f3:a0:47:e2:9a:a5:53:c3:
a0:33:cf:cb:c2:c0:fe:41:00:91:55:7f:21:9b:b0:
81:c2:71:22:2f:f6:5c:a2:e0:ec:ca:8e:7b:54:50:
0e:e3:98:85:11:db:d6:15:26:bd:bd:82:c2:97:e0:
0e:a1:5d:19:66:cc:5e:2b:db:ff:2a:a8:41:04:7e:
5b:5d:0d:b3:7c:99:ea:a4:e6:fe:82:f7:2b:5c:ed:
2d:61:7c:b4:06:91:f3:7d:74:82:e2:51:56:26:8c:
49:a5:6a:26:74:95:17:a4:9d:ef:fe:39:a3:e1:4b:
86:7e:cc:5f:7b:48:56:e5:d4:87:ac:45:09:7c:e9:
7e:a8:df:af:60:13:e8:12:30:a3:f4:ea:c5:1a:66:
32:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:4B:D1:45:CE:71:33:E2:D3:3B:A2:33:14:3F:D5:4F:F6:FE:94:7C
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/zUvRRc5xM-LTO6IzFD_VT_b-lHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
46.23.108.0/24
85.158.146.0/24
109.205.210.0/24
164.215.100.0/24
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:77:2c:4a:2c:6e:13:73:5a:19:b5:09:62:c5:e0:51:aa:37:
18:0e:68:5d:66:d5:6b:5e:b3:b4:81:36:a1:1f:36:c2:d9:ce:
53:62:55:e7:34:2e:6e:02:eb:57:f5:7a:36:9d:28:75:77:c9:
ec:83:98:4f:07:94:02:0c:ae:fd:86:ce:51:34:22:d0:68:f0:
76:d6:e5:f7:89:8d:dc:68:5b:3f:ac:1b:34:31:7c:5f:e4:58:
d9:42:bd:2c:8c:f1:c0:c4:c3:93:32:3e:99:29:b1:22:b6:d9:
50:d4:73:fc:be:5d:2b:14:88:24:00:a5:5b:76:2b:7a:a0:7e:
89:21:3e:bc:11:92:56:3d:47:1b:15:a7:8d:3e:88:35:49:80:
7a:42:f1:6f:39:b9:1a:8d:8d:cc:1c:a4:c6:00:a7:fa:b8:b1:
a7:d3:be:d9:b9:11:d6:59:57:b3:67:dd:de:ca:42:00:84:90:
c0:73:32:65:41:64:f4:16:5d:6f:ca:cf:cf:8c:db:cf:2e:45:
2d:78:05:45:72:78:0b:1a:b3:58:88:79:7c:09:f0:5e:9a:c2:
47:01:0b:8e:88:a3:b2:3d:7f:67:c6:f4:02:e7:c8:6b:a9:07:
52:d8:5e:bb:03:23:9b:93:3a:a8:78:2c:4e:cb:a9:67:86:a9:
b9:06:d8:b9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYaZDDvAgjTuAXuYTfOuwHIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjI4MTcyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDRiZDE0NWNlNzEzM2UyZDMzYmEyMzMxNDNmZDU0ZmY2ZmU5NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnClEj+pD/wmcJ+v8Iuf6bxmEQ9Z4
KvLv/3Ouz4i6EfnlAqmfFxUIrmU9uNW7mWaq0mJZVlVtgf5t22YtRs9/pwh16nw+
SJtnqupwh8c1uQCCvvlpqGlLB4V6mR2gNHoI6teHiYZ/KA7431/AWdQb86BH4pql
U8OgM8/LwsD+QQCRVX8hm7CBwnEiL/ZcouDsyo57VFAO45iFEdvWFSa9vYLCl+AO
oV0ZZsxeK9v/KqhBBH5bXQ2zfJnqpOb+gvcrXO0tYXy0BpHzfXSC4lFWJoxJpWom
dJUXpJ3v/jmj4UuGfsxfe0hW5dSHrEUJfOl+qN+vYBPoEjCj9OrFGmYyYwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM1L0UXOcTPi0zuiMxQ/1U/2/pR8MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvelV2UlJjNXhNLUxUTzZJekZEX1ZUX2ItbEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBQrwAwQC
BQr8AwQALhdsAwQAVZ6SAwQAbc3SAwQApNdkAwQApNdnMA0GCSqGSIb3DQEBCwUA
A4IBAQB7dyxKLG4Tc1oZtQlixeBRqjcYDmhdZtVrXrO0gTahHzbC2c5TYlXnNC5u
AutX9Xo2nSh1d8nsg5hPB5QCDK79hs5RNCLQaPB21uX3iY3caFs/rBs0MXxf5FjZ
Qr0sjPHAxMOTMj6ZKbEittlQ1HP8vl0rFIgkAKVbdit6oH6JIT68EZJWPUcbFaeN
Pog1SYB6QvFvObkajY3MHKTGAKf6uLGn077ZuRHWWVezZ93eykIAhJDAczJlQWT0
Fl1vys/PjNvPLkUteAVFcngLGrNYiHl8CfBemsJHAQuOiKOyPX9nxvQC58hrqQdS
2F67AyObkzqoeCxOy6lnhqm5Bti5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org