Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/HgrgKDfgPuEqVfhYLZOXSRSgaI0.roa
File: HgrgKDfgPuEqVfhYLZOXSRSgaI0.roa (raw, json)
Hash identifier: ZAWokrDeyrp0N6Lrzk2CT5ls49KfEi7QuRPSNWpQZE4=
Subject key identifier: 1E:0A:E0:28:37:E0:3E:E1:2A:55:F8:58:2D:93:97:49:14:A0:68:8D
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 0189BB6E0B0A55CBBDAA4767A3C4C4A86C5D
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/HgrgKDfgPuEqVfhYLZOXSRSgaI0.roa
Signing time: Thu 03 Aug 2023 12:44:58 +0000
ROA not before: Thu 03 Aug 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.85.78.0/24 maxlen: 24
185.85.79.0/24 maxlen: 24
91.190.168.0/24 maxlen: 24
91.190.171.0/24 maxlen: 24
91.190.169.0/24 maxlen: 24
91.190.172.0/24 maxlen: 24
91.190.175.0/24 maxlen: 24
91.190.173.0/24 maxlen: 24
91.190.174.128/26 maxlen: 26
91.190.174.192/26 maxlen: 26
91.190.174.0/26 maxlen: 26
91.190.174.64/26 maxlen: 26
5.63.24.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:6e:0b:0a:55:cb:bd:aa:47:67:a3:c4:c4:a8:6c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Aug 3 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e0ae02837e03ee12a55f8582d93974914a0688d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:a5:0b:01:2c:de:6c:86:f2:1b:a0:25:df:
0a:a8:ea:07:20:53:13:ee:19:d0:e3:af:54:53:2d:
a9:e8:dc:ea:4d:a9:3f:58:67:ff:8e:14:ee:a4:97:
d4:be:3d:55:27:c9:c1:5b:cd:5f:b8:60:eb:f2:58:
ec:35:1d:76:4e:d6:f4:40:4d:7c:72:79:0c:f3:bd:
a4:34:8b:76:54:26:fa:0e:7e:c5:8b:53:01:6b:66:
bf:b0:cc:ca:6f:90:34:14:20:8c:12:ef:fc:79:0a:
b1:12:38:33:ef:69:58:ba:bf:a1:6b:2a:97:5d:03:
98:fd:41:0c:b8:7d:f0:0b:91:76:fb:09:e3:67:71:
8c:91:25:91:f1:7a:9d:69:c6:09:16:17:4a:ed:cd:
70:69:d5:42:79:4a:f9:a9:55:8e:33:5e:86:75:a0:
8a:7b:13:25:3b:55:f7:e3:f9:55:22:18:b0:be:80:
dd:2d:21:2c:a1:9e:76:38:ec:fc:05:4e:46:f9:2c:
95:90:fa:a2:3a:06:10:28:50:08:3d:02:10:df:92:
3d:8a:eb:2e:a0:c5:23:dc:c9:18:45:5b:b5:b8:05:
6c:51:74:56:4b:4f:17:2d:06:a4:37:b2:5f:88:f5:
65:7b:3e:43:fe:7d:b5:59:24:f7:7e:60:62:c3:9e:
f5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0A:E0:28:37:E0:3E:E1:2A:55:F8:58:2D:93:97:49:14:A0:68:8D
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/HgrgKDfgPuEqVfhYLZOXSRSgaI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0-5.63.28.255
91.190.168.0/23
91.190.171.0-91.190.175.255
185.85.78.0/23
Signature Algorithm: sha256WithRSAEncryption
86:c5:2a:9d:e9:ee:28:55:e0:cd:c2:58:a4:a5:8a:6a:26:99:
1a:dc:de:7d:6c:4a:37:b7:66:60:69:38:a2:61:2c:5b:f1:73:
d6:32:53:d3:e0:88:22:69:97:e1:ef:06:07:38:83:3f:bb:c7:
4b:d8:69:43:ae:77:16:c1:2b:5c:64:39:28:c9:2d:69:49:d5:
a0:1e:21:17:2f:4d:dd:49:68:ae:15:3f:9d:d7:60:c9:31:23:
ae:a5:4d:76:6f:4d:eb:8a:ff:35:6a:8c:d6:6e:a0:a6:9b:0d:
3f:05:63:c4:4a:fb:93:39:81:e0:27:81:85:09:9b:ec:ba:02:
b5:bf:78:22:76:c2:ed:85:85:6b:97:d7:3b:b3:c8:98:9f:d7:
02:c6:66:86:be:71:1f:ae:d8:e9:68:21:e4:89:71:c2:e1:08:
77:31:f1:91:0d:83:c1:31:01:a1:37:f1:cd:02:ac:45:02:ca:
b9:29:2e:2a:5b:6d:a8:f8:93:84:a7:14:40:5c:7c:89:e7:eb:
9e:d8:36:88:6d:12:f2:0d:0f:2a:97:c8:da:08:a5:00:90:66:
d7:91:33:eb:eb:28:45:e6:c7:9b:f5:b7:55:d0:5f:52:20:19:
71:b1:68:1a:a9:87:f5:d6:49:0f:d3:58:ee:34:61:64:f2:b9:
60:c4:0a:a3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYm7bgsKVcu9qkdno8TEqGxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwODAzMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTBhZTAyODM3ZTAzZWUxMmE1NWY4NTgyZDkzOTc0OTE0YTA2ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHelCwEs3myG8hugJd8KqOoHIFMT
7hnQ469UUy2p6NzqTak/WGf/jhTupJfUvj1VJ8nBW81fuGDr8ljsNR12Ttb0QE18
cnkM872kNIt2VCb6Dn7Fi1MBa2a/sMzKb5A0FCCMEu/8eQqxEjgz72lYur+hayqX
XQOY/UEMuH3wC5F2+wnjZ3GMkSWR8XqdacYJFhdK7c1wadVCeUr5qVWOM16GdaCK
exMlO1X34/lVIhiwvoDdLSEsoZ52OOz8BU5G+SyVkPqiOgYQKFAIPQIQ35I9iusu
oMUj3MkYRVu1uAVsUXRWS08XLQakN7JfiPVlez5D/n21WST3fmBiw571wwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFB4K4Cg34D7hKlX4WC2Tl0kUoGiNMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvSGdyZ0tEZmdQdUVxVmZoWUxaT1hTUlNnYUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAMFPxgD
BAAFPxwDBAFbvqgwDAMEAFu+qwMEBFu+oAMEAblVTjANBgkqhkiG9w0BAQsFAAOC
AQEAhsUqnenuKFXgzcJYpKWKaiaZGtzefWxKN7dmYGk4omEsW/Fz1jJT0+CIImmX
4e8GBziDP7vHS9hpQ653FsErXGQ5KMktaUnVoB4hFy9N3UlorhU/nddgyTEjrqVN
dm9N64r/NWqM1m6gppsNPwVjxEr7kzmB4CeBhQmb7LoCtb94InbC7YWFa5fXO7PI
mJ/XAsZmhr5xH67Y6Wgh5IlxwuEIdzHxkQ2DwTEBoTfxzQKsRQLKuSkuKlttqPiT
hKcUQFx8iefrntg2iG0S8g0PKpfI2gilAJBm15Ez6+soRebHm/W3VdBfUiAZcbFo
GqmH9dZJD9NY7jRhZPK5YMQKow==
-----END CERTIFICATE-----
Generated at Fri Aug 25 13:30:18 2023 by rpki-client on console-ams.rpki-client.org