Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/n5Bw3pBuq-tpvmfF0QmpUF32ONM.roa
File: n5Bw3pBuq-tpvmfF0QmpUF32ONM.roa (raw, json)
Hash identifier: nD1LEXDr7DWOl5lZGI7JxZKm2GQ8cf6jAGq8A1QdSRo=
Subject key identifier: 9F:90:70:DE:90:6E:AB:EB:69:BE:67:C5:D1:09:A9:50:5D:F6:38:D3
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018991E1E6DB5AD58F5471421C18607B69F9
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/n5Bw3pBuq-tpvmfF0QmpUF32ONM.roa
Signing time: Wed 26 Jul 2023 11:07:28 +0000
ROA not before: Wed 26 Jul 2023 11:07:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.85.78.0/24 maxlen: 24
185.85.79.0/24 maxlen: 24
5.63.24.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:e1:e6:db:5a:d5:8f:54:71:42:1c:18:60:7b:69:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jul 26 11:07:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f9070de906eabeb69be67c5d109a9505df638d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8c:83:db:59:80:40:d7:c6:9c:65:02:3c:e7:
58:1a:cb:74:44:89:0b:fd:aa:27:78:2a:3e:38:bc:
39:10:a9:5c:87:f6:6a:e7:9e:d0:ca:21:a5:50:74:
85:b2:7c:13:06:cb:1a:ee:6d:dd:b6:fb:fa:88:63:
34:bd:f8:fd:7a:cf:71:f7:43:bf:08:87:8e:4d:d1:
e4:e2:ff:21:ca:a5:2d:09:c7:43:54:fb:bd:30:3a:
d6:17:f5:14:95:77:d6:a4:31:4b:2e:ea:7f:82:d6:
60:fc:1c:c0:9b:0d:29:1d:28:28:61:15:27:65:53:
7f:bd:15:5b:e2:31:97:26:52:6c:c2:b0:c9:16:78:
5b:2f:0c:fd:e1:af:ac:71:97:58:4d:12:46:d7:7d:
c0:b6:28:7a:da:9c:61:e3:d7:c2:c0:3c:39:0b:aa:
e7:28:ce:c6:bd:2c:89:1b:80:71:f4:00:98:c2:be:
e7:64:6a:4b:d3:fa:a4:13:08:52:5d:86:c2:4a:44:
40:f2:e8:95:84:2a:81:d6:1e:18:15:4a:af:df:36:
9b:1c:6f:f8:3a:ad:c7:47:22:60:9d:cb:77:5d:a4:
f6:89:60:91:bb:7f:49:6a:24:b8:23:e7:9c:2a:6e:
ba:b3:fb:2d:14:96:a1:66:c8:fd:b7:21:fe:f9:f9:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:90:70:DE:90:6E:AB:EB:69:BE:67:C5:D1:09:A9:50:5D:F6:38:D3
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/n5Bw3pBuq-tpvmfF0QmpUF32ONM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0-5.63.28.255
185.85.78.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:e3:63:2a:04:9d:f3:a6:18:34:51:73:49:e1:b2:e4:e9:7a:
cf:90:63:e5:86:1f:8c:53:a0:15:83:e6:b8:ab:ea:de:a4:e6:
45:83:9e:f4:b1:96:cd:44:61:60:04:f7:d6:4c:63:d2:ea:de:
99:b3:db:fe:5d:62:b8:ba:2e:a6:8f:93:db:cc:50:98:8a:c7:
48:83:f3:96:ec:e9:da:07:fe:70:fa:2b:a7:96:c9:ea:01:d9:
5a:a2:83:46:3b:68:11:ad:71:76:7b:be:26:a4:6b:e9:ef:b7:
97:69:68:5d:f3:7a:29:c0:5e:63:c3:d0:24:73:95:f3:ee:0f:
af:61:1e:57:e9:88:f4:2f:68:75:9a:8a:42:36:b7:4a:8d:80:
17:cc:94:58:9f:85:d3:cd:a2:06:4a:ec:fd:16:68:a3:d4:be:
7f:ee:92:78:28:55:72:23:cf:77:a2:2e:6d:ba:08:aa:fb:33:
5c:11:ff:35:8a:58:a0:8a:24:33:6d:94:9b:50:79:3c:9e:54:
cf:ea:ce:20:dd:77:f2:87:7b:e7:e2:d9:35:bf:87:2c:09:04:
b4:f9:5b:d0:67:22:48:02:41:98:f1:f7:64:ce:9b:2c:89:eb:
3a:3c:b5:c0:17:5f:f7:53:f3:10:eb:c4:cb:49:df:b4:8d:7c:
de:7d:ce:2a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYmR4ebbWtWPVHFCHBhge2n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwNzI2MTEwNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjkwNzBkZTkwNmVhYmViNjliZTY3YzVkMTA5YTk1MDVkZjYzOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIyD21mAQNfGnGUCPOdYGst0RIkL
/aoneCo+OLw5EKlch/Zq557QyiGlUHSFsnwTBssa7m3dtvv6iGM0vfj9es9x90O/
CIeOTdHk4v8hyqUtCcdDVPu9MDrWF/UUlXfWpDFLLup/gtZg/BzAmw0pHSgoYRUn
ZVN/vRVb4jGXJlJswrDJFnhbLwz94a+scZdYTRJG133Atih62pxh49fCwDw5C6rn
KM7GvSyJG4Bx9ACYwr7nZGpL0/qkEwhSXYbCSkRA8uiVhCqB1h4YFUqv3zabHG/4
Oq3HRyJgnct3XaT2iWCRu39JaiS4I+ecKm66s/stFJahZsj9tyH++fk2vwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJ+QcN6Qbqvrab5nxdEJqVBd9jjTMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvbjVCdzNwQnVxLXRwdm1mRjBRbXBVRjMyT05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAMFPxgD
BAAFPxwDBAG5VU4wDQYJKoZIhvcNAQELBQADggEBAI3jYyoEnfOmGDRRc0nhsuTp
es+QY+WGH4xToBWD5rir6t6k5kWDnvSxls1EYWAE99ZMY9Lq3pmz2/5dYri6LqaP
k9vMUJiKx0iD85bs6doH/nD6K6eWyeoB2Vqig0Y7aBGtcXZ7viaka+nvt5dpaF3z
einAXmPD0CRzlfPuD69hHlfpiPQvaHWaikI2t0qNgBfMlFifhdPNogZK7P0WaKPU
vn/ukngoVXIjz3eiLm26CKr7M1wR/zWKWKCKJDNtlJtQeTyeVM/qziDdd/KHe+fi
2TW/hywJBLT5W9BnIkgCQZjx92TOmyyJ6zo8tcAXX/dT8xDrxMtJ37SNfN59zio=
Generated at Thu Aug 3 13:14:46 2023 by rpki-client on console-fra.rpki-client.org