Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/w5q5kv4xk0xNij-g78Ve17guLqg.roa
File: w5q5kv4xk0xNij-g78Ve17guLqg.roa (raw, json)
Hash identifier: LKbcIevXP14xwKrvrn3Vew2s/0lXewGTqh98nRKDKr8=
Subject key identifier: C3:9A:B9:92:FE:31:93:4C:4D:8A:3F:A0:EF:C5:5E:D7:B8:2E:2E:A8
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018572D5BD9B81FE9FA9CFEBC8921524AF05
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/w5q5kv4xk0xNij-g78Ve17guLqg.roa
Signing time: Mon 02 Jan 2023 14:14:48 +0000
ROA not before: Mon 02 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30781
IP address blocks: 185.85.76.0/22 maxlen: 22
91.190.168.0/21 maxlen: 21
5.63.24.0/21 maxlen: 21
2a02:798::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:bd:9b:81:fe:9f:a9:cf:eb:c8:92:15:24:af:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 2 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c39ab992fe31934c4d8a3fa0efc55ed7b82e2ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fc:02:08:e5:38:0f:ab:dc:40:1c:61:28:c0:
dd:a2:12:d2:eb:16:ac:3d:0f:9d:17:33:94:0c:b0:
b0:e9:97:6a:8f:57:2c:d8:f4:68:89:b8:bb:7d:ee:
71:f7:3b:f7:8c:ae:08:f6:fb:0c:ba:f0:e1:5e:af:
ac:cd:8f:b3:b6:9f:2c:51:2c:23:7e:30:29:b5:a8:
c5:7e:c1:d5:a5:0d:c2:8c:3f:fd:e5:1e:e5:bb:01:
ea:0d:86:41:8a:7b:00:cb:7e:ce:6b:06:b4:b4:8d:
e6:80:12:47:62:37:6c:2a:e5:a7:8c:ad:b6:4e:27:
80:5b:e6:4e:b5:01:6e:75:8c:6a:a8:5b:b4:40:d7:
2d:66:53:42:cb:5c:fb:7f:81:2b:f0:a8:c8:a8:4a:
0f:0c:3b:16:97:a1:07:8c:87:32:7f:d8:2b:dc:49:
96:3e:4e:7d:2e:50:45:2c:61:59:e7:11:33:47:94:
55:90:bd:93:d7:c5:1f:08:56:f6:0d:a8:df:88:ba:
7e:ff:86:10:80:61:d9:d3:ea:d8:f2:80:f7:30:f2:
e3:ba:16:35:08:fb:cc:e7:86:95:16:f2:3b:26:b7:
f7:fe:62:46:a1:ed:3f:a0:3a:6b:8e:7f:5d:f0:41:
1e:54:60:0e:3b:70:29:5f:14:a9:7b:25:19:35:96:
a7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9A:B9:92:FE:31:93:4C:4D:8A:3F:A0:EF:C5:5E:D7:B8:2E:2E:A8
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/w5q5kv4xk0xNij-g78Ve17guLqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
78:80:2e:89:2d:c9:76:57:df:33:82:eb:e2:bc:a3:ad:92:e0:
f6:43:ca:6d:3f:39:a8:7b:54:8e:d9:c1:a3:cd:c8:7d:36:78:
c0:b2:1e:bc:00:74:7e:2c:2d:c2:7f:d2:c5:91:80:99:47:dc:
15:95:99:db:ac:eb:e2:f6:c0:55:24:bc:11:9a:30:ae:f0:07:
ca:1f:d0:82:1c:8e:55:91:96:2b:80:00:7b:93:a2:21:86:a2:
8c:9a:11:c5:36:0b:cc:27:4b:94:19:94:7d:ca:75:e1:28:71:
ee:fb:1d:94:cb:79:f1:84:69:92:03:62:27:80:61:60:3a:02:
37:49:45:a1:e7:84:b4:00:72:04:b1:f5:cb:63:36:64:04:9a:
9b:fe:25:b5:ef:71:53:cc:b4:97:14:01:aa:d1:5b:05:31:da:
3a:f9:40:a8:af:bc:e7:df:3c:76:ae:c5:82:30:16:6f:25:5f:
43:7f:3b:7a:02:21:00:7a:dd:7d:fb:80:d5:ae:fb:69:a8:e4:
d8:31:ce:79:79:7b:a1:ce:7a:27:4a:e2:80:17:22:44:44:32:
7f:77:1a:19:5a:c1:96:11:3d:a1:3b:62:81:dd:78:4a:86:45:
69:e4:9a:8f:43:3e:d4:6a:f2:91:b2:bd:c5:57:25:cc:1c:2b:
94:20:0b:bb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy1b2bgf6fqc/ryJIVJK8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjMwMTAyMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlhYjk5MmZlMzE5MzRjNGQ4YTNmYTBlZmM1NWVkN2I4MmUyZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPwCCOU4D6vcQBxhKMDdohLS6xas
PQ+dFzOUDLCw6Zdqj1cs2PRoibi7fe5x9zv3jK4I9vsMuvDhXq+szY+ztp8sUSwj
fjAptajFfsHVpQ3CjD/95R7luwHqDYZBinsAy37Oawa0tI3mgBJHYjdsKuWnjK22
TieAW+ZOtQFudYxqqFu0QNctZlNCy1z7f4Er8KjIqEoPDDsWl6EHjIcyf9gr3EmW
Pk59LlBFLGFZ5xEzR5RVkL2T18UfCFb2DajfiLp+/4YQgGHZ0+rY8oD3MPLjuhY1
CPvM54aVFvI7Jrf3/mJGoe0/oDprjn9d8EEeVGAOO3ApXxSpeyUZNZanNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMOauZL+MZNMTYo/oO/FXte4Li6oMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvdzVxNWt2NHhrMHhOaWotZzc4VmUxN2d1THFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD
W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQB4gC6J
Lcl2V98zguvivKOtkuD2Q8ptPzmoe1SO2cGjzch9NnjAsh68AHR+LC3Cf9LFkYCZ
R9wVlZnbrOvi9sBVJLwRmjCu8AfKH9CCHI5VkZYrgAB7k6IhhqKMmhHFNgvMJ0uU
GZR9ynXhKHHu+x2Uy3nxhGmSA2IngGFgOgI3SUWh54S0AHIEsfXLYzZkBJqb/iW1
73FTzLSXFAGq0VsFMdo6+UCor7zn3zx2rsWCMBZvJV9Dfzt6AiEAet19+4DVrvtp
qOTYMc55eXuhznonSuKAFyJERDJ/dxoZWsGWET2hO2KB3XhKhkVp5JqPQz7UavKR
sr3FVyXMHCuUIAu7
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:53 2024 by rpki-client on console-ams.rpki-client.org