Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/I68cNaASVp59OO-rXAg00YR1tqY.roa
File: I68cNaASVp59OO-rXAg00YR1tqY.roa (raw, json)
Hash identifier: bw++LnSyNgRh3zrvSxLSKK/XBK9OP2Vp2TtEGQkgxdM=
Subject key identifier: 23:AF:1C:35:A0:12:56:9E:7D:38:EF:AB:5C:08:34:D1:84:75:B6:A6
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082AFD0F9E895A0D0045227FFAFC7C6
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/I68cNaASVp59OO-rXAg00YR1tqY.roa
Signing time: Mon 02 Jan 2023 03:24:50 +0000
ROA not before: Mon 02 Jan 2023 03:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 5.40.191.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
62.82.238.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
89.140.112.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
5.40.86.0/24 maxlen: 24
5.40.33.0/24 maxlen: 24
5.40.32.0/24 maxlen: 24
5.40.252.0/24 maxlen: 24
5.40.32.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:af:d0:f9:e8:95:a0:d0:04:52:27:ff:af:c7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23af1c35a012569e7d38efab5c0834d18475b6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a4:d2:c5:d8:77:f5:d1:9f:eb:88:20:cf:11:
e0:f9:0d:74:1c:29:2d:14:8f:24:f7:08:b9:c8:9c:
1b:28:27:92:17:fd:63:d7:b3:6f:e5:c2:cd:78:75:
35:b5:07:07:61:e0:3d:42:89:07:39:57:d7:e4:dc:
8e:e2:2d:30:6e:84:f1:fa:31:75:7e:ff:4f:a9:77:
fa:aa:4d:1b:b5:61:45:07:c0:de:12:59:4a:8c:72:
d3:b3:98:38:39:bc:2e:85:b4:6b:5b:47:d5:20:5d:
c4:5c:cd:63:b3:cd:79:cf:f4:b9:62:c5:72:6f:7f:
22:72:6a:99:7f:53:71:59:f8:ac:ee:6c:d0:d9:1d:
fd:a4:93:55:52:fc:df:87:bf:d2:fb:be:3f:55:cc:
7c:db:e9:70:ca:c3:89:a3:d6:28:fb:00:b6:c5:19:
9b:19:2c:e3:1d:7e:04:31:94:c7:99:47:31:0c:d8:
ea:19:ac:37:8a:e2:70:a8:bb:7e:fa:8d:96:c4:1a:
41:42:48:9f:56:71:7d:07:9c:72:21:13:0c:7d:cc:
e4:6e:8b:93:86:47:b9:7a:01:65:be:59:c0:cc:73:
66:84:39:e5:af:46:d4:36:09:2d:f1:10:d9:e6:d8:
c0:12:41:e8:96:ae:f2:4a:1b:ac:94:09:13:65:b5:
2c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AF:1C:35:A0:12:56:9E:7D:38:EF:AB:5C:08:34:D1:84:75:B6:A6
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/I68cNaASVp59OO-rXAg00YR1tqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:f5:0f:c1:5a:c5:f3:2f:18:cf:c1:60:6c:a0:b4:3b:ed:da:
86:33:f9:3b:b0:32:55:16:00:80:df:33:2f:63:f4:eb:10:87:
59:e0:c8:84:8d:a8:b0:23:4f:43:ac:e8:1d:db:3a:cb:e9:88:
1c:5b:30:6d:bd:8c:3f:8a:be:7d:99:df:5b:52:1e:4c:e8:9e:
30:ab:60:cd:4f:0b:7b:23:8e:5c:b6:ac:29:71:d4:a1:02:62:
52:48:0d:8d:d0:6a:d8:1c:65:25:4d:7a:7a:43:66:31:8d:7d:
98:36:3c:93:ec:d0:72:91:b0:39:de:e7:63:6b:6c:f6:bb:5d:
23:ff:60:4a:a1:c6:81:7f:a7:8c:39:f0:54:60:ae:20:f7:e9:
8a:6f:26:5b:71:08:d1:b1:6a:94:f9:3c:12:34:88:a8:5f:ab:
e7:0d:a1:5b:2a:89:c7:73:3f:de:80:7b:33:17:77:34:18:9c:
81:c9:cf:d0:df:d0:f5:b7:f8:11:cf:ea:30:36:18:10:50:22:
fb:c6:c4:22:f5:80:2e:31:8e:5c:d0:72:8a:ce:4a:09:28:e9:
6e:b5:ae:46:d6:96:b0:77:77:7c:8d:04:60:eb:53:fb:ec:e8:
73:40:4d:75:83:33:4e:8a:b2:5a:5b:91:da:c7:b0:d1:0d:2e:
64:5c:78:a5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVwgq/Q+eiVoNAEUif/r8fGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FmMWMzNWEwMTI1NjllN2QzOGVmYWI1YzA4MzRkMTg0NzViNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqTSxdh39dGf64ggzxHg+Q10HCkt
FI8k9wi5yJwbKCeSF/1j17Nv5cLNeHU1tQcHYeA9QokHOVfX5NyO4i0wboTx+jF1
fv9PqXf6qk0btWFFB8DeEllKjHLTs5g4ObwuhbRrW0fVIF3EXM1js815z/S5YsVy
b38icmqZf1NxWfis7mzQ2R39pJNVUvzfh7/S+74/Vcx82+lwysOJo9Yo+wC2xRmb
GSzjHX4EMZTHmUcxDNjqGaw3iuJwqLt++o2WxBpBQkifVnF9B5xyIRMMfczkbouT
hke5egFlvlnAzHNmhDnlr0bUNgkt8RDZ5tjAEkHolq7yShuslAkTZbUsFQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCOvHDWgElaefTjvq1wINNGEdbamMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvSTY4Y05hQVNWcDU5T08tclhBZzAwWVIxdHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSggAwQA
BShWAwQABSiAAwQABSi/AwQABSj8AwQAPlJUAwQAPlLuAwQAPq/KAwQAVHx0AwQB
WYwoAwQAWYxwAwQAWYx4AwQAWYx6AwQAWYzFMA0GCSqGSIb3DQEBCwUAA4IBAQBb
9Q/BWsXzLxjPwWBsoLQ77dqGM/k7sDJVFgCA3zMvY/TrEIdZ4MiEjaiwI09DrOgd
2zrL6YgcWzBtvYw/ir59md9bUh5M6J4wq2DNTwt7I45ctqwpcdShAmJSSA2N0GrY
HGUlTXp6Q2YxjX2YNjyT7NBykbA53udja2z2u10j/2BKocaBf6eMOfBUYK4g9+mK
byZbcQjRsWqU+TwSNIioX6vnDaFbKonHcz/egHszF3c0GJyByc/Q39D1t/gRz+ow
NhgQUCL7xsQi9YAuMY5c0HKKzkoJKOluta5G1pawd3d8jQRg61P77OhzQE11gzNO
irJaW5Hax7DRDS5kXHil
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org