Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/aDoTFYDsdnYLgMqfp_-y9IMB5mo.roa
File: aDoTFYDsdnYLgMqfp_-y9IMB5mo.roa (raw, json)
Hash identifier: c/MfSoaq3NuDK6yOKqNO44XfZutsc3lHfEvbeUePUbI=
Subject key identifier: 68:3A:13:15:80:EC:76:76:0B:80:CA:9F:A7:FF:B2:F4:83:01:E6:6A
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018804D24602E63F572DE7F210E7806A105F
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/aDoTFYDsdnYLgMqfp_-y9IMB5mo.roa
Signing time: Wed 10 May 2023 08:41:09 +0000
ROA not before: Wed 10 May 2023 08:41:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206487
IP address blocks: 89.140.16.0/23 maxlen: 24
5.40.106.0/24 maxlen: 24
62.82.158.0/24 maxlen: 24
5.40.136.0/24 maxlen: 24
5.40.138.0/24 maxlen: 24
5.40.149.0/24 maxlen: 24
5.40.156.0/24 maxlen: 24
5.40.80.0/23 maxlen: 24
5.40.85.0/24 maxlen: 24
62.174.66.0/24 maxlen: 24
62.175.252.0/24 maxlen: 24
62.175.253.0/24 maxlen: 24
95.39.61.0/24 maxlen: 24
5.40.18.0/24 maxlen: 24
62.82.50.0/24 maxlen: 24
5.40.244.0/24 maxlen: 24
5.40.253.0/24 maxlen: 24
5.40.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:d2:46:02:e6:3f:57:2d:e7:f2:10:e7:80:6a:10:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: May 10 08:41:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=683a131580ec76760b80ca9fa7ffb2f48301e66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0a:88:31:fc:21:07:ae:6d:f9:1f:62:0a:21:
1e:20:bf:ff:8f:ff:9e:38:ad:ce:3e:61:eb:eb:1d:
12:01:04:8c:00:43:31:1b:97:9f:a5:1c:49:96:28:
71:da:64:c5:23:33:4e:75:1e:b4:28:c3:f3:f4:a5:
e1:c7:0e:39:d8:6e:e6:92:c8:54:a6:d6:d0:f1:19:
cd:71:c3:07:d3:f6:fd:5f:53:6c:fd:53:20:c2:ff:
95:5f:51:cb:07:1b:4a:dc:74:68:4c:58:b0:c5:32:
3f:31:be:e4:51:5b:9a:bf:3e:19:2e:b2:42:78:a3:
21:6c:ab:bd:69:42:7a:bc:2d:67:c3:db:43:9f:16:
56:b7:37:fb:ac:a1:bc:af:43:af:f3:16:e6:5b:ac:
a4:b2:e9:25:e1:6e:09:0d:f4:76:d9:29:e7:d5:e6:
7d:4d:e1:67:96:7c:5a:69:f8:c6:bb:db:39:47:16:
b4:1e:92:df:d3:5a:ea:74:fa:fe:5f:29:55:fa:3b:
eb:98:33:79:20:49:90:0d:49:f6:31:0f:bf:a2:98:
18:3c:ff:e8:5f:95:2c:03:d0:2d:7f:ae:d9:4b:e6:
d6:b5:6b:af:30:28:d2:8a:33:34:0a:01:91:f0:7e:
f1:71:d9:58:bc:f4:6c:3c:25:35:69:75:51:77:41:
0b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3A:13:15:80:EC:76:76:0B:80:CA:9F:A7:FF:B2:F4:83:01:E6:6A
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/aDoTFYDsdnYLgMqfp_-y9IMB5mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.18.0/24
5.40.41.0/24
5.40.80.0/23
5.40.85.0/24
5.40.106.0/24
5.40.136.0/24
5.40.138.0/24
5.40.149.0/24
5.40.156.0/24
5.40.244.0/24
5.40.253.0/24
62.82.50.0/24
62.82.158.0/24
62.174.66.0/24
62.175.252.0/23
89.140.16.0/23
95.39.61.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a7:3a:47:04:c2:8d:16:0f:0a:d7:3c:7a:30:08:a3:f9:68:
51:93:d8:f4:3d:9e:c1:db:0b:32:9c:f8:58:51:08:08:09:84:
91:51:76:ec:a0:6a:f3:18:d2:f4:d6:4a:2e:ab:2a:ff:91:d5:
d2:a0:64:4a:e4:f6:32:b6:92:e6:d3:f4:1c:d6:a6:b7:ef:49:
b3:40:6a:aa:96:23:17:d8:d0:f9:b5:22:6e:d4:75:d1:5f:7e:
e5:22:b7:26:f7:74:e0:dd:09:b8:56:06:10:57:58:70:69:c3:
96:27:29:c1:3d:d2:f8:be:65:c1:e3:c6:76:03:84:80:5f:58:
5e:00:66:19:05:a1:af:a2:ba:83:d6:38:f0:5c:c1:63:72:9f:
97:49:1b:e8:df:dc:1c:6d:b1:78:7e:bf:5f:bb:a9:4f:2a:ce:
b8:69:0b:85:89:4d:d5:9b:27:ae:5f:ca:61:8e:be:97:75:ed:
21:2f:cc:1b:95:44:34:c3:ac:d4:9b:12:92:e3:dd:4f:b9:cd:
ab:0e:a1:5f:d7:3d:0d:3d:b3:35:64:c8:57:04:dd:c1:e0:99:
3d:ba:8f:82:b9:dd:3e:84:a8:1b:29:9c:e2:a3:a4:88:13:a0:
1a:ec:bf:61:94:f6:13:56:63:bc:05:47:78:b2:07:72:96:fd:
27:4d:b4:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYgE0kYC5j9XLefyEOeAahBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwNTEwMDg0MTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNhMTMxNTgwZWM3Njc2MGI4MGNhOWZhN2ZmYjJmNDgzMDFlNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgqIMfwhB65t+R9iCiEeIL//j/+e
OK3OPmHr6x0SAQSMAEMxG5efpRxJlihx2mTFIzNOdR60KMPz9KXhxw452G7mkshU
ptbQ8RnNccMH0/b9X1Ns/VMgwv+VX1HLBxtK3HRoTFiwxTI/Mb7kUVuavz4ZLrJC
eKMhbKu9aUJ6vC1nw9tDnxZWtzf7rKG8r0Ov8xbmW6yksukl4W4JDfR22Snn1eZ9
TeFnlnxaafjGu9s5Rxa0HpLf01rqdPr+XylV+jvrmDN5IEmQDUn2MQ+/opgYPP/o
X5UsA9Atf67ZS+bWtWuvMCjSijM0CgGR8H7xcdlYvPRsPCU1aXVRd0ELMQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGg6ExWA7HZ2C4DKn6f/svSDAeZqMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvYURvVEZZRHNkbllMZ01xZnBfLXk5SU1CNW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABSgSAwQA
BSgpAwQBBShQAwQABShVAwQABShqAwQABSiIAwQABSiKAwQABSiVAwQABSicAwQA
BSj0AwQABSj9AwQAPlIyAwQAPlKeAwQAPq5CAwQBPq/8AwQBWYwQAwQAXyc9MA0G
CSqGSIb3DQEBCwUAA4IBAQAWpzpHBMKNFg8K1zx6MAij+WhRk9j0PZ7B2wsynPhY
UQgICYSRUXbsoGrzGNL01kouqyr/kdXSoGRK5PYytpLm0/Qc1qa370mzQGqqliMX
2ND5tSJu1HXRX37lIrcm93Tg3Qm4VgYQV1hwacOWJynBPdL4vmXB48Z2A4SAX1he
AGYZBaGvorqD1jjwXMFjcp+XSRvo39wcbbF4fr9fu6lPKs64aQuFiU3VmyeuX8ph
jr6Xde0hL8wblUQ0w6zUmxKS491Puc2rDqFf1z0NPbM1ZMhXBN3B4Jk9uo+Cud0+
hKgbKZzio6SIE6Aa7L9hlPYTVmO8BUd4sgdylv0nTbRD
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org