Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/A39eb_OrFwUzsYHlIbISbEgGyhc.roa
File: A39eb_OrFwUzsYHlIbISbEgGyhc.roa (raw, json)
Hash identifier: vGPa6p/o2c5Fhe0MO6BaQA+UJOHwHBlVq5fOaoIJwxE=
Subject key identifier: 03:7F:5E:6F:F3:AB:17:05:33:B1:81:E5:21:B2:12:6C:48:06:CA:17
Certificate issuer: /CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Certificate serial: 0185729ED948F3A2E2794B74053C68932EAB
Authority key identifier: 14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/A39eb_OrFwUzsYHlIbISbEgGyhc.roa
Signing time: Mon 02 Jan 2023 13:14:50 +0000
ROA not before: Mon 02 Jan 2023 13:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21396
IP address blocks: 141.0.208.0/20 maxlen: 24
80.249.96.0/20 maxlen: 24
5.182.220.0/22 maxlen: 24
5.182.220.0/24 maxlen: 24
2a02:68::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d9:48:f3:a2:e2:79:4b:74:05:3c:68:93:2e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14e282cf616284b58f85ec43e54c90bf9594e49c
Validity
Not Before: Jan 2 13:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=037f5e6ff3ab170533b181e521b2126c4806ca17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dd:f7:59:ff:cc:6e:7f:01:59:a4:93:50:75:
d5:21:3b:4a:7a:67:a3:f4:22:37:d9:bf:07:53:e5:
06:f5:e2:47:d4:21:8d:6c:55:c2:0b:cc:5d:9f:be:
01:47:72:cf:33:72:8d:56:d6:52:97:4e:2f:c4:60:
91:00:83:45:4a:10:8a:18:2c:02:6b:43:7e:c5:9e:
c3:70:97:f5:b1:8b:0b:33:6f:e3:bb:26:d2:fb:01:
05:07:ae:07:dd:e9:ae:56:56:9b:8b:b2:26:fd:86:
31:c6:e1:86:82:10:a4:d5:39:94:10:b4:8a:fc:c8:
f5:cb:2b:72:d5:a7:5f:e1:16:ee:45:2c:63:56:d7:
d2:9e:44:3c:6e:7b:9a:12:9d:ee:d8:63:db:1c:ed:
62:d4:e2:c5:dc:37:e5:76:77:e5:03:e4:b6:a1:a3:
f4:a5:a5:07:62:04:10:d4:9a:80:e0:ed:02:d6:b3:
41:24:16:56:42:e3:9a:ed:c2:0a:e2:d3:2e:fb:7b:
10:c1:f1:fc:f7:fa:35:7f:ce:9b:83:29:68:ef:60:
2c:29:d3:d0:f5:bc:bf:58:8c:08:c8:07:48:7c:01:
e4:88:be:2e:29:ae:56:cc:27:69:69:8d:01:10:59:
9a:ae:33:01:27:3f:8d:a8:8d:d9:5d:70:c9:1c:3d:
4f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7F:5E:6F:F3:AB:17:05:33:B1:81:E5:21:B2:12:6C:48:06:CA:17
X509v3 Authority Key Identifier:
keyid:14:E2:82:CF:61:62:84:B5:8F:85:EC:43:E5:4C:90:BF:95:94:E4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FOKCz2FihLWPhexD5UyQv5WU5Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/A39eb_OrFwUzsYHlIbISbEgGyhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c8d8ad-cd72-419b-973f-56094fd6cc6c/1/FOKCz2FihLWPhexD5UyQv5WU5Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.220.0/22
80.249.96.0/20
141.0.208.0/20
IPv6:
2a02:68::/29
Signature Algorithm: sha256WithRSAEncryption
3f:d2:06:f1:29:87:fc:5b:99:43:13:69:41:d6:e5:30:d2:09:
fe:fe:5b:51:95:18:5d:9f:5f:4e:a3:22:26:e8:5e:d2:f3:30:
3b:b9:7b:c3:8c:e0:af:5d:48:e3:e2:79:01:70:03:71:d7:5e:
74:cb:db:16:36:d5:a5:81:e5:30:2d:5c:1f:d7:ce:3e:8f:1a:
b5:ac:bb:be:50:3d:d2:8a:ed:4b:b8:4c:4e:06:68:8d:06:f9:
f0:24:3a:68:bc:e3:f9:43:db:da:e1:b8:53:7a:d8:9e:0a:54:
e7:0b:72:2a:82:31:9c:93:ec:24:ee:e0:40:67:47:c5:03:8c:
26:db:58:1a:43:fd:e7:26:37:c0:9d:f6:17:9f:1a:7b:4d:7f:
08:c5:60:a5:ce:88:03:07:fa:41:7d:f7:4f:b6:30:8d:43:3f:
40:ac:7c:bc:b7:80:a6:df:fe:71:98:a7:4e:1a:1e:e9:72:e4:
62:ad:96:90:81:25:ab:9b:9c:82:a8:7d:99:ef:3d:39:f2:c2:
21:9b:10:1d:4c:99:5d:2f:ef:18:84:90:34:f1:cd:83:ec:98:
8b:70:7b:cc:3c:d4:e9:6e:76:af:6e:cb:45:bd:00:f7:b2:64:
33:b7:2e:48:b2:d5:5b:82:54:c0:b0:f4:bc:27:21:d3:57:c4:
22:05:e8:3f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyntlI86LieUt0BTxoky6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZTI4MmNmNjE2Mjg0YjU4Zjg1ZWM0M2U1NGM5MGJmOTU5
NGU0OWMwHhcNMjMwMTAyMTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzdmNWU2ZmYzYWIxNzA1MzNiMTgxZTUyMWIyMTI2YzQ4MDZjYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd33Wf/Mbn8BWaSTUHXVITtKemej
9CI32b8HU+UG9eJH1CGNbFXCC8xdn74BR3LPM3KNVtZSl04vxGCRAINFShCKGCwC
a0N+xZ7DcJf1sYsLM2/juybS+wEFB64H3emuVlabi7Im/YYxxuGGghCk1TmUELSK
/Mj1yyty1adf4RbuRSxjVtfSnkQ8bnuaEp3u2GPbHO1i1OLF3DfldnflA+S2oaP0
paUHYgQQ1JqA4O0C1rNBJBZWQuOa7cIK4tMu+3sQwfH89/o1f86bgylo72AsKdPQ
9by/WIwIyAdIfAHkiL4uKa5WzCdpaY0BEFmarjMBJz+NqI3ZXXDJHD1PbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAN/Xm/zqxcFM7GB5SGyEmxIBsoXMB8GA1UdIwQY
MBaAFBTigs9hYoS1j4XsQ+VMkL+VlOScMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk9LQ3oyRmloTFdQaGV4RDVVeVF2NVdVNUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jOGQ4YWQtY2Q3Mi00MTliLTk3M2Yt
NTYwOTRmZDZjYzZjLzEvQTM5ZWJfT3JGd1V6c1lIbEliSVNiRWdHeWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jOGQ4YWQtY2Q3Mi00MTliLTk3M2YtNTYwOTRmZDZjYzZj
LzEvRk9LQ3oyRmloTFdQaGV4RDVVeVF2NVdVNUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbbcAwQE
UPlgAwQEjQDQMA0EAgACMAcDBQMqAgBoMA0GCSqGSIb3DQEBCwUAA4IBAQA/0gbx
KYf8W5lDE2lB1uUw0gn+/ltRlRhdn19OoyIm6F7S8zA7uXvDjOCvXUjj4nkBcANx
1150y9sWNtWlgeUwLVwf184+jxq1rLu+UD3Siu1LuExOBmiNBvnwJDpovOP5Q9va
4bhTetieClTnC3IqgjGck+wk7uBAZ0fFA4wm21gaQ/3nJjfAnfYXnxp7TX8IxWCl
zogDB/pBffdPtjCNQz9ArHy8t4Cm3/5xmKdOGh7pcuRirZaQgSWrm5yCqH2Z7z05
8sIhmxAdTJldL+8YhJA08c2D7JiLcHvMPNTpbnavbstFvQD3smQzty5IstVbglTA
sPS8JyHTV8QiBeg/
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:32 2024 by rpki-client on console-ams.rpki-client.org