Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ReHJPAEEXDPzi7isUopW-ILQvDU.roa
File: ReHJPAEEXDPzi7isUopW-ILQvDU.roa (raw, json)
Hash identifier: dQo7T7IN4Rm20GDqxOtudLMftL7vdU69l4f1bkWSYsY=
Subject key identifier: 45:E1:C9:3C:01:04:5C:33:F3:8B:B8:AC:52:8A:56:F8:82:D0:BC:35
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018748A65B21613395A2D3E537EB77A894AB
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ReHJPAEEXDPzi7isUopW-ILQvDU.roa
Signing time: Mon 03 Apr 2023 19:44:34 +0000
ROA not before: Mon 03 Apr 2023 19:44:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 5.35.192.0/21 maxlen: 24
62.112.0.0/21 maxlen: 24
89.37.128.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:a6:5b:21:61:33:95:a2:d3:e5:37:eb:77:a8:94:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 3 19:44:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45e1c93c01045c33f38bb8ac528a56f882d0bc35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1a:74:f5:ab:a8:1d:bb:39:d3:1d:f7:0c:05:
a0:dd:ec:0f:86:03:13:41:cd:c2:b4:76:2c:47:de:
cc:9d:33:61:e4:24:c4:45:0d:91:c3:27:7b:e2:f6:
a5:b8:8e:fe:12:b6:35:c0:48:73:da:54:77:78:67:
02:0f:cf:67:1c:bb:f8:58:35:15:12:f1:b6:d2:4c:
b8:1a:d1:e7:1c:0b:98:7c:47:5a:e3:ef:0b:97:0a:
c1:b9:9b:e9:f6:0f:f4:3e:ac:e9:9d:7d:11:c9:a9:
a9:70:2b:ff:53:d6:9d:53:e5:96:10:0a:8e:44:2b:
e3:2d:52:90:6b:43:51:bb:dc:e6:21:50:95:bb:b4:
f9:6d:fb:80:2e:14:9f:39:9b:e8:f8:b0:4d:d8:55:
cb:de:b6:00:94:86:84:f7:8b:46:a0:59:80:1b:7b:
ce:7b:79:f4:37:cf:f2:42:7c:74:e3:39:6b:72:e1:
f2:23:66:f6:9e:99:82:d2:13:f1:82:b4:b8:e6:57:
89:a4:61:7e:38:30:43:51:7e:12:53:32:03:2d:e6:
57:a6:58:63:10:fd:94:a2:cd:1c:be:64:b3:2b:b4:
f2:c1:94:d8:73:cc:04:9f:c4:4c:a7:f1:48:7d:8b:
1c:34:99:63:59:77:ce:c7:9f:cb:b2:60:1f:b3:c6:
1e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E1:C9:3C:01:04:5C:33:F3:8B:B8:AC:52:8A:56:F8:82:D0:BC:35
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/ReHJPAEEXDPzi7isUopW-ILQvDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
89.37.128.0/24
176.223.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:b8:fb:c6:97:c5:f1:f2:ff:de:58:8d:03:62:cb:72:16:24:
2e:52:a1:cd:7d:88:13:63:e5:6e:1a:53:1e:a5:1e:3d:fd:93:
17:1f:5c:6e:6c:7d:a8:b2:83:f6:f7:d9:77:b1:ed:3a:70:f5:
c6:0d:6c:24:6b:c4:3d:2a:cb:7b:82:c5:4b:8d:4a:bb:24:f6:
a0:de:ed:1b:68:7a:e8:48:d6:3c:25:2c:73:e4:bf:5e:5b:42:
d8:ff:11:5a:e3:08:0e:db:1b:0c:d6:08:80:1e:b8:9f:7d:21:
a0:eb:51:eb:55:27:ed:f8:df:81:5b:5b:fd:e7:5b:fb:95:69:
d1:d6:27:e3:42:1a:20:6d:44:3c:0b:b2:2a:2a:d7:56:eb:85:
c3:44:9c:24:11:4c:a0:fe:d2:fb:cf:b9:fa:51:1a:b5:20:04:
ce:b3:86:be:bb:12:36:e5:71:dc:8d:9d:7f:9d:3e:73:e9:b5:
48:d1:f6:9d:3f:6c:65:9d:7e:12:a8:67:db:be:fb:73:81:ed:
55:54:9a:02:e7:7e:f0:70:4a:56:4a:0a:1d:d4:0c:82:0b:fd:
62:3f:ca:6a:d4:d6:c3:a2:57:a1:bf:97:70:b9:e8:11:92:40:
16:4f:be:fe:91:32:fa:9d:e1:01:d5:ae:0d:fd:38:d0:2a:79:
03:89:e8:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdIplshYTOVotPlN+t3qJSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDAzMTk0NDM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWUxYzkzYzAxMDQ1YzMzZjM4YmI4YWM1MjhhNTZmODgyZDBiYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxp09auoHbs50x33DAWg3ewPhgMT
Qc3CtHYsR97MnTNh5CTERQ2Rwyd74valuI7+ErY1wEhz2lR3eGcCD89nHLv4WDUV
EvG20ky4GtHnHAuYfEda4+8LlwrBuZvp9g/0PqzpnX0RyampcCv/U9adU+WWEAqO
RCvjLVKQa0NRu9zmIVCVu7T5bfuALhSfOZvo+LBN2FXL3rYAlIaE94tGoFmAG3vO
e3n0N8/yQnx04zlrcuHyI2b2npmC0hPxgrS45leJpGF+ODBDUX4SUzIDLeZXplhj
EP2Uos0cvmSzK7TywZTYc8wEn8RMp/FIfYscNJljWXfOx5/LsmAfs8YelQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEXhyTwBBFwz84u4rFKKVviC0Lw1MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUmVISlBBRUVYRFB6aTdpc1VvcFctSUxRdkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSPAAwQD
PnAAAwQAWSWAAwQAsN++MA0GCSqGSIb3DQEBCwUAA4IBAQCOuPvGl8Xx8v/eWI0D
YstyFiQuUqHNfYgTY+VuGlMepR49/ZMXH1xubH2osoP299l3se06cPXGDWwka8Q9
Kst7gsVLjUq7JPag3u0baHroSNY8JSxz5L9eW0LY/xFa4wgO2xsM1giAHriffSGg
61HrVSft+N+BW1v951v7lWnR1ifjQhogbUQ8C7IqKtdW64XDRJwkEUyg/tL7z7n6
URq1IATOs4a+uxI25XHcjZ1/nT5z6bVI0fadP2xlnX4SqGfbvvtzge1VVJoC537w
cEpWSgod1AyCC/1iP8pq1NbDolehv5dwuegRkkAWT77+kTL6neEB1a4N/TjQKnkD
ieja
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org