Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/5dYU9MpZnERsQ4h6U9dKO83WMVI.roa
File: 5dYU9MpZnERsQ4h6U9dKO83WMVI.roa (raw, json)
Hash identifier: 4lWAcpothaMOWtkAYCV8TU+o7olsW4Uf03GJFWYGUOg=
Subject key identifier: E5:D6:14:F4:CA:59:9C:44:6C:43:88:7A:53:D7:4A:3B:CD:D6:31:52
Certificate issuer: /CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Certificate serial: 01879E593D9DA03043016FC0EA8D64C251D5
Authority key identifier: EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/5dYU9MpZnERsQ4h6U9dKO83WMVI.roa
Signing time: Thu 20 Apr 2023 11:07:41 +0000
ROA not before: Thu 20 Apr 2023 11:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43529
IP address blocks: 94.248.192.0/19 maxlen: 19
79.121.64.0/21 maxlen: 21
94.248.128.0/19 maxlen: 19
79.121.88.0/21 maxlen: 21
46.251.16.0/20 maxlen: 20
94.248.240.0/21 maxlen: 21
79.121.0.0/18 maxlen: 18
2a03:bf00:200::/40 maxlen: 40
2a03:bf01::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:59:3d:9d:a0:30:43:01:6f:c0:ea:8d:64:c2:51:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef0efd5de78f93bcaead15e14c006edbbd1b5955
Validity
Not Before: Apr 20 11:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5d614f4ca599c446c43887a53d74a3bcdd63152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3e:43:34:12:56:71:4e:b8:4f:1a:43:0c:d0:
fd:58:13:36:86:d4:d2:f0:64:17:0e:67:31:97:45:
fc:ee:8f:5e:26:5e:55:82:c1:25:4c:97:a6:82:a5:
01:c6:13:9e:f5:12:94:57:18:b2:8d:82:8c:03:c9:
99:a4:94:fd:2c:49:4e:aa:80:ef:8a:00:c8:b2:48:
ae:a2:09:a2:80:4e:8d:a1:50:77:42:d2:71:a9:9f:
76:b6:19:a4:f4:9c:bd:b5:4e:9d:82:4b:44:8d:85:
94:6b:59:e4:79:86:46:a1:78:ce:26:b4:9f:9a:83:
5d:22:b7:d2:5e:78:db:51:c6:37:5a:f8:63:96:58:
01:97:9b:ab:0d:9b:fc:c3:ae:7b:76:7f:6e:dc:4f:
0c:af:ed:13:55:39:f4:86:c2:c6:cc:5d:d4:e2:db:
6f:e0:ce:d7:2e:58:07:0e:13:2c:8f:8b:38:23:13:
d2:af:48:85:c9:f6:35:9e:5e:14:75:d2:e9:f0:75:
42:a3:e7:24:f3:0a:f3:05:94:68:5a:64:56:3a:6e:
28:a0:b5:ae:da:9e:9d:c6:0f:e3:28:e1:02:cd:c0:
4c:2f:f4:f8:6f:59:0d:12:67:0c:6f:41:3d:de:37:
cb:1e:6e:99:a2:5c:36:cc:01:61:2f:75:5c:b7:5b:
04:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D6:14:F4:CA:59:9C:44:6C:43:88:7A:53:D7:4A:3B:CD:D6:31:52
X509v3 Authority Key Identifier:
keyid:EF:0E:FD:5D:E7:8F:93:BC:AE:AD:15:E1:4C:00:6E:DB:BD:1B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w79XeePk7yurRXhTABu270bWVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/5dYU9MpZnERsQ4h6U9dKO83WMVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/e0f9e6-d655-4377-8d09-ea86509c3b30/1/7w79XeePk7yurRXhTABu270bWVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.16.0/20
79.121.0.0-79.121.71.255
79.121.88.0/21
94.248.128.0/19
94.248.192.0/19
94.248.240.0/21
IPv6:
2a03:bf00:200::/40
2a03:bf01::/32
Signature Algorithm: sha256WithRSAEncryption
09:fa:ac:5f:0f:6a:6d:51:76:ff:95:fb:e4:4e:91:c6:dc:36:
4a:80:c5:f3:e8:13:ca:1d:da:74:70:e0:16:5a:dc:40:61:13:
ad:22:e6:40:b1:34:9c:9b:5a:95:c1:d2:87:e0:72:bc:43:5e:
25:61:3b:cb:9c:bb:8f:22:f5:e9:9c:3b:ff:af:b6:ed:6b:6d:
b0:7d:16:99:2f:e4:f0:ce:6b:b6:a2:33:c0:69:2b:0f:f6:29:
3f:c4:fe:90:f7:4e:8c:15:c4:2b:81:e3:59:0d:8f:99:89:6d:
d0:b0:6c:ce:dd:ce:93:67:8d:1f:e6:7c:ab:4a:d2:62:dd:7a:
52:0c:b6:23:28:13:f3:c9:18:20:45:01:2c:37:ea:ee:ad:d2:
2c:b8:00:29:87:1e:0e:98:79:51:c7:0e:5e:af:46:c5:55:4a:
4f:e0:9a:00:90:ca:4f:76:d0:68:5c:00:6b:16:5c:28:7c:f6:
0a:bc:38:67:d0:07:1c:1d:5d:ad:7b:03:57:64:a2:f7:e7:37:
ca:fb:f6:d2:ef:32:8c:e2:cf:5c:a5:63:2e:91:4c:df:a4:fa:
a7:0b:4a:bb:b3:6c:68:da:4e:1f:4f:45:c6:2b:72:67:e1:e9:
6e:f4:96:05:84:6e:09:dc:0d:4e:fe:16:17:f0:5a:26:09:1b:
8b:64:0f:f3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYeeWT2doDBDAW/A6o1kwlHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGVmZDVkZTc4ZjkzYmNhZWFkMTVlMTRjMDA2ZWRiYmQx
YjU5NTUwHhcNMjMwNDIwMTEwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQ2MTRmNGNhNTk5YzQ0NmM0Mzg4N2E1M2Q3NGEzYmNkZDYzMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4D5DNBJWcU64TxpDDND9WBM2htTS
8GQXDmcxl0X87o9eJl5VgsElTJemgqUBxhOe9RKUVxiyjYKMA8mZpJT9LElOqoDv
igDIskiuogmigE6NoVB3QtJxqZ92thmk9Jy9tU6dgktEjYWUa1nkeYZGoXjOJrSf
moNdIrfSXnjbUcY3WvhjllgBl5urDZv8w657dn9u3E8Mr+0TVTn0hsLGzF3U4ttv
4M7XLlgHDhMsj4s4IxPSr0iFyfY1nl4UddLp8HVCo+ck8wrzBZRoWmRWOm4ooLWu
2p6dxg/jKOECzcBML/T4b1kNEmcMb0E93jfLHm6Zolw2zAFhL3Vct1sEOwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOXWFPTKWZxEbEOIelPXSjvN1jFSMB8GA1UdIwQY
MBaAFO8O/V3nj5O8rq0V4UwAbtu9G1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDkt
ZWE4NjUwOWMzYjMwLzEvNWRZVTlNcFpuRVJzUTRoNlU5ZEtPODNXTVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lMGY5ZTYtZDY1NS00Mzc3LThkMDktZWE4NjUwOWMzYjMw
LzEvN3c3OVhlZVBrN3l1clJYaFRBQnUyNzBiV1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAxBAIAATArAwQELvsQMAsD
AwBPeQMEA095QAMEA095WAMEBV74gAMEBV74wAMEA1748DAVBAIAAjAPAwYAKgO/
AAIDBQAqA78BMA0GCSqGSIb3DQEBCwUAA4IBAQAJ+qxfD2ptUXb/lfvkTpHG3DZK
gMXz6BPKHdp0cOAWWtxAYROtIuZAsTScm1qVwdKH4HK8Q14lYTvLnLuPIvXpnDv/
r7bta22wfRaZL+Twzmu2ojPAaSsP9ik/xP6Q906MFcQrgeNZDY+ZiW3QsGzO3c6T
Z40f5nyrStJi3XpSDLYjKBPzyRggRQEsN+rurdIsuAAphx4OmHlRxw5er0bFVUpP
4JoAkMpPdtBoXABrFlwofPYKvDhn0AccHV2tewNXZKL35zfK+/bS7zKM4s9cpWMu
kUzfpPqnC0q7s2xo2k4fT0XGK3Jn4elu9JYFhG4J3A1O/hYX8FomCRuLZA/z
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:08 2024 by rpki-client on console.sobornost.net