Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/Diz8KNoGbmU9LebXlqYyxG-0vtE.roa
File: Diz8KNoGbmU9LebXlqYyxG-0vtE.roa (raw, json)
Hash identifier: QR9UlRpv/zefVfZklaQZFBmsjdrmipHuqWLa7FID6G8=
Subject key identifier: 0E:2C:FC:28:DA:06:6E:65:3D:2D:E6:D7:96:A6:32:C4:6F:B4:BE:D1
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018571278E943436FAFB92BF49CD998429D0
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/Diz8KNoGbmU9LebXlqYyxG-0vtE.roa
Signing time: Mon 02 Jan 2023 06:24:55 +0000
ROA not before: Mon 02 Jan 2023 06:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 185.123.53.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:8e:94:34:36:fa:fb:92:bf:49:cd:99:84:29:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Jan 2 06:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e2cfc28da066e653d2de6d796a632c46fb4bed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:21:f8:26:c6:fc:a0:96:1e:ab:a8:8c:08:
d7:72:8e:1d:29:66:ae:89:6f:c9:98:9f:e5:a6:60:
6f:51:85:3e:9d:a5:e8:46:29:91:13:8b:93:97:25:
0b:40:96:ee:e2:77:64:8a:72:25:44:27:72:e3:15:
54:35:c3:bc:30:2c:56:d0:0d:2c:c5:90:a7:51:f8:
a1:46:85:26:de:b9:cd:6b:22:d4:eb:4a:35:a0:a3:
5d:3d:5e:a7:6d:6d:a3:4e:f1:07:04:c4:9e:77:24:
46:6e:00:b1:e0:65:76:6e:86:a8:50:3c:c8:52:09:
1f:be:71:a7:bb:19:50:71:0a:08:05:98:09:ae:df:
a2:ba:12:cf:30:6b:ee:85:6b:53:47:ca:81:12:49:
cb:9f:97:5c:ec:f6:dc:0b:d0:f3:ed:2c:11:43:7f:
04:18:46:09:8f:a5:14:c7:57:f4:df:01:d7:82:1e:
dc:5f:d2:71:0b:e8:73:c3:f0:f1:08:f6:e2:bf:5b:
f5:11:e9:4c:99:82:af:28:5b:52:b1:86:06:d0:dc:
52:51:61:b1:b2:39:95:ac:f6:a3:d8:b5:a0:01:30:
d8:87:11:93:50:a9:c4:ee:28:cb:f7:b2:93:eb:c3:
66:0d:e3:9f:0d:fe:27:51:9c:0b:35:48:16:e9:92:
c9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2C:FC:28:DA:06:6E:65:3D:2D:E6:D7:96:A6:32:C4:6F:B4:BE:D1
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/Diz8KNoGbmU9LebXlqYyxG-0vtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.53.0/24
193.109.120.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:3:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:5::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/48
2a10:1fc0:b::/48
2a10:1fc0:10::/48
Signature Algorithm: sha256WithRSAEncryption
8f:d3:86:81:2c:76:fe:a1:ca:df:25:c6:d8:57:a2:7c:f7:ee:
be:2e:2f:03:81:e9:a3:d1:97:47:7e:d5:d9:8b:82:da:36:c4:
72:72:27:99:a4:88:ea:5e:8e:ef:3f:35:08:63:8f:80:25:53:
7b:f9:9a:fa:c7:0d:b2:11:48:16:e2:6b:2a:e1:0b:8d:2d:6a:
df:18:9b:0e:5f:0b:f6:71:f6:85:b4:a8:1a:82:be:3e:46:e0:
e5:f5:7f:7e:2c:d9:10:1f:40:ab:96:9e:1c:53:01:cd:aa:a8:
2f:da:21:54:3f:49:38:93:13:ec:6a:b1:6e:73:46:d1:1f:5e:
b1:79:b3:8f:de:89:b9:b4:64:de:c8:4e:cb:34:d7:1d:cc:95:
46:a7:8f:4f:cd:06:21:6e:c7:0d:f6:f2:ff:d5:f9:2c:ee:7f:
92:96:85:51:5e:e0:77:5c:d0:62:67:b5:9b:8a:3e:d9:76:f6:
be:24:0f:8a:4c:ba:5d:2d:20:9d:ed:df:3a:4a:b0:70:6d:6b:
5f:26:24:4c:f8:ff:09:48:13:fa:98:d8:42:46:b4:6f:54:df:
e0:fe:fd:f5:22:a3:68:cc:4a:ac:c0:84:1e:bd:ec:b1:8d:7f:
27:70:ca:89:37:f1:68:35:18:e0:c2:0c:7a:b7:99:4e:04:75:
4d:54:b9:75
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVxJ46UNDb6+5K/Sc2ZhCnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjMwMTAyMDYyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJjZmMyOGRhMDY2ZTY1M2QyZGU2ZDc5NmE2MzJjNDZmYjRiZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13Qh+CbG/KCWHquojAjXco4dKWau
iW/JmJ/lpmBvUYU+naXoRimRE4uTlyULQJbu4ndkinIlRCdy4xVUNcO8MCxW0A0s
xZCnUfihRoUm3rnNayLU60o1oKNdPV6nbW2jTvEHBMSedyRGbgCx4GV2boaoUDzI
UgkfvnGnuxlQcQoIBZgJrt+iuhLPMGvuhWtTR8qBEknLn5dc7PbcC9Dz7SwRQ38E
GEYJj6UUx1f03wHXgh7cX9JxC+hzw/DxCPbiv1v1EelMmYKvKFtSsYYG0NxSUWGx
sjmVrPaj2LWgATDYhxGTUKnE7ijL97KT68NmDeOfDf4nUZwLNUgW6ZLJbQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFA4s/CjaBm5lPS3m15amMsRvtL7RMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvRGl6OEtOb0dibVU5TGViWGxxWXl4Ry0wdnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzASBAIAATAMAwQAuXs1AwQA
wW14MEkEAgACMEMwEgMHACoQH8AAAQMHAioQH8AAADASAwcAKhAfwAAFAwcAKhAf
wAAGAwcAKhAfwAAIAwcAKhAfwAALAwcAKhAfwAAQMA0GCSqGSIb3DQEBCwUAA4IB
AQCP04aBLHb+ocrfJcbYV6J89+6+Li8Dgemj0ZdHftXZi4LaNsRycieZpIjqXo7v
PzUIY4+AJVN7+Zr6xw2yEUgW4msq4QuNLWrfGJsOXwv2cfaFtKgagr4+RuDl9X9+
LNkQH0Crlp4cUwHNqqgv2iFUP0k4kxPsarFuc0bRH16xebOP3om5tGTeyE7LNNcd
zJVGp49PzQYhbscN9vL/1fks7n+SloVRXuB3XNBiZ7Wbij7Zdva+JA+KTLpdLSCd
7d86SrBwbWtfJiRM+P8JSBP6mNhCRrRvVN/g/v31IqNozEqswIQeveyxjX8ncMqJ
N/FoNRjgwgx6t5lOBHVNVLl1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:49 2023 by rpki-client on console-fra.rpki-client.org