Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/KHlUGwh1L-rccef10IszyOWaHBQ.roa
File: KHlUGwh1L-rccef10IszyOWaHBQ.roa (raw, json)
Hash identifier: UcglsuYB5GRFBnz8dT1Mc0oEpUan2GHXP9fmT8jMUlE=
Subject key identifier: 28:79:54:1B:08:75:2F:EA:DC:71:E7:F5:D0:8B:33:C8:E5:9A:1C:14
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 01874621364945958712586793779B5FC3CB
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/KHlUGwh1L-rccef10IszyOWaHBQ.roa
Signing time: Mon 03 Apr 2023 07:59:54 +0000
ROA not before: Mon 03 Apr 2023 07:59:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 185.123.53.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:21:36:49:45:95:87:12:58:67:93:77:9b:5f:c3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Apr 3 07:59:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2879541b08752feadc71e7f5d08b33c8e59a1c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:35:c2:fe:12:5f:81:28:37:45:e7:3b:d8:5b:
10:aa:70:2e:19:86:8f:55:b6:09:24:ee:0e:74:0c:
8e:08:11:b4:fe:e8:42:22:ed:8e:00:42:e5:82:dc:
da:5e:17:47:c7:5a:27:93:74:7d:c7:23:40:c7:ef:
ee:f7:9d:5c:b6:ed:bb:ba:b6:1b:c1:bc:bd:60:f0:
da:c0:ad:bc:8a:ff:43:f9:a7:95:ed:e2:63:0a:ee:
60:e2:99:20:82:1c:3e:47:5b:2c:96:20:6b:8e:ee:
f4:6e:ad:3c:74:03:00:a5:e7:3a:ef:58:d5:b0:34:
bb:bc:ec:76:ff:88:a6:83:29:8b:de:ea:84:1f:61:
b6:b7:e9:af:66:ce:3f:78:42:07:4d:2c:44:1d:11:
75:93:cd:89:2e:ec:92:31:db:a8:7e:d3:a8:e7:26:
6a:f0:f6:8a:ba:30:1c:9e:26:df:ec:79:dd:a1:36:
9e:e2:d4:c8:8c:ec:f4:3f:dc:8c:5f:7f:0c:96:4a:
be:57:69:54:c1:9f:6c:f1:7d:a5:68:f5:bb:9f:8a:
35:bd:a3:03:54:27:1f:80:dd:d9:0d:17:05:79:7d:
36:ea:ea:71:b6:77:5b:ed:16:51:48:ea:04:6e:43:
e5:10:7d:c2:ac:cc:6a:ce:c9:9a:51:2e:ec:46:e2:
b3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:79:54:1B:08:75:2F:EA:DC:71:E7:F5:D0:8B:33:C8:E5:9A:1C:14
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/KHlUGwh1L-rccef10IszyOWaHBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.234.0/24
185.39.18.0/24
185.123.53.0/24
193.109.120.0/24
194.61.120.0/23
IPv6:
2a10:1fc0:1::-2a10:1fc0:3:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:5::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/48
2a10:1fc0:b::-2a10:1fc0:c:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:e::-2a10:1fc0:10:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:a7:7c:61:5b:c6:77:99:3a:a0:79:96:2a:b6:6d:9f:1d:b6:
62:7a:31:30:f6:d5:12:32:e1:b8:ed:79:51:77:17:67:0a:a7:
f3:0b:31:5a:f2:81:8e:96:5a:0e:f2:c4:e9:3a:98:44:7b:30:
c9:a2:e6:0d:bd:38:6d:ec:b1:46:93:26:35:07:dc:3e:05:ea:
1f:e9:96:e3:b6:22:55:51:7f:c9:81:23:fe:fc:51:b2:7a:66:
f5:7b:64:f6:a5:1f:d6:d7:fe:e2:68:3a:e9:01:f9:fd:5d:15:
af:99:36:66:ae:03:d8:95:98:05:b2:86:70:eb:27:61:ee:e6:
9b:2c:85:cc:05:2c:82:85:b8:84:13:26:e8:b6:d6:59:3d:30:
65:3f:f2:b1:07:a7:6b:de:be:ee:50:b5:04:99:86:9f:c9:5b:
80:19:f6:34:e2:db:f2:10:30:30:81:ee:dd:18:06:34:08:99:
f6:ee:c0:26:74:18:8c:32:f0:55:77:24:d4:04:d3:90:7d:ac:
30:cb:c9:c6:4a:18:1b:19:a1:ef:f6:d4:d7:ce:a8:d3:7a:34:
93:9b:e4:62:1e:18:58:53:5b:8f:a3:86:a3:f6:84:27:8f:09:
79:05:3e:2d:28:11:12:b4:cb:03:e6:8c:61:25:73:b0:96:81:
74:a5:55:ec
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYdGITZJRZWHElhnk3ebX8PLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjMwNDAzMDc1OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc5NTQxYjA4NzUyZmVhZGM3MWU3ZjVkMDhiMzNjOGU1OWExYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjXC/hJfgSg3Rec72FsQqnAuGYaP
VbYJJO4OdAyOCBG0/uhCIu2OAELlgtzaXhdHx1onk3R9xyNAx+/u951ctu27urYb
wby9YPDawK28iv9D+aeV7eJjCu5g4pkgghw+R1ssliBrju70bq08dAMApec671jV
sDS7vOx2/4imgymL3uqEH2G2t+mvZs4/eEIHTSxEHRF1k82JLuySMduoftOo5yZq
8PaKujAcnibf7HndoTae4tTIjOz0P9yMX38Mlkq+V2lUwZ9s8X2laPW7n4o1vaMD
VCcfgN3ZDRcFeX026upxtndb7RZRSOoEbkPlEH3CrMxqzsmaUS7sRuKzSwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCh5VBsIdS/q3HHn9dCLM8jlmhwUMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvS0hsVUd3aDFMLXJjY2VmMTBJc3p5T1dhSEJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzAkBAIAATAeAwQAW+vq
AwQAuScSAwQAuXs1AwQAwW14AwQBwj14MF8EAgACMFkwEgMHACoQH8AAAQMHAioQ
H8AAADASAwcAKhAfwAAFAwcAKhAfwAAGAwcAKhAfwAAIMBIDBwAqEB/AAAsDBwAq
EB/AAAwwEgMHASoQH8AADgMHACoQH8AAEDANBgkqhkiG9w0BAQsFAAOCAQEAHKd8
YVvGd5k6oHmWKrZtnx22YnoxMPbVEjLhuO15UXcXZwqn8wsxWvKBjpZaDvLE6TqY
RHswyaLmDb04beyxRpMmNQfcPgXqH+mW47YiVVF/yYEj/vxRsnpm9Xtk9qUf1tf+
4mg66QH5/V0Vr5k2Zq4D2JWYBbKGcOsnYe7mmyyFzAUsgoW4hBMm6LbWWT0wZT/y
sQena96+7lC1BJmGn8lbgBn2NOLb8hAwMIHu3RgGNAiZ9u7AJnQYjDLwVXck1ATT
kH2sMMvJxkoYGxmh7/bU186o03o0k5vkYh4YWFNbj6OGo/aEJ48JeQU+LSgRErTL
A+aMYSVzsJaBdKVV7A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-ams.rpki-client.org