Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/53e7U5F6FpewZEXf0aX9PUUxRzo.roa
File: 53e7U5F6FpewZEXf0aX9PUUxRzo.roa (raw, json)
Hash identifier: +n7LN9oEn9pn0DgJcBqWc/cn2/QyD9AdzAdZ6zP2TrQ=
Subject key identifier: E7:77:BB:53:91:7A:16:97:B0:64:45:DF:D1:A5:FD:3D:45:31:47:3A
Certificate issuer: /CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Certificate serial: 01856F020DCF17065F2906B0EF28AECF5A16
Authority key identifier: 1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/53e7U5F6FpewZEXf0aX9PUUxRzo.roa
Signing time: Sun 01 Jan 2023 20:24:43 +0000
ROA not before: Sun 01 Jan 2023 20:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16205
IP address blocks: 178.249.24.0/21 maxlen: 21
81.201.144.0/20 maxlen: 20
185.75.184.0/22 maxlen: 22
31.210.160.0/21 maxlen: 21
217.18.176.0/20 maxlen: 20
176.52.200.0/21 maxlen: 21
2a00:8180::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Sep 2023 08:13:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:0d:cf:17:06:5f:29:06:b0:ef:28:ae:cf:5a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c88af2f43654b3f452d5c74ed074712570d1fde
Validity
Not Before: Jan 1 20:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e777bb53917a1697b06445dfd1a5fd3d4531473a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:80:c3:f6:c8:e0:47:f5:8c:5f:c5:cd:b9:66:
35:3b:5a:58:21:a4:e0:4e:a2:ca:c8:0b:13:28:92:
e9:ed:2e:e5:5e:9a:e9:9b:86:5c:48:e9:e0:c0:15:
ac:68:ee:34:73:a2:95:05:66:5e:df:22:92:7c:c8:
14:e4:2b:90:ad:9e:dc:ce:b6:f6:3b:fe:1a:75:e1:
16:21:7f:e6:c5:d2:50:38:57:78:56:8c:fe:b5:70:
ab:69:3b:6f:ba:be:c1:b5:85:51:8f:d4:c5:cc:d0:
4f:1b:8e:98:2e:17:01:1e:25:e1:59:0d:56:c6:1d:
7e:1f:60:52:e4:30:36:e4:9b:29:6e:8d:36:13:2a:
2d:26:ec:c9:28:ae:6b:b0:72:14:8d:fd:40:e7:ae:
12:b3:10:b3:d1:2b:48:36:a9:d3:27:03:0c:fd:51:
61:df:3f:7d:e2:b4:2d:22:5a:b0:d6:d0:db:13:93:
e5:32:93:91:ab:14:34:bb:2d:0b:c5:ed:43:4e:63:
41:70:2d:6e:51:ed:38:14:10:5c:48:52:26:ac:59:
a9:a9:82:33:1e:c7:ea:38:48:7b:44:79:b0:cd:a9:
ae:e3:5a:9d:1a:38:cf:84:90:26:42:84:1e:c0:eb:
c0:2d:50:c6:96:71:76:9d:b2:28:b1:a3:b7:2b:75:
95:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:77:BB:53:91:7A:16:97:B0:64:45:DF:D1:A5:FD:3D:45:31:47:3A
X509v3 Authority Key Identifier:
keyid:1C:88:AF:2F:43:65:4B:3F:45:2D:5C:74:ED:07:47:12:57:0D:1F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HIivL0NlSz9FLVx07QdHElcNH94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/53e7U5F6FpewZEXf0aX9PUUxRzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6cfc2b-9be8-4fe0-a424-196cc167113e/1/HIivL0NlSz9FLVx07QdHElcNH94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.160.0/21
81.201.144.0/20
176.52.200.0/21
178.249.24.0/21
185.75.184.0/22
217.18.176.0/20
IPv6:
2a00:8180::/32
Signature Algorithm: sha256WithRSAEncryption
2e:15:4b:ae:40:3d:c1:30:c2:16:c9:2b:b2:86:ce:c7:2a:f6:
72:1e:da:44:05:b1:f6:0b:96:f6:46:60:6a:f8:60:3a:ec:78:
65:a0:7b:38:70:35:53:d1:8d:62:47:5b:0e:22:61:53:e5:e7:
29:ca:3d:6c:2b:54:3d:1b:31:8a:54:3c:33:a6:86:0b:45:77:
65:fe:6e:98:fe:1c:48:2f:96:01:9e:56:e7:ec:10:8a:bc:25:
5c:99:7e:46:72:f6:c0:07:45:6d:9f:db:d3:32:cb:c7:4a:11:
cb:bc:7c:6f:18:ff:b4:7a:88:24:92:1c:d4:0c:5a:c5:29:13:
62:d2:9f:0c:e7:50:89:d6:f9:f3:72:3d:cd:e5:90:c7:08:c2:
37:a9:c1:c5:9c:cb:9d:3c:15:85:cf:db:3a:ab:7a:e1:23:df:
9a:39:13:f1:63:15:e8:36:8e:0e:6f:a2:e5:61:f3:16:36:18:
80:11:fc:73:9e:a4:75:31:cb:55:8d:ce:b9:90:1a:e9:50:60:
76:37:81:28:ee:a7:98:05:32:81:b9:0c:77:32:9b:16:dc:cf:
33:b8:04:50:f3:10:e2:0d:e9:a5:55:65:7a:70:a5:53:91:40:
1c:22:7a:13:4a:d8:5e:75:d1:de:b6:8a:d8:49:42:74:ab:df:
d0:1e:10:b2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVvAg3PFwZfKQaw7yiuz1oWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjODhhZjJmNDM2NTRiM2Y0NTJkNWM3NGVkMDc0NzEyNTcw
ZDFmZGUwHhcNMjMwMTAxMjAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzc3YmI1MzkxN2ExNjk3YjA2NDQ1ZGZkMWE1ZmQzZDQ1MzE0NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoDD9sjgR/WMX8XNuWY1O1pYIaTg
TqLKyAsTKJLp7S7lXprpm4ZcSOngwBWsaO40c6KVBWZe3yKSfMgU5CuQrZ7czrb2
O/4adeEWIX/mxdJQOFd4Voz+tXCraTtvur7BtYVRj9TFzNBPG46YLhcBHiXhWQ1W
xh1+H2BS5DA25Jspbo02EyotJuzJKK5rsHIUjf1A564SsxCz0StINqnTJwMM/VFh
3z994rQtIlqw1tDbE5PlMpORqxQ0uy0Lxe1DTmNBcC1uUe04FBBcSFImrFmpqYIz
HsfqOEh7RHmwzamu41qdGjjPhJAmQoQewOvALVDGlnF2nbIosaO3K3WVcwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOd3u1ORehaXsGRF39Gl/T1FMUc6MB8GA1UdIwQY
MBaAFByIry9DZUs/RS1cdO0HRxJXDR/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQt
MTk2Y2MxNjcxMTNlLzEvNTNlN1U1RjZGcGV3WkVYZjBhWDlQVVV4UnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82Y2ZjMmItOWJlOC00ZmUwLWE0MjQtMTk2Y2MxNjcxMTNl
LzEvSElpdkwwTmxTejlGTFZ4MDdRZEhFbGNOSDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDH9KgAwQE
UcmQAwQDsDTIAwQDsvkYAwQCuUu4AwQE2RKwMA0EAgACMAcDBQAqAIGAMA0GCSqG
SIb3DQEBCwUAA4IBAQAuFUuuQD3BMMIWySuyhs7HKvZyHtpEBbH2C5b2RmBq+GA6
7HhloHs4cDVT0Y1iR1sOImFT5ecpyj1sK1Q9GzGKVDwzpoYLRXdl/m6Y/hxIL5YB
nlbn7BCKvCVcmX5GcvbAB0Vtn9vTMsvHShHLvHxvGP+0eogkkhzUDFrFKRNi0p8M
51CJ1vnzcj3N5ZDHCMI3qcHFnMudPBWFz9s6q3rhI9+aORPxYxXoNo4Ob6LlYfMW
NhiAEfxznqR1MctVjc65kBrpUGB2N4Eo7qeYBTKBuQx3MpsW3M8zuARQ8xDiDeml
VWV6cKVTkUAcInoTStheddHetorYSUJ0q9/QHhCy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:36 2024 by rpki-client on console-ams.rpki-client.org