Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/rpwYCHsfARWgXzqUvdWiDHYSEAY.roa
File: rpwYCHsfARWgXzqUvdWiDHYSEAY.roa (raw, json)
Hash identifier: Is7bEQe3xGMMRBHnCco7DSKIwLqMgen3pkXTf+eCE5w=
Subject key identifier: AE:9C:18:08:7B:1F:01:15:A0:5F:3A:94:BD:D5:A2:0C:76:12:10:06
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018BEC578943EFC2B3AE92EE31852AA271E3
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/rpwYCHsfARWgXzqUvdWiDHYSEAY.roa
Signing time: Mon 20 Nov 2023 10:47:21 +0000
ROA not before: Mon 20 Nov 2023 10:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 178.22.29.0/24 maxlen: 24
62.106.80.0/24 maxlen: 24
62.3.51.0/24 maxlen: 24
212.18.107.0/24 maxlen: 24
91.246.57.0/24 maxlen: 24
77.72.82.0/24 maxlen: 24
84.246.83.0/24 maxlen: 24
193.163.95.0/24 maxlen: 24
46.253.136.0/24 maxlen: 24
146.19.229.0/24 maxlen: 24
46.31.66.0/24 maxlen: 24
5.57.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:57:89:43:ef:c2:b3:ae:92:ee:31:85:2a:a2:71:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Nov 20 10:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae9c18087b1f0115a05f3a94bdd5a20c76121006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:82:e1:a1:28:a8:1e:ed:6a:15:d5:44:bf:
b1:49:07:e7:f7:7e:06:1f:c0:3a:3f:9d:c9:4e:f5:
ea:6a:91:a6:2c:ba:4d:62:c2:41:fd:1c:f9:cd:ba:
93:70:b8:49:b4:ae:11:f2:e3:7e:83:5b:fc:e6:83:
a7:25:dd:66:17:f0:b6:5c:eb:99:5c:d6:ed:cd:33:
db:e7:e9:db:24:08:4e:54:54:a8:a2:73:c1:74:f3:
5b:93:7e:15:ca:bd:e1:fd:bb:38:c2:3a:ab:ae:05:
75:c7:6a:4d:41:29:ea:d3:af:91:e4:e5:49:5a:5d:
71:a8:dd:3e:d8:48:79:b2:28:33:50:f5:5c:22:a5:
87:3e:11:99:3d:db:bf:bc:9c:22:a8:17:0b:e7:18:
89:b5:93:c8:80:6a:1a:65:3d:59:94:8e:04:c8:2f:
85:80:c4:7c:83:30:0c:93:d2:9f:48:19:65:72:d9:
f9:4b:ce:a4:9e:75:7a:6f:79:b8:50:68:8d:98:07:
e7:3b:29:63:4c:20:bd:02:41:2b:56:68:b3:7a:f6:
38:ea:bd:26:67:4e:7e:23:3a:6e:86:40:b0:1d:e7:
2e:fb:59:91:75:ba:99:a8:bd:84:2e:a9:f2:98:2a:
ac:b6:d3:a6:6b:0f:ba:96:63:35:c3:26:03:fa:60:
be:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9C:18:08:7B:1F:01:15:A0:5F:3A:94:BD:D5:A2:0C:76:12:10:06
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/rpwYCHsfARWgXzqUvdWiDHYSEAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.213.0/24
46.31.66.0/24
46.253.136.0/24
62.3.51.0/24
62.106.80.0/24
77.72.82.0/24
84.246.83.0/24
91.246.57.0/24
146.19.229.0/24
178.22.29.0/24
193.163.95.0/24
212.18.107.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c9:ac:f1:34:3b:3a:4f:e5:82:53:1f:86:7d:96:f3:86:88:
b2:a7:40:c0:a0:13:93:cd:70:0c:da:23:3e:86:cf:4d:1e:74:
d4:1c:62:55:1d:d2:72:ec:63:93:06:8e:c0:97:5e:23:f7:b6:
19:63:1f:9f:9c:46:0c:48:13:5b:eb:7f:55:dc:2b:2f:57:23:
1b:c5:5c:27:66:9b:37:3d:6c:62:b2:2f:aa:d9:6f:d2:da:f0:
87:bc:c5:77:1f:b5:79:98:f4:a4:3c:86:11:63:6e:58:0d:0e:
f5:db:67:f1:11:8f:b0:aa:e0:6a:5a:c8:bf:c3:6b:3a:9d:b2:
30:99:c0:c6:73:3e:56:1e:a8:98:56:62:3b:b5:dd:50:0f:e7:
00:4b:f1:3f:c2:42:a0:ee:8b:1f:5d:18:11:e6:b0:f2:8f:2f:
30:80:cb:d4:da:a5:25:87:ee:22:67:7c:b7:a7:21:3c:50:5b:
73:a4:5a:ca:10:cd:8c:3b:d5:8b:98:54:49:48:54:b1:be:d6:
d6:57:c3:8e:d4:bf:5a:1e:db:a0:43:51:7b:00:9f:25:69:10:
74:a7:ef:03:04:4e:08:39:fe:6b:33:91:98:62:0d:22:8a:7c:
1d:6e:0b:8d:60:f5:50:6d:c5:3a:24:de:9a:83:3b:c2:e2:b9:
43:63:95:22
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYvsV4lD78KzrpLuMYUqonHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjMxMTIwMTA0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTljMTgwODdiMWYwMTE1YTA1ZjNhOTRiZGQ1YTIwYzc2MTIxMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRyC4aEoqB7tahXVRL+xSQfn934G
H8A6P53JTvXqapGmLLpNYsJB/Rz5zbqTcLhJtK4R8uN+g1v85oOnJd1mF/C2XOuZ
XNbtzTPb5+nbJAhOVFSoonPBdPNbk34Vyr3h/bs4wjqrrgV1x2pNQSnq06+R5OVJ
Wl1xqN0+2Eh5sigzUPVcIqWHPhGZPdu/vJwiqBcL5xiJtZPIgGoaZT1ZlI4EyC+F
gMR8gzAMk9KfSBllctn5S86knnV6b3m4UGiNmAfnOyljTCC9AkErVmizevY46r0m
Z05+IzpuhkCwHecu+1mRdbqZqL2ELqnymCqsttOmaw+6lmM1wyYD+mC+pQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFK6cGAh7HwEVoF86lL3Vogx2EhAGMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvcnB3WUNIc2ZBUldnWHpxVXZkV2lESFlTRUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABTnVAwQA
Lh9CAwQALv2IAwQAPgMzAwQAPmpQAwQATUhSAwQAVPZTAwQAW/Y5AwQAkhPlAwQA
shYdAwQAwaNfAwQA1BJrMA0GCSqGSIb3DQEBCwUAA4IBAQCZyazxNDs6T+WCUx+G
fZbzhoiyp0DAoBOTzXAM2iM+hs9NHnTUHGJVHdJy7GOTBo7Al14j97YZYx+fnEYM
SBNb639V3CsvVyMbxVwnZps3PWxisi+q2W/S2vCHvMV3H7V5mPSkPIYRY25YDQ71
22fxEY+wquBqWsi/w2s6nbIwmcDGcz5WHqiYVmI7td1QD+cAS/E/wkKg7osfXRgR
5rDyjy8wgMvU2qUlh+4iZ3y3pyE8UFtzpFrKEM2MO9WLmFRJSFSxvtbWV8OO1L9a
HtugQ1F7AJ8laRB0p+8DBE4IOf5rM5GYYg0iinwdbguNYPVQbcU6JN6agzvC4rlD
Y5Ui
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:21 2024 by rpki-client on console-fra.rpki-client.org