Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/hwezwqRWDKxmrgSPtVbMcDtTsFQ.roa
File: hwezwqRWDKxmrgSPtVbMcDtTsFQ.roa (raw, json)
Hash identifier: EhNF4Tp9LrusRljMPkHOgMYnXivYm8dIMFZNiJWELYw=
Subject key identifier: 87:07:B3:C2:A4:56:0C:AC:66:AE:04:8F:B5:56:CC:70:3B:53:B0:54
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 01881BE1983F691F083919978CB3FCAE32C1
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/hwezwqRWDKxmrgSPtVbMcDtTsFQ.roa
Signing time: Sun 14 May 2023 20:09:09 +0000
ROA not before: Sun 14 May 2023 20:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20661
IP address blocks: 103.220.0.0/22 maxlen: 22
95.85.96.0/19 maxlen: 19
95.85.96.0/24 maxlen: 24
95.85.98.0/24 maxlen: 24
95.85.99.0/24 maxlen: 24
95.85.101.0/24 maxlen: 24
95.85.100.0/22 maxlen: 22
95.85.100.0/24 maxlen: 24
95.85.104.0/22 maxlen: 22
95.85.104.0/24 maxlen: 24
177.93.143.0/24 maxlen: 24
185.69.184.0/24 maxlen: 24
216.250.8.0/21 maxlen: 21
119.235.112.0/20 maxlen: 20
2a05:2180::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1b:e1:98:3f:69:1f:08:39:19:97:8c:b3:fc:ae:32:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: May 14 20:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8707b3c2a4560cac66ae048fb556cc703b53b054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d7:5c:c1:2e:84:6b:14:23:2d:75:c6:f6:d4:
e4:65:13:e9:db:c1:19:f4:0c:49:3c:e7:84:8b:69:
8f:18:8a:78:72:e1:46:60:e4:f9:cb:13:fb:10:96:
ae:78:68:80:a2:cf:51:c0:cc:5c:b9:7f:af:24:af:
29:95:58:ce:80:dc:6c:74:07:83:ab:e9:5f:02:3c:
05:ec:81:50:7b:27:bd:ad:14:57:fb:db:b2:b1:a8:
e7:5e:72:b2:f4:37:ff:28:cf:f6:99:a3:91:82:dc:
27:c6:e7:c4:7d:6f:43:6d:82:4e:c4:96:e9:ce:e6:
1f:5a:45:05:7a:29:e8:b0:5a:e0:b2:83:7d:40:98:
85:24:a0:b3:50:1d:69:01:10:e2:b8:f2:03:8a:fe:
25:ff:b7:83:0e:b1:be:58:28:d4:2f:25:fb:14:43:
47:ed:c4:d8:9d:ef:50:4b:d8:35:00:24:45:5d:be:
2b:f5:3f:ff:85:85:9e:36:16:66:c6:da:b3:46:b3:
14:09:9c:91:c8:4e:bf:82:01:d0:a0:3f:21:9b:52:
96:3a:be:27:fb:92:6b:38:10:f7:52:15:83:b6:51:
42:7e:75:34:e2:ac:50:21:39:0e:d9:c7:da:ed:30:
8a:f3:24:a3:39:53:6f:36:81:9c:f6:0c:e8:c7:6c:
2a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:07:B3:C2:A4:56:0C:AC:66:AE:04:8F:B5:56:CC:70:3B:53:B0:54
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/hwezwqRWDKxmrgSPtVbMcDtTsFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.96.0/19
103.220.0.0/22
119.235.112.0/20
177.93.143.0/24
185.69.184.0/24
216.250.8.0/21
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
4f:c4:3d:d0:b5:4e:bc:8f:80:37:07:14:2a:b0:5a:db:8c:9a:
08:ec:34:9b:47:de:ce:53:3c:ff:09:4f:26:50:9b:e9:c4:a1:
ac:1f:04:e1:7f:ee:ea:56:11:8b:0f:9b:41:29:ef:0b:4d:46:
94:c3:e4:c0:b1:48:1c:da:d3:a0:4f:b5:ee:f6:9e:5d:0f:32:
ac:c8:c8:6f:14:91:6f:47:cb:c5:de:88:7d:76:e4:f8:ed:36:
42:43:b9:37:d0:72:99:32:47:19:6c:10:1b:f4:dc:94:99:22:
7f:7f:c0:d3:9a:76:b3:ec:a0:ea:ec:4c:09:27:8c:a6:55:e5:
f4:ae:d1:c6:3b:6e:da:c7:75:16:99:68:cf:d6:f2:4b:c5:4d:
4e:06:1c:ef:fa:52:8d:0b:8b:16:2d:f7:fb:32:b2:9a:a9:bf:
6b:94:ba:67:cf:af:a2:63:2f:6c:e7:16:94:f5:6f:f6:74:27:
92:0c:a8:c4:3e:56:fc:6f:7b:f2:14:87:36:a4:af:87:87:26:
b1:15:fc:09:35:b0:dd:ee:3b:7b:36:2b:13:6c:a1:35:74:b7:
1c:62:18:23:72:dd:97:9c:2a:33:8d:07:f0:7e:89:e0:37:32:
70:35:90:3a:5e:9b:fc:bf:8a:66:93:51:f9:eb:21:79:3e:d2:
b8:78:31:25
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYgb4Zg/aR8IORmXjLP8rjLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjMwNTE0MjAwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA3YjNjMmE0NTYwY2FjNjZhZTA0OGZiNTU2Y2M3MDNiNTNiMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9dcwS6EaxQjLXXG9tTkZRPp28EZ
9AxJPOeEi2mPGIp4cuFGYOT5yxP7EJaueGiAos9RwMxcuX+vJK8plVjOgNxsdAeD
q+lfAjwF7IFQeye9rRRX+9uysajnXnKy9Df/KM/2maORgtwnxufEfW9DbYJOxJbp
zuYfWkUFeinosFrgsoN9QJiFJKCzUB1pARDiuPIDiv4l/7eDDrG+WCjULyX7FENH
7cTYne9QS9g1ACRFXb4r9T//hYWeNhZmxtqzRrMUCZyRyE6/ggHQoD8hm1KWOr4n
+5JrOBD3UhWDtlFCfnU04qxQITkO2cfa7TCK8ySjOVNvNoGc9gzox2wqeQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIcHs8KkVgysZq4Ej7VWzHA7U7BUMB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvaHdlendxUldES3htcmdTUHRWYk1jRHRUc0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFX1VgAwQC
Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIMA0EAgACMAcDBQMqBSGAMA0GCSqG
SIb3DQEBCwUAA4IBAQBPxD3QtU68j4A3BxQqsFrbjJoI7DSbR97OUzz/CU8mUJvp
xKGsHwThf+7qVhGLD5tBKe8LTUaUw+TAsUgc2tOgT7Xu9p5dDzKsyMhvFJFvR8vF
3oh9duT47TZCQ7k30HKZMkcZbBAb9NyUmSJ/f8DTmnaz7KDq7EwJJ4ymVeX0rtHG
O27ax3UWmWjP1vJLxU1OBhzv+lKNC4sWLff7MrKaqb9rlLpnz6+iYy9s5xaU9W/2
dCeSDKjEPlb8b3vyFIc2pK+HhyaxFfwJNbDd7jt7NisTbKE1dLccYhgjct2XnCoz
jQfwfongNzJwNZA6Xpv8v4pmk1H56yF5PtK4eDEl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:14 2023 by rpki-client on console-fra.rpki-client.org