Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/AnXgyMq4vLbSA-VMIqwmYphLbhQ.roa
File: AnXgyMq4vLbSA-VMIqwmYphLbhQ.roa (raw, json)
Hash identifier: Cxi4VH/HeAZOv0qoAUZFuB0Q8+XiOn5MBCr6oqdTTcg=
Subject key identifier: 02:75:E0:C8:CA:B8:BC:B6:D2:03:E5:4C:22:AC:26:62:98:4B:6E:14
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018ACC2D54DD5A5463D63F11801C8AF7CB78
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/AnXgyMq4vLbSA-VMIqwmYphLbhQ.roa
Signing time: Mon 25 Sep 2023 11:50:37 +0000
ROA not before: Mon 25 Sep 2023 11:50:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:2d:54:dd:5a:54:63:d6:3f:11:80:1c:8a:f7:cb:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 25 11:50:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0275e0c8cab8bcb6d203e54c22ac2662984b6e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:17:93:f0:40:7e:73:7b:4e:51:b6:c6:f2:13:
97:e1:bb:31:9a:e8:c6:fb:64:1d:ac:e6:f1:06:cb:
d4:36:cf:71:53:80:24:a1:f0:57:37:96:0c:00:48:
a9:e8:2b:7f:91:ea:f8:85:cc:75:83:ec:38:02:7f:
79:78:81:e5:c1:11:ce:19:bb:0d:e3:5b:f0:21:88:
43:57:8f:c5:23:b3:bb:2d:31:e0:4e:9f:cb:1f:4b:
7b:3f:8b:1f:d6:54:57:1e:37:25:7a:87:cb:60:1d:
ad:5c:de:cf:84:65:96:85:0d:eb:bb:05:a0:34:5b:
8f:c2:bf:6f:16:9a:08:3b:23:01:97:b5:0b:f7:95:
9a:98:04:3c:d0:59:aa:96:c0:d8:99:f0:ea:ac:85:
15:ac:db:05:4d:5a:22:b5:ed:0f:96:b0:91:bc:46:
d6:c6:46:7c:99:6d:55:89:64:89:f9:73:97:81:3c:
13:e5:8f:4e:7d:2e:2e:61:4b:44:41:08:93:c9:f1:
16:94:2c:56:45:9d:8b:89:52:85:fd:7c:10:d6:11:
5d:fa:89:75:54:38:04:04:38:56:0c:91:e4:1e:33:
4e:e9:30:44:9f:22:02:38:1d:d0:cc:3d:e5:00:f4:
74:f8:22:59:ed:e2:31:f6:c9:f8:6f:29:cd:5f:0f:
42:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:75:E0:C8:CA:B8:BC:B6:D2:03:E5:4C:22:AC:26:62:98:4B:6E:14
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/AnXgyMq4vLbSA-VMIqwmYphLbhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
60:80:d3:49:3e:10:f4:df:54:c3:ee:cb:39:5a:35:60:d5:c8:
9e:ea:c0:42:5b:1d:5b:4f:ff:05:1e:c5:5a:f0:10:91:dc:b4:
24:b3:22:25:a2:1a:b4:5c:9d:63:de:ce:d8:a7:0c:27:4c:0e:
f3:99:bc:90:7c:cd:9b:90:a2:08:e8:65:59:c9:45:6c:93:68:
c7:88:70:33:0c:0a:52:e5:12:7e:50:02:d2:4f:a4:1c:94:d7:
1a:68:09:a0:68:f7:7d:1b:e4:52:35:58:b4:ed:07:5f:39:72:
66:66:c0:ca:02:77:43:9e:70:ba:72:b5:f1:4e:ee:7f:a3:06:
9b:48:92:58:31:b1:66:43:3f:4d:69:5b:ce:d0:ce:fd:7e:b5:
cd:66:5c:29:41:2f:bd:87:c3:85:49:31:58:34:a4:82:40:14:
38:80:00:66:1f:ee:af:73:6a:8d:9f:30:db:a9:d1:48:ab:c2:
70:2a:2b:e4:ed:c5:8d:39:7e:04:bb:a5:e1:02:5b:d0:12:70:
aa:32:47:11:68:77:71:b5:58:e7:e2:c3:80:c7:6a:f9:d3:8c:
0f:84:7c:dc:d1:c5:e2:55:41:01:a9:31:97:cb:bc:83:ec:b3:
1c:c5:28:62:a6:ca:61:52:df:d3:01:79:99:2b:c0:a7:3a:b5:
80:58:6b:0b
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYrMLVTdWlRj1j8RgByK98t4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwOTI1MTE1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjc1ZTBjOGNhYjhiY2I2ZDIwM2U1NGMyMmFjMjY2Mjk4NGI2ZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmReT8EB+c3tOUbbG8hOX4bsxmujG
+2QdrObxBsvUNs9xU4AkofBXN5YMAEip6Ct/ker4hcx1g+w4An95eIHlwRHOGbsN
41vwIYhDV4/FI7O7LTHgTp/LH0t7P4sf1lRXHjcleofLYB2tXN7PhGWWhQ3ruwWg
NFuPwr9vFpoIOyMBl7UL95WamAQ80FmqlsDYmfDqrIUVrNsFTVoite0PlrCRvEbW
xkZ8mW1ViWSJ+XOXgTwT5Y9OfS4uYUtEQQiTyfEWlCxWRZ2LiVKF/XwQ1hFd+ol1
VDgEBDhWDJHkHjNO6TBEnyICOB3QzD3lAPR0+CJZ7eIx9sn4bynNXw9CbwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFAJ14MjKuLy20gPlTCKsJmKYS24UMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQW5YZ3lNcTR2TGJTQS1WTUlxd21ZcGhMYmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQBggNNJPhD031TD7ss5WjVg1cie6sBCWx1bT/8FHsVa8BCR3LQksyIlohq0XJ1j
3s7YpwwnTA7zmbyQfM2bkKII6GVZyUVsk2jHiHAzDApS5RJ+UALST6QclNcaaAmg
aPd9G+RSNVi07QdfOXJmZsDKAndDnnC6crXxTu5/owabSJJYMbFmQz9NaVvO0M79
frXNZlwpQS+9h8OFSTFYNKSCQBQ4gABmH+6vc2qNnzDbqdFIq8JwKivk7cWNOX4E
u6XhAlvQEnCqMkcRaHdxtVjn4sOAx2r504wPhHzc0cXiVUEBqTGXy7yD7LMcxShi
psphUt/TAXmZK8CnOrWAWGsL
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org