Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/d8k-117Naguh4nssiWYdmIZ2CPk.roa
File: d8k-117Naguh4nssiWYdmIZ2CPk.roa (raw, json)
Hash identifier: ut9k8sG4603qHKQNg3FA6teutK3J9dRd4lgfE+FtMmM=
Subject key identifier: 77:C9:3E:D7:5E:CD:6A:0B:A1:E2:7B:2C:89:66:1D:98:86:76:08:F9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80120C12051909835C6D2B03342EFD9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/d8k-117Naguh4nssiWYdmIZ2CPk.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:20:c1:20:51:90:98:35:c6:d2:b0:33:42:ef:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77c93ed75ecd6a0ba1e27b2c89661d98867608f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f7:2d:23:35:24:60:61:92:b5:a2:57:2f:00:
6a:1a:ad:8d:33:57:b4:54:c2:52:b8:a6:6f:83:ff:
81:0a:da:d9:3a:6a:7b:13:9e:2f:ff:46:7b:a8:08:
e8:a0:83:42:be:96:e3:09:f2:0a:7c:50:d4:20:87:
6d:ff:a4:81:b9:33:82:36:3b:c3:9f:4f:f0:cc:63:
56:5a:63:01:9c:33:c7:28:e8:fc:5b:06:9f:d0:2a:
e1:a6:c8:33:e7:09:e4:49:b1:b8:e3:d3:04:e9:4c:
6c:c1:aa:b9:0c:39:d9:9c:bc:58:a4:97:2b:ff:ec:
c5:dc:2e:f6:db:9d:da:27:6e:b3:8c:0c:ef:c4:84:
a9:1b:bd:be:83:10:20:fc:28:9e:2d:37:2e:32:3a:
bd:1b:14:d6:09:9e:f6:7b:3d:73:99:45:9c:67:8c:
20:09:3e:db:d7:e6:de:71:45:ee:51:f4:d3:42:0e:
b0:2d:e2:74:d9:d5:67:b3:20:76:64:14:89:ef:d8:
ae:d5:3e:4a:f7:b9:4f:df:c9:aa:57:6b:fd:ab:77:
83:08:a2:1d:1c:0d:d0:00:09:b4:f7:17:43:32:e5:
0a:c9:60:01:cd:7b:d0:bd:0c:98:6c:fc:26:cc:b3:
fa:07:eb:d5:bd:15:19:c2:91:3a:8d:90:3f:74:21:
20:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C9:3E:D7:5E:CD:6A:0B:A1:E2:7B:2C:89:66:1D:98:86:76:08:F9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/d8k-117Naguh4nssiWYdmIZ2CPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
a5:62:f9:c5:ff:ac:70:06:11:49:ee:df:0f:c1:3c:d0:49:59:
fc:e4:60:23:9a:b3:f8:0a:89:d2:a6:84:3a:22:bd:e1:08:c7:
66:a6:25:0f:96:73:65:0a:2b:e9:75:3f:30:cb:8b:8e:d4:80:
bd:a8:eb:d6:21:d2:d8:60:b2:ce:e8:13:45:46:e6:18:76:1a:
b6:33:6a:51:6a:71:59:5c:51:86:fd:b2:e4:06:0b:6e:7c:b6:
f8:90:cd:97:bf:3e:39:66:74:06:61:ad:06:7b:18:fb:2b:f1:
6e:8f:6d:82:19:ec:d1:d9:13:ca:63:f4:1c:35:3f:f4:03:c4:
0a:23:2f:f7:10:bd:4f:eb:72:ea:7a:09:ee:2c:cf:b9:75:b8:
4a:d1:9a:f3:82:3f:23:56:99:fc:00:f8:a9:6c:82:3c:03:6c:
45:bd:d1:b3:b2:04:89:a5:38:94:b0:2d:79:b4:dc:b1:53:b6:
4d:d6:47:50:b1:b3:54:44:14:1d:e2:49:eb:9a:d2:8e:3b:35:
79:96:de:7f:03:71:a7:ea:21:03:d4:3b:f9:d3:96:5c:ff:14:
6b:e4:29:ae:1c:aa:91:a9:d2:b1:04:2e:ec:a1:28:2b:e5:74:
3e:b4:c1:32:16:93:4e:31:8c:c3:4f:e4:5d:79:7f:51:34:ab:
ea:70:65:21
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzIASDBIFGQmDXG0rAzQu/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M5M2VkNzVlY2Q2YTBiYTFlMjdiMmM4OTY2MWQ5ODg2NzYwOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPctIzUkYGGStaJXLwBqGq2NM1e0
VMJSuKZvg/+BCtrZOmp7E54v/0Z7qAjooINCvpbjCfIKfFDUIIdt/6SBuTOCNjvD
n0/wzGNWWmMBnDPHKOj8Wwaf0Crhpsgz5wnkSbG449ME6Uxswaq5DDnZnLxYpJcr
/+zF3C72253aJ26zjAzvxISpG72+gxAg/CieLTcuMjq9GxTWCZ72ez1zmUWcZ4wg
CT7b1+becUXuUfTTQg6wLeJ02dVnsyB2ZBSJ79iu1T5K97lP38mqV2v9q3eDCKId
HA3QAAm09xdDMuUKyWABzXvQvQyYbPwmzLP6B+vVvRUZwpE6jZA/dCEgNQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHfJPtdezWoLoeJ7LIlmHZiGdgj5MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZDhrLTExN05hZ3VoNG5zc2lXWWRtSVoyQ1BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQClYvnF/6xwBhFJ7t8PwTzQSVn85GAjmrP4ConSpoQ6Ir3hCMdmpiUPlnNlCivp
dT8wy4uO1IC9qOvWIdLYYLLO6BNFRuYYdhq2M2pRanFZXFGG/bLkBgtufLb4kM2X
vz45ZnQGYa0Gexj7K/Fuj22CGezR2RPKY/QcNT/0A8QKIy/3EL1P63LqegnuLM+5
dbhK0Zrzgj8jVpn8APipbII8A2xFvdGzsgSJpTiUsC15tNyxU7ZN1kdQsbNURBQd
4knrmtKOOzV5lt5/A3Gn6iED1Dv505Zc/xRr5CmuHKqRqdKxBC7soSgr5XQ+tMEy
FpNOMYzDT+RdeX9RNKvqcGUh
-----END CERTIFICATE-----
Generated at Fri Jan 5 11:41:27 2024 by rpki-client on console-fra.rpki-client.org