Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1PWEicyQRqYqFLFJhbQLJ8Wj3pY.roa
File: 1PWEicyQRqYqFLFJhbQLJ8Wj3pY.roa (raw, json)
Hash identifier: Qp3Sc4MuQwgjKb9C2Ovc4S8x3MK5Lr0mtUmtos/zQqk=
Subject key identifier: D4:F5:84:89:CC:90:46:A6:2A:14:B1:49:85:B4:0B:27:C5:A3:DE:96
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018A17662685B9F6257A38DD75EFBFA875C6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1PWEicyQRqYqFLFJhbQLJ8Wj3pY.roa
Signing time: Mon 21 Aug 2023 09:21:25 +0000
ROA not before: Mon 21 Aug 2023 09:21:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
194.31.140.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b85::/32 maxlen: 32
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0d:77c0::/29 maxlen: 32
2a0b:b82::/44 maxlen: 44
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:66:26:85:b9:f6:25:7a:38:dd:75:ef:bf:a8:75:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Aug 21 09:21:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4f58489cc9046a62a14b14985b40b27c5a3de96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:95:5a:60:9d:18:66:1f:2a:00:9f:2d:68:
f4:54:d1:b0:06:d6:c8:c1:4e:a7:0e:56:53:f8:c3:
ab:7d:0e:cf:8a:36:f6:ee:95:f1:b8:79:62:21:c1:
61:0d:5b:c7:8f:bb:8d:b8:7f:f6:1d:cd:c1:e2:fd:
d3:1e:fb:c2:d4:71:30:7d:29:14:59:4e:11:84:4e:
21:89:14:8a:c8:37:91:fc:fa:7b:39:cf:bc:6e:ea:
8f:15:14:92:af:ca:4d:07:d7:dc:2e:9a:30:89:47:
d2:aa:c9:f2:14:74:48:94:69:2e:2d:95:22:c4:69:
7c:33:00:9b:fa:7d:6a:eb:6a:64:ca:ab:fe:77:8f:
63:81:b1:d6:a4:61:e6:ab:28:60:6f:ae:3a:b9:9c:
26:43:a0:2c:b8:43:4b:be:2b:34:00:5f:4b:a8:ed:
b4:42:5f:40:bc:63:ed:25:b8:b6:71:54:cf:ba:f7:
ac:95:b3:22:1a:b5:1a:63:19:df:79:bb:35:79:02:
f6:20:c2:c3:fa:ed:23:47:d1:59:05:33:66:0d:03:
af:63:54:5d:e8:60:af:8f:0a:5d:e8:d2:4f:8c:a6:
d6:71:f6:9b:d6:db:f1:9e:a4:f0:b2:e6:12:db:16:
c9:17:c6:eb:a9:a3:c6:a4:37:eb:b6:4d:1a:8f:5d:
0a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F5:84:89:CC:90:46:A6:2A:14:B1:49:85:B4:0B:27:C5:A3:DE:96
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/1PWEicyQRqYqFLFJhbQLJ8Wj3pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:bd:f5:6a:ab:ec:9c:b8:bd:b8:4b:61:da:c3:ba:de:69:c0:
39:16:31:53:47:39:ce:4c:ef:45:9a:16:dd:87:ca:61:be:93:
fc:bc:98:af:56:3c:68:7a:12:d1:54:fc:81:13:d0:a3:89:00:
ce:6a:77:87:a6:cd:dc:3d:76:7d:17:c6:a9:6f:32:dc:32:5c:
fa:ec:68:41:82:78:f3:4c:cf:cd:8c:9c:60:f7:c9:0c:ad:ce:
3a:76:f4:ae:a2:70:b4:3b:ca:40:4e:52:e1:50:61:a1:28:53:
8d:96:53:1b:9e:f6:c1:bc:71:1b:93:44:77:7c:07:f6:54:e1:
1e:34:52:fe:e2:b6:02:31:b5:27:c8:78:3e:e5:66:c0:63:0c:
ec:3c:0d:bb:8d:cd:a2:19:c6:6d:3f:df:70:be:33:14:e2:e3:
b4:b7:45:ac:e8:5a:48:dd:2a:f6:82:74:9e:4a:d5:be:b8:fb:
20:5b:02:de:26:4f:72:0a:47:60:e9:c0:2a:6c:10:2c:93:70:
cc:92:ee:5e:e1:b3:79:4b:b6:ef:ca:7b:a3:d8:75:d3:4d:bc:
46:99:72:87:5f:01:e1:e0:6e:41:8e:44:b0:97:70:03:7e:37:
b2:ef:22:71:39:5b:50:74:de:3e:98:02:f8:3c:53:9b:94:21:
07:db:bc:65
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYoXZiaFufYlejjdde+/qHXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwODIxMDkyMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY1ODQ4OWNjOTA0NmE2MmExNGIxNDk4NWI0MGIyN2M1YTNkZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcOVWmCdGGYfKgCfLWj0VNGwBtbI
wU6nDlZT+MOrfQ7Pijb27pXxuHliIcFhDVvHj7uNuH/2Hc3B4v3THvvC1HEwfSkU
WU4RhE4hiRSKyDeR/Pp7Oc+8buqPFRSSr8pNB9fcLpowiUfSqsnyFHRIlGkuLZUi
xGl8MwCb+n1q62pkyqv+d49jgbHWpGHmqyhgb646uZwmQ6AsuENLvis0AF9LqO20
Ql9AvGPtJbi2cVTPuveslbMiGrUaYxnfebs1eQL2IMLD+u0jR9FZBTNmDQOvY1Rd
6GCvjwpd6NJPjKbWcfab1tvxnqTwsuYS2xbJF8brqaPGpDfrtk0aj10KRQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFNT1hInMkEamKhSxSYW0CyfFo96WMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMVBXRWljeVFScVlxRkxGSmhiUUxKOFdqM3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawww
aAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CA
AAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQA7vfVqq+ycuL24S2Haw7reacA5
FjFTRznOTO9Fmhbdh8phvpP8vJivVjxoehLRVPyBE9CjiQDOaneHps3cPXZ9F8ap
bzLcMlz67GhBgnjzTM/NjJxg98kMrc46dvSuonC0O8pATlLhUGGhKFONllMbnvbB
vHEbk0R3fAf2VOEeNFL+4rYCMbUnyHg+5WbAYwzsPA27jc2iGcZtP99wvjMU4uO0
t0Ws6FpI3Sr2gnSeStW+uPsgWwLeJk9yCkdg6cAqbBAsk3DMku5e4bN5S7bvynuj
2HXTTbxGmXKHXwHh4G5BjkSwl3ADfjey7yJxOVtQdN4+mAL4PFOblCEH27xl
-----END CERTIFICATE-----
Generated at Wed Sep 6 18:00:06 2023 by rpki-client on console-fra.rpki-client.org