Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/D9JOhNVz1A1NY38Z5knU_eRBl3g.roa
File: D9JOhNVz1A1NY38Z5knU_eRBl3g.roa (raw, json)
Hash identifier: KMTDL99Ug+QBnqgX2uFB1LMJhP2Q8V3xX+9mBYyyJJA=
Subject key identifier: 0F:D2:4E:84:D5:73:D4:0D:4D:63:7F:19:E6:49:D4:FD:E4:41:97:78
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01874711FFA58CE6CAEABBDBD812CA8FD6D1
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/D9JOhNVz1A1NY38Z5knU_eRBl3g.roa
Signing time: Mon 03 Apr 2023 12:22:54 +0000
ROA not before: Mon 03 Apr 2023 12:22:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:11:ff:a5:8c:e6:ca:ea:bb:db:d8:12:ca:8f:d6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Apr 3 12:22:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fd24e84d573d40d4d637f19e649d4fde4419778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a2:7f:8a:bf:1c:2f:0c:81:d8:2c:24:6b:2d:
ad:a7:c7:85:9f:17:11:ba:a5:ee:c1:1e:9b:28:63:
c1:9c:0c:90:7f:b0:6a:9f:14:d1:3f:be:50:9e:7f:
3d:57:34:29:46:b6:97:db:d1:60:2c:0d:01:a9:c7:
81:b8:a4:2a:19:ff:56:60:51:62:16:e7:c8:e6:c4:
9a:c8:a4:1c:79:bf:1f:26:fc:75:d6:33:0f:80:64:
50:63:0e:81:77:e8:03:d7:10:28:27:95:86:44:51:
ca:77:98:37:a1:de:1c:55:76:95:ad:04:d4:b6:c2:
e4:b3:0e:04:e9:d8:9f:9f:82:4a:4c:8b:c4:6a:d1:
ed:bf:aa:92:0b:c0:9f:34:f8:a1:c5:9f:8a:86:09:
6f:4e:9b:b1:d4:4a:89:45:5b:59:65:49:e1:83:a8:
22:f7:8f:fc:12:a6:3d:a4:1f:5c:24:14:5c:c6:93:
d7:e2:0e:36:99:85:13:62:a7:86:28:39:40:c4:c6:
b2:d4:4d:29:e2:41:a0:db:ca:36:ed:07:15:5c:e7:
bc:a7:e9:c0:c2:65:aa:1d:c9:25:01:f1:0a:5c:e8:
92:d5:bc:5c:be:37:17:a2:3c:73:13:0b:1b:0a:1a:
74:cf:6f:8d:d2:8f:f9:d2:f5:1d:4c:b5:86:7c:02:
22:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D2:4E:84:D5:73:D4:0D:4D:63:7F:19:E6:49:D4:FD:E4:41:97:78
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/D9JOhNVz1A1NY38Z5knU_eRBl3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
b6:49:7b:09:41:45:2d:bc:37:f0:af:da:5f:42:e6:98:c5:d9:
7e:ed:cf:0f:53:b9:c1:73:37:24:ad:07:6c:90:0c:60:cb:05:
7a:b6:61:79:b9:b8:6c:f1:a7:53:87:26:a5:e8:01:0f:aa:d3:
64:2e:e7:83:b7:63:1e:1d:26:de:d1:f6:ae:ed:f5:32:fc:2a:
a5:36:08:15:da:56:07:cb:67:73:89:3a:56:d1:d7:72:e3:01:
76:86:63:0d:52:16:c1:a3:29:31:50:ae:92:8f:81:09:f6:53:
a3:83:16:39:a3:ce:8b:96:91:c8:b5:10:0d:86:f4:1f:f8:11:
fb:b3:29:e6:62:67:1d:83:be:00:20:77:04:ab:a1:a9:57:f4:
9b:2d:4d:69:14:de:bc:0c:54:29:ac:48:f4:1e:b1:5a:10:ac:
81:db:5a:97:1d:ad:0f:aa:ae:ba:c6:9b:a4:0b:4a:88:e9:cc:
63:97:5c:df:bb:d4:02:57:40:5b:93:b1:eb:20:a1:67:4a:e9:
4c:74:98:a9:71:85:99:af:e1:0d:9f:fa:b6:ca:c3:f3:fd:05:
6a:39:98:3e:b7:3e:8e:c3:21:64:8f:b0:93:a3:67:20:0e:bb:
1d:bb:3d:78:04:48:59:09:3f:5b:7f:6b:f9:0c:ee:79:2c:d3:
5e:54:b4:b8
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYdHEf+ljObK6rvb2BLKj9bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNDAzMTIyMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQyNGU4NGQ1NzNkNDBkNGQ2MzdmMTllNjQ5ZDRmZGU0NDE5Nzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6J/ir8cLwyB2Cwkay2tp8eFnxcR
uqXuwR6bKGPBnAyQf7BqnxTRP75Qnn89VzQpRraX29FgLA0BqceBuKQqGf9WYFFi
FufI5sSayKQceb8fJvx11jMPgGRQYw6Bd+gD1xAoJ5WGRFHKd5g3od4cVXaVrQTU
tsLksw4E6difn4JKTIvEatHtv6qSC8CfNPihxZ+KhglvTpux1EqJRVtZZUnhg6gi
94/8EqY9pB9cJBRcxpPX4g42mYUTYqeGKDlAxMay1E0p4kGg28o27QcVXOe8p+nA
wmWqHcklAfEKXOiS1bxcvjcXojxzEwsbChp0z2+N0o/50vUdTLWGfAIi8wIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFA/SToTVc9QNTWN/GeZJ1P3kQZd4MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRDlKT2hOVnoxQTFOWTM4WjVrblVfZVJCbDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMF4E
AgACMFgDBwQqCwuCAAADBQEqCwuEAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//a
AwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0G
CSqGSIb3DQEBCwUAA4IBAQC2SXsJQUUtvDfwr9pfQuaYxdl+7c8PU7nBczckrQds
kAxgywV6tmF5ubhs8adThyal6AEPqtNkLueDt2MeHSbe0fau7fUy/CqlNggV2lYH
y2dziTpW0ddy4wF2hmMNUhbBoykxUK6Sj4EJ9lOjgxY5o86LlpHItRANhvQf+BH7
synmYmcdg74AIHcEq6GpV/SbLU1pFN68DFQprEj0HrFaEKyB21qXHa0Pqq66xpuk
C0qI6cxjl1zfu9QCV0Bbk7HrIKFnSulMdJipcYWZr+ENn/q2ysPz/QVqOZg+tz6O
wyFkj7CTo2cgDrsduz14BEhZCT9bf2v5DO55LNNeVLS4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:38 2023 by rpki-client on console-fra.rpki-client.org