Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/c7CuolFMGgCxr0A7FTUfR8cup3I.roa
File: c7CuolFMGgCxr0A7FTUfR8cup3I.roa (raw, json)
Hash identifier: rd7HNlr3HYMkSo/THW1CzvsYX2psIfxKnP8VIR45tnM=
Subject key identifier: 73:B0:AE:A2:51:4C:1A:00:B1:AF:40:3B:15:35:1F:47:C7:2E:A7:72
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018A6B83CD4A338403232ABBEFDC6BFD5984
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/c7CuolFMGgCxr0A7FTUfR8cup3I.roa
Signing time: Wed 06 Sep 2023 17:21:54 +0000
ROA not before: Wed 06 Sep 2023 17:21:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
194.31.140.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
185.242.224.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b85::/32 maxlen: 32
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0d:77c0::/29 maxlen: 32
2a0b:b82::/44 maxlen: 44
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:83:cd:4a:33:84:03:23:2a:bb:ef:dc:6b:fd:59:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Sep 6 17:21:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73b0aea2514c1a00b1af403b15351f47c72ea772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b6:b8:e7:6c:37:e6:65:39:ba:73:3b:b3:04:
39:b7:41:6e:74:24:1c:1d:d5:85:d5:63:50:41:21:
52:c0:69:e9:01:34:7f:9c:3e:59:d5:a1:cc:f0:49:
39:de:11:aa:be:bd:93:ee:6f:00:ba:69:cb:07:15:
e6:8e:85:41:6a:7d:4f:3c:7f:41:11:b4:bf:67:62:
c9:df:8c:c4:12:6f:9d:1f:81:a0:53:72:1a:98:d1:
0a:46:83:66:63:4d:3d:bc:1f:d8:b8:b6:40:48:c3:
36:af:55:db:05:4c:71:16:e9:4d:76:be:67:64:e6:
51:be:41:d6:f5:7c:74:48:8c:72:62:37:79:c6:56:
6e:57:09:10:bc:77:2c:6e:f7:a4:13:81:81:fc:c9:
f1:5f:8a:8d:f7:c0:10:9f:c3:ff:e8:2f:ff:f5:a7:
96:3f:f8:df:be:21:8c:c0:2a:88:55:7b:1a:ba:8d:
f4:f5:5e:17:6b:44:37:ab:a3:1e:e0:03:82:a1:fe:
15:23:ca:cf:c4:a2:24:0f:92:a7:fd:c7:e3:47:fd:
4e:b3:fd:3a:34:2b:25:f5:f1:32:10:16:11:99:43:
32:83:5d:fe:19:02:a1:2f:2b:85:36:bb:ff:6c:0f:
6a:13:69:27:ca:d3:8d:54:2f:e1:87:13:bc:bb:6e:
5b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B0:AE:A2:51:4C:1A:00:B1:AF:40:3B:15:35:1F:47:C7:2E:A7:72
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/c7CuolFMGgCxr0A7FTUfR8cup3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:b4:7c:d4:32:4e:e0:fa:b3:b6:ce:6f:37:c1:15:0e:38:6c:
ca:57:1b:e7:63:cb:de:df:dd:01:75:49:e6:8a:51:9f:1a:4d:
4f:3d:c3:0e:d7:6e:93:0e:36:5d:8b:40:15:fb:50:b6:9f:46:
e8:1a:51:4c:58:ac:6d:92:01:80:35:28:29:86:94:a3:4f:ec:
c4:4c:7e:dd:89:a3:de:17:5a:e9:f6:93:89:18:11:2f:0d:18:
e6:68:9b:0f:db:42:7b:dd:39:07:1e:fd:b2:ad:b5:31:d6:9a:
30:50:9b:e7:17:6b:9b:01:61:b5:4d:88:bc:86:ac:85:46:4f:
ef:99:f8:00:6f:f4:32:fa:2e:1c:b1:47:e5:09:c1:37:6e:2b:
be:bd:d5:d4:36:71:f3:e1:95:6d:f8:20:dc:a7:58:f9:a4:00:
dd:27:0d:91:ca:c5:93:d1:98:34:ab:e8:5b:e2:cc:01:0b:1c:
49:ac:a4:6d:28:1f:5b:a8:74:6d:6e:91:43:a8:32:e5:45:3b:
ba:57:ce:93:3c:dd:12:bd:81:c1:37:4b:9b:ca:74:06:37:51:
d3:19:53:17:80:89:ee:80:22:1e:6d:96:92:ab:8a:b3:1f:ed:
b0:fe:ea:98:07:c7:33:33:b8:c5:29:19:75:7e:fa:64:e3:0b:
ac:49:1c:f2
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYprg81KM4QDIyq779xr/VmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwOTA2MTcyMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2IwYWVhMjUxNGMxYTAwYjFhZjQwM2IxNTM1MWY0N2M3MmVhNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7a452w35mU5unM7swQ5t0FudCQc
HdWF1WNQQSFSwGnpATR/nD5Z1aHM8Ek53hGqvr2T7m8AumnLBxXmjoVBan1PPH9B
EbS/Z2LJ34zEEm+dH4GgU3IamNEKRoNmY009vB/YuLZASMM2r1XbBUxxFulNdr5n
ZOZRvkHW9Xx0SIxyYjd5xlZuVwkQvHcsbvekE4GB/MnxX4qN98AQn8P/6C//9aeW
P/jfviGMwCqIVXsauo309V4Xa0Q3q6Me4AOCof4VI8rPxKIkD5Kn/cfjR/1Os/06
NCsl9fEyEBYRmUMyg13+GQKhLyuFNrv/bA9qE2knytONVC/hhxO8u25b0QIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFHOwrqJRTBoAsa9AOxU1H0fHLqdyMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvYzdDdW9sRk1HZ0N4cjBBN0ZUVWZSOGN1cDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawww
aAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CA
AAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQA7tHzUMk7g+rO2zm83wRUOOGzK
VxvnY8ve390BdUnmilGfGk1PPcMO126TDjZdi0AV+1C2n0boGlFMWKxtkgGANSgp
hpSjT+zETH7diaPeF1rp9pOJGBEvDRjmaJsP20J73TkHHv2yrbUx1powUJvnF2ub
AWG1TYi8hqyFRk/vmfgAb/Qy+i4csUflCcE3biu+vdXUNnHz4ZVt+CDcp1j5pADd
Jw2RysWT0Zg0q+hb4swBCxxJrKRtKB9bqHRtbpFDqDLlRTu6V86TPN0SvYHBN0ub
ynQGN1HTGVMXgInugCIebZaSq4qzH+2w/uqYB8czM7jFKRl1fvpk4wusSRzy
-----END CERTIFICATE-----
Generated at Mon Sep 25 14:15:38 2023 by rpki-client on console-ams.rpki-client.org