Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/p4FNVWbxpK3qSjI6orfBjhS6Pa4.roa
File: p4FNVWbxpK3qSjI6orfBjhS6Pa4.roa (raw, json)
Hash identifier: jHGjEMAA6imz8JeNqfkapdojzSWPPZaZq7WK+sqTdRs=
Subject key identifier: A7:81:4D:55:66:F1:A4:AD:EA:4A:32:3A:A2:B7:C1:8E:14:BA:3D:AE
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018BE9567E6F7362F39B8AF38E3F89DFB3D4
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/p4FNVWbxpK3qSjI6orfBjhS6Pa4.roa
Signing time: Sun 19 Nov 2023 20:47:21 +0000
ROA not before: Sun 19 Nov 2023 20:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.119.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
194.31.140.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
185.242.224.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b85::/32 maxlen: 32
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0d:77c0::/29 maxlen: 32
2a0b:b82::/44 maxlen: 44
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e9:56:7e:6f:73:62:f3:9b:8a:f3:8e:3f:89:df:b3:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 19 20:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7814d5566f1a4adea4a323aa2b7c18e14ba3dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:66:a2:54:29:19:25:99:e7:1a:00:6e:3b:9b:
2e:73:31:0b:3f:80:cb:1c:81:bf:05:b7:6d:02:97:
47:15:3c:25:b2:0b:f6:96:7e:7e:c1:29:86:8c:63:
83:75:1e:de:7b:2a:2f:51:20:7e:48:e9:d9:96:2b:
0e:5c:93:89:c0:b1:ec:f4:ca:b5:e1:f6:f1:e8:6d:
53:88:a2:be:c9:a7:14:7a:98:f1:42:45:12:55:22:
46:b7:b4:60:28:b9:27:c0:d6:55:d3:c1:70:1a:23:
df:56:6d:03:31:ac:af:73:0f:f2:b1:ce:48:f0:d1:
41:df:ec:ec:12:20:f2:9b:af:d4:b6:95:b5:c1:4c:
0f:ce:bf:eb:5d:70:75:ae:b4:03:54:7a:a5:a0:1f:
26:04:35:00:17:c7:67:d2:cf:7e:90:65:da:e8:12:
4e:9d:61:60:36:00:35:5b:83:30:b5:18:c4:e9:ea:
85:f2:88:16:18:77:af:b1:a0:7e:64:a6:9a:49:ba:
85:bc:e3:f4:f4:b4:f6:ac:e1:09:88:7e:e8:84:d5:
6d:7f:a6:85:b6:67:d4:3a:c0:ce:33:90:29:5f:e9:
49:0f:4e:0a:1a:80:03:15:48:ee:8d:66:d9:e8:47:
dd:ba:3d:ba:e6:e2:e2:f1:31:2e:43:bc:a0:e4:3a:
ae:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:81:4D:55:66:F1:A4:AD:EA:4A:32:3A:A2:B7:C1:8E:14:BA:3D:AE
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/p4FNVWbxpK3qSjI6orfBjhS6Pa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:d5:c2:d1:31:31:fb:d4:4b:f8:c2:e3:8c:7f:3d:c6:35:e5:
c9:61:38:59:d2:45:3f:3a:10:2e:9a:a5:31:9c:74:4e:36:99:
53:9d:0d:5c:3d:89:ab:fe:f3:a2:b6:f4:27:b0:cf:31:e2:e4:
d6:3b:49:f3:1b:eb:70:18:7b:87:94:67:30:af:e1:45:8f:e3:
fb:8f:04:6c:76:4f:c4:ae:86:15:6c:c6:17:ae:33:8c:a7:f3:
a2:88:d5:01:df:c6:c2:dd:c6:6c:0c:22:1b:f4:0d:ea:2d:a2:
8c:b7:e4:10:e2:12:fd:60:2f:98:a1:13:4e:e2:7a:1b:69:5a:
ee:da:f3:16:15:ba:b5:e9:77:8a:f8:2d:60:19:d1:9d:f4:85:
fa:80:0a:9f:36:32:e9:89:5b:ca:0f:53:53:f7:46:63:c6:46:
2a:63:4b:58:c6:e9:e1:77:4e:04:f2:98:92:22:67:c4:d8:5b:
20:8b:c9:54:98:14:db:1e:50:b2:35:86:c6:fb:49:4d:05:23:
5f:2a:92:bb:ae:bf:8e:82:8f:b8:e7:12:45:04:a3:bb:32:10:
de:20:32:a5:21:0b:e7:a8:cc:1f:cf:db:b8:06:22:78:c0:85:
31:36:81:14:df:b7:eb:56:c9:8f:76:33:75:10:9c:25:14:06:
6d:cb:40:88
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYvpVn5vc2Lzm4rzjj+J37PUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMxMTE5MjA0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzgxNGQ1NTY2ZjFhNGFkZWE0YTMyM2FhMmI3YzE4ZTE0YmEzZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimaiVCkZJZnnGgBuO5suczELP4DL
HIG/BbdtApdHFTwlsgv2ln5+wSmGjGODdR7eeyovUSB+SOnZlisOXJOJwLHs9Mq1
4fbx6G1TiKK+yacUepjxQkUSVSJGt7RgKLknwNZV08FwGiPfVm0DMayvcw/ysc5I
8NFB3+zsEiDym6/UtpW1wUwPzr/rXXB1rrQDVHqloB8mBDUAF8dn0s9+kGXa6BJO
nWFgNgA1W4MwtRjE6eqF8ogWGHevsaB+ZKaaSbqFvOP09LT2rOEJiH7ohNVtf6aF
tmfUOsDOM5ApX+lJD04KGoADFUjujWbZ6Efduj265uLi8TEuQ7yg5DquswIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFKeBTVVm8aSt6koyOqK3wY4Uuj2uMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvcDRGTlZXYnhwSzNxU2pJNm9yZkJqaFM2UGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawww
aAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CA
AAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQCS1cLRMTH71Ev4wuOMfz3GNeXJ
YThZ0kU/OhAumqUxnHRONplTnQ1cPYmr/vOitvQnsM8x4uTWO0nzG+twGHuHlGcw
r+FFj+P7jwRsdk/EroYVbMYXrjOMp/OiiNUB38bC3cZsDCIb9A3qLaKMt+QQ4hL9
YC+YoRNO4nobaVru2vMWFbq16XeK+C1gGdGd9IX6gAqfNjLpiVvKD1NT90ZjxkYq
Y0tYxunhd04E8piSImfE2Fsgi8lUmBTbHlCyNYbG+0lNBSNfKpK7rr+Ogo+45xJF
BKO7MhDeIDKlIQvnqMwfz9u4BiJ4wIUxNoEU37frVsmPdjN1EJwlFAZty0CI
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:34 2024 by rpki-client on console-ams.rpki-client.org