Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/otl4FAAN3QIUaj3nrNMDqMfbpus.roa
File: otl4FAAN3QIUaj3nrNMDqMfbpus.roa (raw, json)
Hash identifier: acFG38wvP/W4U7Pxdk/i7XLC34qOTsuWtsk1uJ3fq4Q=
Subject key identifier: A2:D9:78:14:00:0D:DD:02:14:6A:3D:E7:AC:D3:03:A8:C7:DB:A6:EB
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA803F35AEA844E9947F71674E3BDA
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/otl4FAAN3QIUaj3nrNMDqMfbpus.roa
Signing time: Mon 02 Jan 2023 13:45:03 +0000
ROA not before: Mon 02 Jan 2023 13:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57367
IP address blocks: 128.204.216.0/24 maxlen: 24
128.204.218.0/24 maxlen: 24
128.204.217.0/24 maxlen: 24
128.204.219.0/24 maxlen: 24
31.186.80.0/21 maxlen: 21
128.204.221.0/24 maxlen: 24
128.204.220.0/22 maxlen: 22
128.204.220.0/24 maxlen: 24
128.204.223.0/24 maxlen: 24
128.204.222.0/24 maxlen: 24
85.194.240.0/22 maxlen: 22
195.167.159.0/24 maxlen: 24
195.167.157.0/24 maxlen: 24
195.167.156.0/24 maxlen: 24
85.194.242.0/24 maxlen: 24
85.194.244.0/22 maxlen: 22
85.194.246.0/24 maxlen: 24
85.194.247.0/24 maxlen: 24
185.36.168.0/22 maxlen: 22
206.252.232.0/24 maxlen: 24
206.252.251.0/24 maxlen: 24
212.91.27.0/24 maxlen: 24
212.91.26.0/24 maxlen: 24
77.79.227.0/24 maxlen: 24
77.79.248.0/24 maxlen: 24
77.79.250.0/24 maxlen: 24
91.185.184.0/24 maxlen: 24
91.185.186.0/24 maxlen: 24
91.185.185.0/24 maxlen: 24
91.185.188.0/24 maxlen: 24
91.185.187.0/24 maxlen: 24
91.185.189.0/24 maxlen: 24
91.185.191.0/24 maxlen: 24
91.185.190.0/24 maxlen: 24
85.232.241.0/24 maxlen: 24
213.189.52.0/24 maxlen: 24
213.189.54.0/24 maxlen: 24
213.189.53.0/24 maxlen: 24
213.189.55.0/24 maxlen: 24
213.189.56.0/24 maxlen: 24
213.189.58.0/24 maxlen: 24
2001:1a68:1a::/48 maxlen: 48
2001:1a68:ec00::/40 maxlen: 40
2001:1a68:19::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:80:3f:35:ae:a8:44:e9:94:7f:71:67:4e:3b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2d97814000ddd02146a3de7acd303a8c7dba6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:c4:a2:fc:16:c8:35:84:bb:5d:52:79:1a:
19:c9:96:92:fc:87:25:57:cd:02:ea:47:5b:d8:ba:
8e:b8:7c:58:a0:70:aa:86:77:42:ab:80:8e:f1:3b:
ac:3f:67:50:ee:bb:0f:7c:95:6f:85:ed:25:23:a2:
70:80:dc:02:42:35:36:e2:eb:42:70:bd:85:83:90:
53:bc:2c:99:ab:87:8d:40:cd:83:1d:04:2c:d0:a0:
ee:07:7b:22:13:66:64:bc:05:e7:c0:ee:36:04:a6:
b4:e4:a5:3f:ff:8f:85:72:2e:8c:47:94:21:27:cc:
18:48:d3:92:0e:77:5c:b1:47:53:8a:6d:aa:c6:25:
17:7b:67:ff:ec:44:4d:aa:11:42:f1:4c:fe:09:f0:
1d:25:8f:89:f1:80:69:b2:0f:2f:58:5f:1b:7c:a0:
9a:c4:f5:bd:61:3a:84:c0:5c:5e:ed:42:33:bc:5f:
8e:04:37:6d:99:66:de:e5:db:ef:3c:91:50:71:3b:
f4:55:7f:c6:43:ac:41:79:0d:e3:d8:3c:1c:f7:0c:
48:90:52:88:bb:5e:b3:aa:5a:51:ef:5a:f2:62:e6:
24:7b:90:29:db:5b:8b:fc:cc:8c:d6:44:08:00:b1:
84:cd:9a:18:79:03:cd:2a:34:8a:f9:25:38:9d:63:
f1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D9:78:14:00:0D:DD:02:14:6A:3D:E7:AC:D3:03:A8:C7:DB:A6:EB
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/otl4FAAN3QIUaj3nrNMDqMfbpus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.80.0/21
77.79.227.0/24
77.79.248.0/24
77.79.250.0/24
85.194.240.0/21
85.232.241.0/24
91.185.184.0/21
128.204.216.0/21
185.36.168.0/22
195.167.156.0/23
195.167.159.0/24
206.252.232.0/24
206.252.251.0/24
212.91.26.0/23
213.189.52.0-213.189.56.255
213.189.58.0/24
IPv6:
2001:1a68:19::-2001:1a68:1a:ffff:ffff:ffff:ffff:ffff
2001:1a68:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
51:f0:c7:1b:c1:85:e4:d3:a6:0a:2f:f4:ac:ac:ee:40:2a:88:
d0:ae:92:9e:38:95:7f:d4:a4:e2:03:02:99:9c:25:0e:01:15:
57:09:6a:cd:76:1d:5a:20:43:67:37:42:9c:84:27:fc:78:94:
39:f1:ed:93:1c:b9:19:02:a8:25:bd:82:28:0e:3c:a7:0e:36:
a9:9b:c5:ff:0f:43:23:da:9c:29:75:c3:c7:b9:e6:ba:97:7b:
1b:af:fc:3c:16:27:de:ff:19:02:49:45:a5:8e:f4:3f:a3:fa:
5e:71:76:42:8e:72:0f:a2:9a:14:2f:b3:8f:26:b8:29:d1:e0:
62:d6:6e:1f:98:85:6e:a4:de:b3:3a:de:c2:00:e4:ee:cb:3d:
73:93:de:66:01:20:60:06:9f:18:13:8b:2a:05:d8:88:31:b0:
c9:49:51:25:84:15:85:fa:f4:12:3b:8f:31:47:35:a7:16:1e:
b3:50:ca:71:e4:9c:69:f1:da:52:bf:05:c9:f6:8f:7c:5f:7d:
d4:a0:1b:fd:cc:f6:93:90:23:f5:9a:0e:5c:85:90:4a:9a:26:
24:e1:06:52:04:a1:2b:c9:5f:e1:ec:d3:8f:9b:18:dd:02:a3:
ee:38:cf:8e:2d:77:bf:86:b3:99:b5:a8:c5:07:c3:fd:30:9c:
e1:fb:95:17
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYVyuoA/Na6oROmUf3FnTjvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQ5NzgxNDAwMGRkZDAyMTQ2YTNkZTdhY2QzMDNhOGM3ZGJhNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujvEovwWyDWEu11SeRoZyZaS/Icl
V80C6kdb2LqOuHxYoHCqhndCq4CO8TusP2dQ7rsPfJVvhe0lI6JwgNwCQjU24utC
cL2Fg5BTvCyZq4eNQM2DHQQs0KDuB3siE2ZkvAXnwO42BKa05KU//4+Fci6MR5Qh
J8wYSNOSDndcsUdTim2qxiUXe2f/7ERNqhFC8Uz+CfAdJY+J8YBpsg8vWF8bfKCa
xPW9YTqEwFxe7UIzvF+OBDdtmWbe5dvvPJFQcTv0VX/GQ6xBeQ3j2Dwc9wxIkFKI
u16zqlpR71ryYuYke5Ap21uL/MyM1kQIALGEzZoYeQPNKjSK+SU4nWPx/wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFKLZeBQADd0CFGo956zTA6jH26brMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvb3RsNEZBQU4zUUlVYWozbnJOTURxTWZicHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBuBAIAATBoAwQDH7pQ
AwQATU/jAwQATU/4AwQATU/6AwQDVcLwAwQAVejxAwQDW7m4AwQDgMzYAwQCuSSo
AwQBw6ecAwQAw6efAwQAzvzoAwQAzvz7AwQB1FsaMAwDBALVvTQDBADVvTgDBADV
vTowIgQCAAIwHDASAwcAIAEaaAAZAwcAIAEaaAAaAwYAIAEaaOwwDQYJKoZIhvcN
AQELBQADggEBAFHwxxvBheTTpgov9Kys7kAqiNCukp44lX/UpOIDApmcJQ4BFVcJ
as12HVogQ2c3QpyEJ/x4lDnx7ZMcuRkCqCW9gigOPKcONqmbxf8PQyPanCl1w8e5
5rqXexuv/DwWJ97/GQJJRaWO9D+j+l5xdkKOcg+imhQvs48muCnR4GLWbh+YhW6k
3rM63sIA5O7LPXOT3mYBIGAGnxgTiyoF2IgxsMlJUSWEFYX69BI7jzFHNacWHrNQ
ynHknGnx2lK/Bcn2j3xffdSgG/3M9pOQI/WaDlyFkEqaJiThBlIEoSvJX+Hs04+b
GN0Co+44z44td7+Gs5m1qMUHw/0wnOH7lRc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:45 2024 by rpki-client on console-fra.rpki-client.org