Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/A0T_wsgX0HNTzkLY3riUzgSA4ZU.roa
File: A0T_wsgX0HNTzkLY3riUzgSA4ZU.roa (raw, json)
Hash identifier: asQP4LWlgFbSqGuynPvePlF4qwTkxKG9MS4hq91SrvU=
Subject key identifier: 03:44:FF:C2:C8:17:D0:73:53:CE:42:D8:DE:B8:94:CE:04:80:E1:95
Certificate issuer: /CN=d5fb526a33f366aa8946188e5d326bdce46e2c40
Certificate serial: 018843314DC45DFCC3C94F944B050BF6FCD1
Authority key identifier: D5:FB:52:6A:33:F3:66:AA:89:46:18:8E:5D:32:6B:DC:E4:6E:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/A0T_wsgX0HNTzkLY3riUzgSA4ZU.roa
Signing time: Mon 22 May 2023 11:21:24 +0000
ROA not before: Mon 22 May 2023 11:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57826
IP address blocks: 176.108.64.0/24 maxlen: 24
176.108.64.0/19 maxlen: 19
176.108.68.0/22 maxlen: 22
176.108.65.0/24 maxlen: 24
176.108.66.0/24 maxlen: 24
176.108.67.0/24 maxlen: 24
176.108.72.0/22 maxlen: 22
176.108.76.0/22 maxlen: 22
176.108.83.0/24 maxlen: 24
176.108.84.0/24 maxlen: 24
176.108.85.0/24 maxlen: 24
176.108.80.0/24 maxlen: 24
176.108.81.0/24 maxlen: 24
176.108.82.0/24 maxlen: 24
176.108.88.0/22 maxlen: 22
176.108.86.0/24 maxlen: 24
176.108.87.0/24 maxlen: 24
176.108.92.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:31:4d:c4:5d:fc:c3:c9:4f:94:4b:05:0b:f6:fc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5fb526a33f366aa8946188e5d326bdce46e2c40
Validity
Not Before: May 22 11:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0344ffc2c817d07353ce42d8deb894ce0480e195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3a:70:6b:15:b5:1c:d3:c6:72:76:50:ee:fa:
2b:ae:c3:70:36:39:cf:a8:6a:61:1a:80:86:5e:3b:
6f:0b:b6:84:8e:55:71:df:96:d9:e8:9f:c2:39:30:
59:8c:9f:05:76:07:88:7d:70:e0:f0:33:9e:36:43:
68:29:39:be:41:5e:23:f9:68:9f:83:c7:4a:33:ac:
28:db:cc:cd:79:84:dc:4d:f9:c5:ee:d7:54:b9:b3:
7b:dc:fa:78:af:aa:8f:34:fc:67:a3:87:67:16:a1:
aa:bc:d3:61:7d:69:de:1b:05:b5:27:9d:f3:a9:fe:
50:8e:8f:3c:3f:67:92:e0:1a:e8:25:cc:e9:0e:0d:
59:af:3e:92:75:a4:f7:bd:98:35:5d:96:c2:f4:7b:
7e:27:53:75:14:c6:d2:e2:23:b8:31:95:33:41:2f:
36:d9:51:fc:d4:22:60:0f:bb:d4:e8:e5:07:29:76:
2d:95:23:42:2c:c4:a4:e9:18:d0:9c:1f:02:f0:b9:
12:bb:b7:cc:e6:28:f8:d6:14:c5:47:13:17:98:f8:
76:a9:cd:60:f1:17:cc:e8:46:92:ac:65:f8:e7:10:
1d:76:91:c9:48:4c:c5:70:c0:65:17:37:0c:03:c5:
de:c7:3a:46:e8:d3:8a:e9:a7:52:5e:cd:de:50:d9:
6d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:44:FF:C2:C8:17:D0:73:53:CE:42:D8:DE:B8:94:CE:04:80:E1:95
X509v3 Authority Key Identifier:
keyid:D5:FB:52:6A:33:F3:66:AA:89:46:18:8E:5D:32:6B:DC:E4:6E:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/A0T_wsgX0HNTzkLY3riUzgSA4ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.64.0/19
Signature Algorithm: sha256WithRSAEncryption
aa:34:80:91:e1:54:b6:3e:91:fc:ff:5b:34:5e:4f:59:eb:78:
06:80:83:0d:aa:53:95:65:22:e9:9f:83:9d:07:71:b9:f6:a9:
59:fd:4e:7a:c8:c0:41:a1:72:65:b1:2c:c2:b0:6e:32:14:6f:
cf:12:fc:15:d4:ef:b7:20:89:ff:9d:b2:5a:ad:6a:df:d8:a4:
13:e6:67:7d:ca:6f:4e:da:8e:45:0c:ff:72:a5:90:87:0c:49:
53:8e:0f:1a:4e:94:09:c5:58:24:27:19:0c:51:4a:4d:98:01:
b2:05:43:d1:3f:2b:82:f9:18:f4:39:27:68:98:22:25:a1:18:
9b:47:74:5b:cd:e0:57:7c:5a:36:76:e8:9c:50:77:21:e8:5a:
c5:a0:02:ee:ba:e7:7a:bb:53:45:32:26:ea:85:ef:f6:de:62:
03:24:1a:4f:30:1e:ad:5c:0f:c7:b5:70:56:be:43:b3:c6:40:
40:bc:a1:2a:ed:b5:94:5f:ba:ee:c8:37:76:79:36:21:ad:f3:
1b:72:fa:1f:d2:11:7b:4c:ca:30:8b:82:35:d6:0f:52:8c:6f:
8d:ba:ed:3f:6e:ec:46:e8:a8:b0:e0:6d:ec:db:2f:2b:48:49:
e8:81:a6:89:0b:bd:36:4b:b4:10:2f:78:2b:51:f0:b5:a0:4a:
7a:5b:72:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhDMU3EXfzDyU+USwUL9vzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZmI1MjZhMzNmMzY2YWE4OTQ2MTg4ZTVkMzI2YmRjZTQ2
ZTJjNDAwHhcNMjMwNTIyMTEyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzQ0ZmZjMmM4MTdkMDczNTNjZTQyZDhkZWI4OTRjZTA0ODBlMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjpwaxW1HNPGcnZQ7vorrsNwNjnP
qGphGoCGXjtvC7aEjlVx35bZ6J/COTBZjJ8FdgeIfXDg8DOeNkNoKTm+QV4j+Wif
g8dKM6wo28zNeYTcTfnF7tdUubN73Pp4r6qPNPxno4dnFqGqvNNhfWneGwW1J53z
qf5Qjo88P2eS4BroJczpDg1Zrz6SdaT3vZg1XZbC9Ht+J1N1FMbS4iO4MZUzQS82
2VH81CJgD7vU6OUHKXYtlSNCLMSk6RjQnB8C8LkSu7fM5ij41hTFRxMXmPh2qc1g
8RfM6EaSrGX45xAddpHJSEzFcMBlFzcMA8XexzpG6NOK6adSXs3eUNlt1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANE/8LIF9BzU85C2N64lM4EgOGVMB8GA1UdIwQY
MBaAFNX7Umoz82aqiUYYjl0ya9zkbixAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80YTI3Y2ItOGNkNi00NWNjLTgyNDYt
MGU5ZDNlY2E0NGMyLzEvQTBUX3dzZ1gwSE5UemtMWTNyaVV6Z1NBNFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80YTI3Y2ItOGNkNi00NWNjLTgyNDYtMGU5ZDNlY2E0NGMy
LzEvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGxAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqNICR4VS2PpH8/1s0Xk9Z63gGgIMNqlOVZSLpn4Od
B3G59qlZ/U56yMBBoXJlsSzCsG4yFG/PEvwV1O+3IIn/nbJarWrf2KQT5md9ym9O
2o5FDP9ypZCHDElTjg8aTpQJxVgkJxkMUUpNmAGyBUPRPyuC+Rj0OSdomCIloRib
R3RbzeBXfFo2duicUHch6FrFoALuuud6u1NFMibqhe/23mIDJBpPMB6tXA/HtXBW
vkOzxkBAvKEq7bWUX7ruyDd2eTYhrfMbcvof0hF7TMowi4I11g9SjG+Nuu0/buxG
6Kiw4G3s2y8rSEnogaaJC702S7QQL3grUfC1oEp6W3Ks
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:46 2024 by rpki-client on console-fra.rpki-client.org