Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/cIShnRHpnV2ncOnJYv1NfX7S8oQ.roa
File: cIShnRHpnV2ncOnJYv1NfX7S8oQ.roa (raw, json)
Hash identifier: uLAcbfzJZYpvbxVca7cbMX4IYVe1QAWgzEhB1rW0ygQ=
Subject key identifier: 70:84:A1:9D:11:E9:9D:5D:A7:70:E9:C9:62:FD:4D:7D:7E:D2:F2:84
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 0186123F532F3BC3213B09FCD993B09714FD
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/cIShnRHpnV2ncOnJYv1NfX7S8oQ.roa
Signing time: Thu 02 Feb 2023 13:09:45 +0000
ROA not before: Thu 02 Feb 2023 13:09:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13285
IP address blocks: 78.144.0.0/13 maxlen: 24
2.96.0.0/13 maxlen: 24
217.68.128.0/20 maxlen: 24
185.173.120.0/22 maxlen: 24
92.0.0.0/11 maxlen: 24
62.24.128.0/17 maxlen: 24
89.240.0.0/14 maxlen: 24
212.139.148.0/22 maxlen: 22
91.146.112.0/21 maxlen: 24
62.241.160.0/19 maxlen: 24
185.173.116.0/22 maxlen: 24
212.139.133.0/24 maxlen: 24
2001:4a00::/27 maxlen: 27
2001:7e0::/32 maxlen: 32
2a0b:e900::/29 maxlen: 29
2a0b:db00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:3f:53:2f:3b:c3:21:3b:09:fc:d9:93:b0:97:14:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Feb 2 13:09:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7084a19d11e99d5da770e9c962fd4d7d7ed2f284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:85:ec:45:13:f4:57:18:f5:40:93:71:75:15:
31:2a:d4:b8:1d:f9:ce:52:92:7e:ca:15:73:94:05:
c2:50:34:f5:84:f4:7c:b7:a6:19:3a:c7:85:f1:f8:
47:9c:3a:fd:07:cc:03:5d:28:0b:2a:a6:64:48:9f:
86:7f:a9:1f:5b:88:1b:46:9c:19:1f:5c:b0:68:74:
ce:b2:e3:88:d6:2a:85:2c:0d:5f:4d:fe:fe:19:c4:
26:f8:08:28:9b:ce:06:d4:a8:24:61:b6:bc:4b:e4:
e6:c6:4e:81:c0:8d:3d:7e:1c:d1:cd:ab:25:fb:cc:
05:29:e6:d1:c4:1b:7f:33:30:95:72:67:48:2b:c8:
08:bb:3f:8b:af:16:1a:22:81:36:d7:bd:40:78:13:
d6:07:45:9a:41:62:b8:ab:ff:bd:fe:07:05:9f:d5:
5b:ab:52:fe:47:fb:64:f1:59:f7:aa:64:1b:10:c0:
cf:65:ab:9f:83:51:1c:95:15:48:b9:03:d2:12:92:
48:e1:e8:93:3a:ed:0a:a3:48:cf:85:de:54:fa:67:
79:39:b6:fc:31:e2:19:88:1b:6b:79:a8:68:0a:9b:
fe:93:e2:cd:21:72:4b:e4:b4:e3:62:8e:a0:4c:85:
a0:19:e7:14:52:10:2a:13:dd:02:3f:26:52:af:8a:
49:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:84:A1:9D:11:E9:9D:5D:A7:70:E9:C9:62:FD:4D:7D:7E:D2:F2:84
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/cIShnRHpnV2ncOnJYv1NfX7S8oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
185.173.116.0-185.173.123.255
212.139.133.0/24
212.139.148.0/22
217.68.128.0/20
IPv6:
2001:7e0::/32
2001:4a00::/27
2a0b:db00::/29
2a0b:e900::/29
Signature Algorithm: sha256WithRSAEncryption
19:cd:60:3b:4b:d9:3e:34:eb:21:e9:44:eb:97:15:81:4c:e6:
fe:a0:bd:74:ab:32:b6:2f:ea:6f:7f:54:08:dc:40:97:6d:3d:
55:11:9e:0d:5b:1b:4d:a1:26:ba:13:b1:0d:c1:50:86:85:78:
2b:af:87:d9:b1:40:4d:94:0e:9d:b0:75:96:91:02:1c:b0:32:
37:5f:09:08:85:a3:d1:d8:f1:d8:fd:2e:6b:b1:d9:70:25:e1:
f2:bd:c3:93:40:63:87:d4:42:6a:ca:d2:22:35:91:90:91:a8:
7d:17:b6:83:12:fc:e3:75:5e:91:40:31:87:11:17:a9:c6:60:
09:ee:5c:b4:c9:18:4d:d0:84:f9:93:9a:9f:c5:58:21:8e:10:
c6:ac:d8:8b:1c:6e:f5:12:8e:01:a0:7f:8a:54:1a:04:45:09:
20:44:f9:0c:b5:52:95:30:f3:d0:07:1f:9e:2f:5c:5d:57:09:
11:0f:e3:de:7d:19:dc:04:a4:ce:78:68:d6:4f:fa:d3:a8:89:
6f:1c:f9:b9:df:8e:9a:cc:5a:87:ac:b9:b9:6d:2e:4d:e9:a8:
53:51:bf:ea:75:a2:23:a0:fc:d6:9f:e5:e7:5a:ea:a5:8a:d8:
55:5a:51:13:27:b0:5c:20:6a:75:85:f4:58:71:ab:04:28:6e:
60:25:b3:ec
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYYSP1MvO8MhOwn82ZOwlxT9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwMjAyMTMwOTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg0YTE5ZDExZTk5ZDVkYTc3MGU5Yzk2MmZkNGQ3ZDdlZDJmMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoXsRRP0Vxj1QJNxdRUxKtS4HfnO
UpJ+yhVzlAXCUDT1hPR8t6YZOseF8fhHnDr9B8wDXSgLKqZkSJ+Gf6kfW4gbRpwZ
H1ywaHTOsuOI1iqFLA1fTf7+GcQm+Agom84G1KgkYba8S+Tmxk6BwI09fhzRzasl
+8wFKebRxBt/MzCVcmdIK8gIuz+LrxYaIoE2171AeBPWB0WaQWK4q/+9/gcFn9Vb
q1L+R/tk8Vn3qmQbEMDPZaufg1EclRVIuQPSEpJI4eiTOu0Ko0jPhd5U+md5Obb8
MeIZiBtreahoCpv+k+LNIXJL5LTjYo6gTIWgGecUUhAqE90CPyZSr4pJqQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHCEoZ0R6Z1dp3DpyWL9TX1+0vKEMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvY0lTaG5SSHBuVjJuY09uSll2MU5mWDdTOG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwTAQCAAEwRgMDAwJgAwQH
PhiAAwQFPvGgAwMDTpADAwJZ8AMEA1uScAMDBVwAMAwDBAK5rXQDBAK5rXgDBADU
i4UDBALUi5QDBATZRIAwIgQCAAIwHAMFACABB+ADBQUgAUoAAwUDKgvbAAMFAyoL
6QAwDQYJKoZIhvcNAQELBQADggEBABnNYDtL2T406yHpROuXFYFM5v6gvXSrMrYv
6m9/VAjcQJdtPVURng1bG02hJroTsQ3BUIaFeCuvh9mxQE2UDp2wdZaRAhywMjdf
CQiFo9HY8dj9Lmux2XAl4fK9w5NAY4fUQmrK0iI1kZCRqH0XtoMS/ON1XpFAMYcR
F6nGYAnuXLTJGE3QhPmTmp/FWCGOEMas2IscbvUSjgGgf4pUGgRFCSBE+Qy1UpUw
89AHH54vXF1XCREP4959GdwEpM54aNZP+tOoiW8c+bnfjprMWoesubltLk3pqFNR
v+p1oiOg/Naf5eda6qWK2FVaURMnsFwganWF9FhxqwQobmAls+w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org