Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/dhwnzm1rJyhEIE2F0ok_ohuJJ5I.roa
File: dhwnzm1rJyhEIE2F0ok_ohuJJ5I.roa (raw, json)
Hash identifier: 7sBKyrGn61tD6P/fz+zeZ/aMMWUwVGqmcMVh0VNvOqo=
Subject key identifier: 76:1C:27:CE:6D:6B:27:28:44:20:4D:85:D2:89:3F:A2:1B:89:27:92
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 01856F7962BD6C4A5A76A402FDB743C0A411
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/dhwnzm1rJyhEIE2F0ok_ohuJJ5I.roa
Signing time: Sun 01 Jan 2023 22:35:04 +0000
ROA not before: Sun 01 Jan 2023 22:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.208.0/24 maxlen: 24
94.232.209.0/24 maxlen: 24
94.232.210.0/24 maxlen: 24
94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
176.97.3.0/24 maxlen: 24
176.97.4.0/22 maxlen: 22
176.97.0.0/23 maxlen: 23
176.97.2.0/24 maxlen: 24
91.218.72.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
94.232.214.0/24 maxlen: 24
91.197.168.0/24 maxlen: 24
91.197.169.0/24 maxlen: 24
91.197.170.0/24 maxlen: 24
91.197.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:62:bd:6c:4a:5a:76:a4:02:fd:b7:43:c0:a4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Jan 1 22:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=761c27ce6d6b272844204d85d2893fa21b892792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c9:8a:fd:50:5b:e7:e8:01:9e:1d:41:25:2a:
1f:18:0b:33:99:1a:d0:fc:21:83:b7:f1:b8:7a:f1:
2f:c6:e2:b6:8c:75:3e:57:3f:2c:f9:da:66:28:56:
a2:0a:ed:3e:45:c7:ea:af:32:21:f0:9a:47:16:26:
dd:1a:06:7a:40:e4:21:7b:56:87:42:3e:fa:7b:02:
e4:5a:05:c8:20:c9:8e:f8:b8:ff:91:85:d3:f3:b3:
ce:f1:ed:19:22:76:d8:38:66:57:04:48:41:43:fa:
f8:45:70:ce:79:dc:a1:a6:1d:8f:ed:ce:28:99:d8:
55:2c:e0:72:1e:91:3c:26:2d:29:1b:e6:6b:75:bc:
eb:eb:f0:5a:7c:81:60:0d:c4:3e:6d:61:be:e8:b0:
e6:e9:1d:08:ef:0c:b2:d1:bc:57:81:87:31:0f:14:
e5:af:7f:b9:fb:95:ad:74:82:4a:1c:c2:fe:ae:6c:
11:f0:b6:d3:a7:cc:c6:78:0b:5b:0d:a9:89:03:e0:
b1:21:57:9e:2f:76:92:e2:6f:46:f9:26:36:02:4a:
b8:81:83:cd:d8:54:54:cf:df:de:63:ac:9d:8d:66:
97:8e:60:63:d0:37:ff:08:ee:5e:92:f4:8d:7e:07:
14:b8:8d:4d:b1:77:b9:63:a4:4b:d2:86:c0:9b:78:
a8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1C:27:CE:6D:6B:27:28:44:20:4D:85:D2:89:3F:A2:1B:89:27:92
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/dhwnzm1rJyhEIE2F0ok_ohuJJ5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0-94.232.212.255
94.232.214.0/24
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
21:73:1b:b7:70:4c:6c:d5:4b:aa:48:65:e9:e5:84:73:5a:2a:
5a:45:a0:bc:2b:9b:99:c4:e9:24:ac:a9:43:76:14:06:d2:35:
9e:bd:0a:77:8c:c3:94:fd:28:d2:e4:5f:14:0d:4e:83:ea:cc:
a4:d2:46:42:e8:7b:60:a0:ce:bf:d4:06:c6:0c:7b:c2:9e:9c:
29:3b:8c:31:f9:c0:e0:dd:04:0d:f1:8f:ee:b6:2f:15:26:f5:
09:32:89:25:99:02:33:97:ef:65:7a:40:58:61:03:99:21:d2:
2c:2d:4a:c6:e3:ce:c8:7f:c3:8c:88:f0:fc:eb:46:cd:15:55:
33:16:8c:8a:d7:ce:7b:e7:95:87:a2:6d:4a:00:2a:4c:55:ab:
4b:1b:9d:8a:58:1c:32:6b:cd:f5:67:bf:89:26:44:a6:2b:1d:
2f:83:d1:93:6a:04:29:50:5a:bd:f4:77:05:0e:c6:9f:dd:65:
29:45:e7:81:83:6f:0b:ef:d8:6d:c0:38:20:ea:5b:52:69:e6:
71:5d:43:22:4b:99:32:af:18:8c:01:b4:7a:f4:f5:9d:aa:c3:
c3:64:ee:62:23:cc:db:15:4e:f9:be:5d:a2:ed:ff:75:cc:80:
52:77:b9:d4:86:3e:a0:55:e3:54:10:53:3c:a2:00:fa:08:28:
89:8b:5a:8f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVveWK9bEpadqQC/bdDwKQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjMwMTAxMjIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjFjMjdjZTZkNmIyNzI4NDQyMDRkODVkMjg5M2ZhMjFiODkyNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsmK/VBb5+gBnh1BJSofGAszmRrQ
/CGDt/G4evEvxuK2jHU+Vz8s+dpmKFaiCu0+RcfqrzIh8JpHFibdGgZ6QOQhe1aH
Qj76ewLkWgXIIMmO+Lj/kYXT87PO8e0ZInbYOGZXBEhBQ/r4RXDOedyhph2P7c4o
mdhVLOByHpE8Ji0pG+Zrdbzr6/BafIFgDcQ+bWG+6LDm6R0I7wyy0bxXgYcxDxTl
r3+5+5WtdIJKHML+rmwR8LbTp8zGeAtbDamJA+CxIVeeL3aS4m9G+SY2Akq4gYPN
2FRUz9/eY6ydjWaXjmBj0Df/CO5ekvSNfgcUuI1NsXe5Y6RL0obAm3io/wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHYcJ85taycoRCBNhdKJP6IbiSeSMB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvZGh3bnptMXJKeWhFSUUyRjBva19vaHVKSjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCW8WoAwQC
W9pIMAwDBARe6NADBABe6NQDBABe6NYDBAOwYQAwDQYJKoZIhvcNAQELBQADggEB
ACFzG7dwTGzVS6pIZenlhHNaKlpFoLwrm5nE6SSsqUN2FAbSNZ69CneMw5T9KNLk
XxQNToPqzKTSRkLoe2Cgzr/UBsYMe8KenCk7jDH5wODdBA3xj+62LxUm9QkyiSWZ
AjOX72V6QFhhA5kh0iwtSsbjzsh/w4yI8PzrRs0VVTMWjIrXznvnlYeibUoAKkxV
q0sbnYpYHDJrzfVnv4kmRKYrHS+D0ZNqBClQWr30dwUOxp/dZSlF54GDbwvv2G3A
OCDqW1Jp5nFdQyJLmTKvGIwBtHr09Z2qw8Nk7mIjzNsVTvm+XaLt/3XMgFJ3udSG
PqBV41QQUzyiAPoIKImLWo8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:38 2023 by rpki-client on console-ams.rpki-client.org