Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1edM7ZUVwT32r0GKRWa-64cnuHk.roa
File: 1edM7ZUVwT32r0GKRWa-64cnuHk.roa (raw, json)
Hash identifier: xemmOl+wxo1v2rhc2gPz0+AL+yy1hkndHHfL2XqZ9ow=
Subject key identifier: D5:E7:4C:ED:95:15:C1:3D:F6:AF:41:8A:45:66:BE:EB:87:27:B8:79
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01866ED4131234B1367FC825336D1BC0CF95
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1edM7ZUVwT32r0GKRWa-64cnuHk.roa
Signing time: Mon 20 Feb 2023 12:37:17 +0000
ROA not before: Mon 20 Feb 2023 12:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 77.36.120.0/21 maxlen: 21
185.55.4.0/22 maxlen: 23
176.112.80.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
178.159.144.0/22 maxlen: 24
176.113.184.0/21 maxlen: 24
81.161.0.0/22 maxlen: 22
185.55.140.0/22 maxlen: 22
185.55.140.0/23 maxlen: 23
185.55.142.0/23 maxlen: 23
64.43.112.0/22 maxlen: 22
31.131.8.0/22 maxlen: 22
64.43.124.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
176.110.216.0/21 maxlen: 21
176.110.220.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
193.36.204.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
109.207.136.0/22 maxlen: 22
176.96.48.0/21 maxlen: 24
176.116.232.0/22 maxlen: 22
91.246.176.0/21 maxlen: 21
176.111.160.0/22 maxlen: 24
46.173.240.0/21 maxlen: 21
93.120.16.0/21 maxlen: 21
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.188.0/22 maxlen: 22
91.233.0.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:d4:13:12:34:b1:36:7f:c8:25:33:6d:1b:c0:cf:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 20 12:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5e74ced9515c13df6af418a4566beeb8727b879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7b:22:f4:02:d9:79:a2:94:7c:3c:a7:9d:83:
85:00:4b:e3:b8:09:9f:ce:2f:4a:d7:5b:80:b8:6d:
d3:c3:07:ac:0d:f1:a1:0c:70:61:54:4d:2c:94:73:
31:0c:fe:2a:7b:8c:e4:8d:4a:df:36:7f:80:56:b9:
62:e0:9b:3a:6f:31:81:ec:88:0f:67:4f:2c:0b:6b:
67:ee:55:6b:e3:65:6d:31:fc:de:ad:e8:4a:57:18:
6f:0c:c0:bd:ea:a1:b9:0e:ae:15:c6:19:20:3d:a9:
d9:00:b5:79:9f:50:2b:fe:76:ad:1b:69:b8:4f:1e:
e1:93:65:c5:d4:3e:14:31:8e:92:b1:18:89:f4:0d:
74:89:e4:f6:5c:35:c4:92:d1:0b:fd:fe:82:35:64:
fc:3c:f8:73:5e:ed:e1:45:48:39:3e:06:6b:48:0f:
e2:68:57:ea:ba:15:4c:8f:41:ef:ed:a4:fd:16:20:
d3:01:3d:85:44:eb:8d:c0:b4:ca:39:54:52:bc:54:
84:73:e9:38:12:e2:cb:cb:73:1d:5f:6c:d1:5f:35:
4a:ef:14:bd:cf:03:ae:95:c7:82:02:97:c5:9e:3c:
e2:ab:9e:d6:fd:35:9b:65:36:61:e2:7f:35:fb:4a:
f5:29:34:99:73:46:c9:c0:03:5f:65:34:cb:01:b1:
bd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E7:4C:ED:95:15:C1:3D:F6:AF:41:8A:45:66:BE:EB:87:27:B8:79
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1edM7ZUVwT32r0GKRWa-64cnuHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
46.173.240.0/21
64.43.112.0/22
64.43.124.0/22
77.36.120.0/21
81.161.0.0/22
91.233.0.0/23
91.246.176.0/21
93.120.16.0/21
109.207.136.0/22
176.96.48.0/21
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.110.216.0/21
176.111.160.0/22
176.112.80.0/22
176.113.184.0/21
176.116.232.0/22
178.159.144.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
77:64:6a:af:8a:ec:e1:80:51:34:93:b3:6f:9a:04:33:6e:5e:
02:e0:ae:3a:2c:0b:75:f0:3a:c2:7e:df:73:33:4b:11:aa:77:
6a:03:f3:ca:bd:85:29:60:16:c0:bd:24:39:89:ad:76:99:51:
8f:17:2a:12:b8:bf:cb:2f:0e:3b:3b:72:46:54:61:30:56:d6:
d0:e6:3c:94:23:50:6e:b4:70:22:3b:14:69:45:a3:60:4d:3c:
27:c1:c7:2d:90:8c:02:27:f6:48:eb:38:7b:fa:a8:e8:0e:85:
fb:90:e0:f3:6b:01:95:93:17:2c:dc:3d:4e:d8:0b:07:47:71:
cf:4e:30:54:64:6e:99:5d:1d:ed:ea:57:d8:46:dd:84:7f:16:
d0:bc:29:6e:2b:0a:cb:64:3d:78:10:a5:a5:cd:1c:61:23:46:
e2:a6:d1:a1:ae:67:5f:c9:bd:9a:58:d2:18:f0:e5:71:7a:d8:
13:52:cb:24:21:73:0c:e3:fd:80:c2:5a:72:34:58:2b:55:99:
35:60:88:30:cd:a6:04:98:3d:43:38:fd:52:05:b3:d1:76:0c:
77:c0:12:4a:26:70:cc:18:09:ba:45:38:ff:98:ba:63:67:11:
b3:5e:27:93:02:bb:f4:c4:f2:c3:0a:9b:7c:51:dd:58:86:b8:
73:51:3c:2b
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYZu1BMSNLE2f8glM20bwM+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMjIwMTIzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU3NGNlZDk1MTVjMTNkZjZhZjQxOGE0NTY2YmVlYjg3MjdiODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3si9ALZeaKUfDynnYOFAEvjuAmf
zi9K11uAuG3TwwesDfGhDHBhVE0slHMxDP4qe4zkjUrfNn+AVrli4Js6bzGB7IgP
Z08sC2tn7lVr42VtMfzerehKVxhvDMC96qG5Dq4VxhkgPanZALV5n1Ar/natG2m4
Tx7hk2XF1D4UMY6SsRiJ9A10ieT2XDXEktEL/f6CNWT8PPhzXu3hRUg5PgZrSA/i
aFfquhVMj0Hv7aT9FiDTAT2FROuNwLTKOVRSvFSEc+k4EuLLy3MdX2zRXzVK7xS9
zwOulceCApfFnjziq57W/TWbZTZh4n81+0r1KTSZc0bJwANfZTTLAbG9GwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFNXnTO2VFcE99q9BikVmvuuHJ7h5MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMWVkTTdaVVZ3VDMycjBHS1JXYS02NGNudUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAIf
gwgDBAMurfADBAJAK3ADBAJAK3wDBANNJHgDBAJRoQADBAFb6QADBANb9rADBANd
eBADBAJtz4gDBAOwYDADBAKwYFgDBAOwZngDBAOwZ/ADBAOwbtgDBAKwb6ADBAKw
cFADBAOwcbgDBAKwdOgDBAKyn5ADBAOy1LgDBAK5NwQDBAK5N4wDBALBJMwwDQYJ
KoZIhvcNAQELBQADggEBAHdkaq+K7OGAUTSTs2+aBDNuXgLgrjosC3XwOsJ+33Mz
SxGqd2oD88q9hSlgFsC9JDmJrXaZUY8XKhK4v8svDjs7ckZUYTBW1tDmPJQjUG60
cCI7FGlFo2BNPCfBxy2QjAIn9kjrOHv6qOgOhfuQ4PNrAZWTFyzcPU7YCwdHcc9O
MFRkbpldHe3qV9hG3YR/FtC8KW4rCstkPXgQpaXNHGEjRuKm0aGuZ1/JvZpY0hjw
5XF62BNSyyQhcwzj/YDCWnI0WCtVmTVgiDDNpgSYPUM4/VIFs9F2DHfAEkomcMwY
CbpFOP+YumNnEbNeJ5MCu/TE8sMKm3xR3ViGuHNRPCs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org