Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XewI-zAbxUqqwnrYd9bufqQcQ90.roa
File: XewI-zAbxUqqwnrYd9bufqQcQ90.roa (raw, json)
Hash identifier: pImdhKhZGITGksYdTH42BJVQ8Eie5yJL+kkeX1NvQ58=
Subject key identifier: 5D:EC:08:FB:30:1B:C5:4A:AA:C2:7A:D8:77:D6:EE:7E:A4:1C:43:DD
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01890245D651A20A044CA7E180C812F5A472
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XewI-zAbxUqqwnrYd9bufqQcQ90.roa
Signing time: Wed 28 Jun 2023 13:51:18 +0000
ROA not before: Wed 28 Jun 2023 13:51:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
77.36.124.0/22 maxlen: 22
93.120.96.0/22 maxlen: 22
46.151.36.0/22 maxlen: 24
77.36.68.0/22 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:02:45:d6:51:a2:0a:04:4c:a7:e1:80:c8:12:f5:a4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 28 13:51:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dec08fb301bc54aaac27ad877d6ee7ea41c43dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:be:af:7b:b2:8d:90:18:db:43:62:a2:03:a0:
3f:bb:f3:ff:f0:be:7f:ec:e2:f2:a3:a2:fd:89:9a:
16:02:f0:80:78:67:bd:b3:e2:e3:b5:b6:d4:be:fd:
94:f7:72:0c:2a:b2:21:b8:b7:1c:6a:84:5f:26:4a:
6c:26:3b:9c:f2:ea:59:1c:a7:f2:0d:39:89:e2:fd:
a9:1d:bb:c4:d4:8d:15:da:b0:74:09:cc:3b:69:71:
b4:f6:b7:46:4c:67:d5:c7:33:03:ff:7f:3a:ce:69:
70:1f:16:25:17:5f:7d:a3:c6:5a:c8:d1:b8:d0:fb:
b3:89:cb:df:45:90:79:a7:f1:d9:79:f4:d1:32:ce:
30:d5:41:59:13:5c:04:5d:aa:71:66:ec:6e:9b:66:
b3:f4:ae:72:2e:c6:c8:a8:dd:16:1c:ca:66:2c:aa:
89:98:da:6e:3d:e0:e6:d2:85:2f:60:da:b4:c0:a9:
62:13:c8:ce:c4:ca:60:6a:6d:52:d6:91:2d:e7:50:
86:78:65:eb:2d:4d:a3:26:13:b3:8a:0a:8e:78:c1:
9a:90:29:15:17:42:0d:2f:6e:1f:17:6b:8a:57:25:
82:43:98:d5:6d:e7:4c:14:ba:aa:7e:fa:5c:0f:44:
84:0f:d7:17:26:f8:2e:09:e2:36:ec:64:1c:b9:ef:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EC:08:FB:30:1B:C5:4A:AA:C2:7A:D8:77:D6:EE:7E:A4:1C:43:DD
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XewI-zAbxUqqwnrYd9bufqQcQ90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.68.0/22
77.36.112.0/21
77.36.124.0/22
81.161.4.0/22
91.237.44.0/22
93.120.96.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:4d:bc:5f:e5:a4:4f:99:f2:a2:41:cc:21:44:6b:d0:6b:9e:
65:cf:4f:9b:82:93:ed:41:0b:f6:c5:49:0b:f1:8d:be:4d:dc:
48:02:dc:5b:c0:fb:b5:ab:79:a8:9c:49:1f:80:14:c0:ce:fc:
37:7b:09:68:ef:44:c3:1d:80:b1:12:18:88:15:39:fb:a3:f8:
6c:e0:ef:14:2c:d9:d4:1e:eb:df:72:65:12:f9:42:b8:4a:3a:
44:47:fb:32:01:8a:41:4b:43:fb:70:6b:b0:3e:df:fc:c2:88:
5e:b3:1e:5e:03:30:b2:f0:db:31:65:8b:88:ab:e9:b2:e6:1d:
8d:cc:66:30:13:3b:6f:ad:d5:e1:65:8a:bd:6a:c2:1b:e2:d0:
44:4d:0f:ff:7c:23:b1:85:b9:24:15:2c:e3:cf:06:73:fe:81:
02:a6:71:34:75:84:1f:85:97:10:a4:90:f9:4e:98:84:6f:03:
b1:d9:a6:50:f3:b4:1c:0a:57:ea:4c:67:c8:67:b1:9b:59:6a:
a5:a0:af:ec:98:5c:60:cb:c2:aa:97:af:6b:41:69:df:d4:8a:
05:dd:19:a2:30:b3:e9:eb:e2:32:66:d7:67:bf:43:09:8a:d5:
38:51:64:bc:5b:68:76:f1:69:ec:2a:9b:2e:5f:54:e6:5a:52:
11:4c:fd:7c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYkCRdZRogoETKfhgMgS9aRyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjI4MTM1MTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVjMDhmYjMwMWJjNTRhYWFjMjdhZDg3N2Q2ZWU3ZWE0MWM0M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr6ve7KNkBjbQ2KiA6A/u/P/8L5/
7OLyo6L9iZoWAvCAeGe9s+LjtbbUvv2U93IMKrIhuLccaoRfJkpsJjuc8upZHKfy
DTmJ4v2pHbvE1I0V2rB0Ccw7aXG09rdGTGfVxzMD/386zmlwHxYlF199o8ZayNG4
0PuzicvfRZB5p/HZefTRMs4w1UFZE1wEXapxZuxum2az9K5yLsbIqN0WHMpmLKqJ
mNpuPeDm0oUvYNq0wKliE8jOxMpgam1S1pEt51CGeGXrLU2jJhOzigqOeMGakCkV
F0INL24fF2uKVyWCQ5jVbedMFLqqfvpcD0SED9cXJvguCeI27GQcue8qZQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF3sCPswG8VKqsJ62HfW7n6kHEPdMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWGV3SS16QWJ4VXFxd25yWWQ5YnVmcVFjUTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLpckAwQC
TSREAwQDTSRwAwQCTSR8AwQCUaEEAwQCW+0sAwQCXXhgAwQCwiFkMA0GCSqGSIb3
DQEBCwUAA4IBAQBrTbxf5aRPmfKiQcwhRGvQa55lz0+bgpPtQQv2xUkL8Y2+TdxI
AtxbwPu1q3monEkfgBTAzvw3ewlo70TDHYCxEhiIFTn7o/hs4O8ULNnUHuvfcmUS
+UK4SjpER/syAYpBS0P7cGuwPt/8wohesx5eAzCy8NsxZYuIq+my5h2NzGYwEztv
rdXhZYq9asIb4tBETQ//fCOxhbkkFSzjzwZz/oECpnE0dYQfhZcQpJD5TpiEbwOx
2aZQ87QcClfqTGfIZ7GbWWqloK/smFxgy8Kql69rQWnf1IoF3RmiMLPp6+IyZtdn
v0MJitU4UWS8W2h28WnsKpsuX1TmWlIRTP18
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org