Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dORL1Vm-dWgBN2nvXPtHqSZJ3PY.roa
File: dORL1Vm-dWgBN2nvXPtHqSZJ3PY.roa (raw, json)
Hash identifier: j0ISJl2HGPkAieTggL5886b0cnKetvlG4W1uOVVW0dM=
Subject key identifier: 74:E4:4B:D5:59:BE:75:68:01:37:69:EF:5C:FB:47:A9:26:49:DC:F6
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA50D132813BC1F6B81646D036344
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dORL1Vm-dWgBN2nvXPtHqSZJ3PY.roa
Signing time: Sun 01 Jan 2023 05:45:00 +0000
ROA not before: Sun 01 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 77.36.112.0/21 maxlen: 24
93.120.96.0/22 maxlen: 22
46.151.36.0/22 maxlen: 24
188.191.252.0/22 maxlen: 24
77.36.68.0/22 maxlen: 24
93.120.24.0/23 maxlen: 24
91.237.44.0/22 maxlen: 24
194.33.102.0/23 maxlen: 24
194.33.100.0/23 maxlen: 24
194.33.100.0/22 maxlen: 24
91.224.40.0/24 maxlen: 24
81.161.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a5:0d:13:28:13:bc:1f:6b:81:64:6d:03:63:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74e44bd559be7568013769ef5cfb47a92649dcf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b0:2e:d7:be:18:af:fb:a9:d4:4e:c1:96:5f:
16:bf:b5:5d:60:49:5d:09:b4:e3:a7:fa:81:7b:3c:
66:b9:e0:9a:18:0b:4a:0b:87:b2:7f:7c:b8:3d:76:
63:b9:30:dd:6c:21:af:71:2a:96:6c:e0:01:09:6b:
d7:2d:53:c9:24:4d:67:53:1f:db:86:96:2f:d2:ad:
76:2f:22:57:ed:c5:64:85:1e:e6:45:a9:02:15:87:
07:b9:9b:b5:7e:99:da:e0:8b:3c:fc:5f:6e:c0:7a:
b0:d0:c7:33:38:7c:96:1c:11:9a:ce:2a:37:e5:cc:
f5:7e:37:a8:c2:74:e2:b1:21:c1:51:6b:16:cf:ad:
03:fa:71:94:90:de:bf:d8:70:13:38:85:88:7a:3a:
74:df:51:9e:23:97:66:74:13:1f:88:cd:e5:23:11:
4d:4e:e6:2b:5b:fe:e4:58:fb:fd:83:7f:19:0d:8b:
75:e1:27:af:e6:39:ef:30:a5:56:19:3e:1b:15:63:
84:5c:d4:da:06:39:8f:b5:d9:c4:61:f6:d2:d7:36:
93:16:b9:fa:26:cc:4c:d3:e3:87:13:b0:60:48:f0:
4c:e1:f7:d2:e8:d7:52:6e:5a:96:e8:ac:c9:f5:3b:
86:4a:01:c2:8a:41:3f:fd:12:b4:b9:d6:b7:6d:1d:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E4:4B:D5:59:BE:75:68:01:37:69:EF:5C:FB:47:A9:26:49:DC:F6
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dORL1Vm-dWgBN2nvXPtHqSZJ3PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.36.0/22
77.36.68.0/22
77.36.112.0/21
81.161.4.0/22
91.224.40.0/24
91.237.44.0/22
93.120.24.0/23
93.120.96.0/22
188.191.252.0/22
194.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
57:e1:7f:d3:16:0f:80:14:3b:79:ad:ac:fb:6d:c0:f1:fe:cf:
7e:5e:81:1f:bb:6d:00:aa:dc:bd:97:31:b7:1d:90:52:9d:6b:
55:4d:19:0c:36:66:07:89:3d:2f:b1:66:dd:77:de:a8:73:87:
95:87:72:b5:ba:ee:d0:e6:16:40:f6:1a:1a:f2:52:f0:8c:7a:
cd:0d:7a:c2:0d:0f:0d:55:7d:ae:3e:cc:03:70:28:6b:96:d1:
cd:ae:a5:f6:72:30:3c:ff:41:a5:18:0d:7a:b1:3c:ed:24:33:
e4:9f:14:20:16:e9:74:4d:b9:b8:57:f1:c6:2b:41:a4:cd:28:
f4:78:86:cf:61:9a:f2:96:d5:00:23:62:71:f6:c6:73:34:e1:
b9:05:42:12:26:93:31:55:c4:06:6c:96:14:e6:e1:6d:e7:69:
0f:37:6d:00:de:f9:b2:99:50:b3:21:48:f8:d3:1a:bf:d0:59:
52:45:41:da:d9:ed:21:84:1b:0c:bb:ec:c1:3a:77:56:77:d5:
a0:10:cb:8c:9c:a9:a9:8d:7f:1c:71:7f:1e:9c:f2:60:03:08:
3e:72:c5:4d:31:4b:77:57:10:07:58:7a:77:43:6d:bb:d5:9e:
c2:8e:ca:32:11:b5:85:43:27:a2:a2:37:fe:04:3d:d6:87:33:
b3:a0:04:21
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVr3KUNEygTvB9rgWRtA2NEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU0NGJkNTU5YmU3NTY4MDEzNzY5ZWY1Y2ZiNDdhOTI2NDlkY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLAu174Yr/up1E7Bll8Wv7VdYEld
CbTjp/qBezxmueCaGAtKC4eyf3y4PXZjuTDdbCGvcSqWbOABCWvXLVPJJE1nUx/b
hpYv0q12LyJX7cVkhR7mRakCFYcHuZu1fpna4Is8/F9uwHqw0MczOHyWHBGazio3
5cz1fjeownTisSHBUWsWz60D+nGUkN6/2HATOIWIejp031GeI5dmdBMfiM3lIxFN
TuYrW/7kWPv9g38ZDYt14Sev5jnvMKVWGT4bFWOEXNTaBjmPtdnEYfbS1zaTFrn6
JsxM0+OHE7BgSPBM4ffS6NdSblqW6KzJ9TuGSgHCikE//RK0uda3bR0srQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHTkS9VZvnVoATdp71z7R6kmSdz2MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZE9STDFWbS1kV2dCTjJudlhQdEhxU1pKM1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLpckAwQC
TSREAwQDTSRwAwQCUaEEAwQAW+AoAwQCW+0sAwQBXXgYAwQCXXhgAwQCvL/8AwQC
wiFkMA0GCSqGSIb3DQEBCwUAA4IBAQBX4X/TFg+AFDt5raz7bcDx/s9+XoEfu20A
qty9lzG3HZBSnWtVTRkMNmYHiT0vsWbdd96oc4eVh3K1uu7Q5hZA9hoa8lLwjHrN
DXrCDQ8NVX2uPswDcChrltHNrqX2cjA8/0GlGA16sTztJDPknxQgFul0Tbm4V/HG
K0GkzSj0eIbPYZryltUAI2Jx9sZzNOG5BUISJpMxVcQGbJYU5uFt52kPN20A3vmy
mVCzIUj40xq/0FlSRUHa2e0hhBsMu+zBOndWd9WgEMuMnKmpjX8ccX8enPJgAwg+
csVNMUt3VxAHWHp3Q2271Z7CjsoyEbWFQyeiojf+BD3WhzOzoAQh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org