Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/d3044LVA-rXVGMxzUJrXoxyjcsw.roa
File: d3044LVA-rXVGMxzUJrXoxyjcsw.roa (raw, json)
Hash identifier: hccxHzdffYt+mo39iN4oYRVEypGv9my58lSy3+KPoVE=
Subject key identifier: 77:7D:38:E0:B5:40:FA:B5:D5:18:CC:73:50:9A:D7:A3:1C:A3:72:CC
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 01857079BD53D8320CFC626FEFA7A4D802C6
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/d3044LVA-rXVGMxzUJrXoxyjcsw.roa
Signing time: Mon 02 Jan 2023 03:15:04 +0000
ROA not before: Mon 02 Jan 2023 03:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39728
IP address blocks: 185.149.196.0/22 maxlen: 22
178.214.160.0/19 maxlen: 19
185.178.244.0/22 maxlen: 22
178.216.232.0/21 maxlen: 21
91.217.4.0/23 maxlen: 23
176.113.224.0/19 maxlen: 19
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:bd:53:d8:32:0c:fc:62:6f:ef:a7:a4:d8:02:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: Jan 2 03:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=777d38e0b540fab5d518cc73509ad7a31ca372cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:65:93:43:e5:32:19:89:8c:fa:e7:57:26:0a:
eb:ad:47:38:79:08:d2:5f:03:68:45:0f:e5:c1:bd:
67:9e:22:36:a7:21:09:75:c7:b2:b6:1a:4b:2f:e4:
cb:23:30:61:7d:15:84:30:7b:cd:6b:2f:fd:7e:a6:
75:e9:8f:24:b7:44:cd:94:25:8c:a8:b2:a0:b3:ed:
e5:82:09:80:9c:0d:80:05:02:08:e3:e5:7a:6d:b3:
8d:95:9a:1d:29:91:63:2b:79:8c:1e:cc:98:21:79:
eb:b5:5e:a6:b7:50:22:ef:42:cd:6f:77:a3:f4:03:
9a:4d:bd:fe:9d:7f:30:a7:cc:99:28:f2:2d:44:c1:
80:99:f5:24:60:76:78:46:e4:ea:6b:39:1d:3b:c9:
a0:24:8c:52:38:9d:22:ef:f6:b5:5b:3d:a6:af:6c:
a9:78:b4:fa:e9:a5:50:81:f6:be:39:14:84:cf:00:
9e:79:6a:50:41:d2:49:57:fc:6f:0b:83:ea:b1:28:
29:c6:c5:de:7a:9a:a3:e9:18:f2:ea:b0:ea:07:5d:
2f:81:6d:b5:ea:ae:8f:b8:f0:82:12:04:fc:6e:c8:
4a:2d:b8:e3:40:44:6a:f0:f1:dd:0a:66:44:69:f4:
6f:a5:f5:45:17:9a:29:72:3c:ec:18:47:17:29:e8:
f7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7D:38:E0:B5:40:FA:B5:D5:18:CC:73:50:9A:D7:A3:1C:A3:72:CC
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/d3044LVA-rXVGMxzUJrXoxyjcsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
185.178.244.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
65:88:49:33:fd:db:fa:6a:63:cb:d8:38:cb:e7:97:12:53:47:
8a:8b:01:e2:3d:d9:53:81:bb:eb:e2:4c:31:a5:6b:91:88:c4:
31:f0:6d:34:d4:7d:49:78:2d:5d:03:49:4b:06:41:2f:e9:a5:
97:b9:24:0b:29:1a:19:09:18:b4:8c:18:ba:97:de:7d:6c:5c:
44:92:d7:8b:4d:da:cb:98:d2:f2:52:1e:0b:e0:b8:00:c8:81:
18:61:4d:08:c2:9f:c0:c8:41:0a:62:25:df:39:42:5d:19:b8:
a4:b1:2b:5e:ea:c6:ee:01:78:a3:f0:c6:87:4b:a0:0c:4c:c7:
31:2a:ef:68:2e:c3:1d:a8:19:ba:e2:58:3d:78:cc:54:30:c3:
7c:bc:b7:21:08:78:d7:8d:6e:98:d3:fc:19:5e:e9:3c:55:57:
60:e1:22:40:a6:83:7b:9c:8b:a2:a9:13:01:d3:64:04:25:af:
87:76:4a:eb:20:bc:f6:8c:a4:bf:5a:ed:39:d6:5f:b4:96:ba:
ba:03:4d:21:40:00:51:ad:ef:6f:49:4b:d2:47:6c:4c:8c:64:
57:cd:8c:cd:0c:f0:fe:e9:66:6b:d5:3b:11:5d:dc:8e:05:b2:
bd:32:68:4e:e0:d2:25:3c:74:c7:d4:ba:b8:d5:00:4f:21:bb:
39:bf:72:b5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVweb1T2DIM/GJv76ek2ALGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjMwMTAyMDMxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzdkMzhlMGI1NDBmYWI1ZDUxOGNjNzM1MDlhZDdhMzFjYTM3MmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWWTQ+UyGYmM+udXJgrrrUc4eQjS
XwNoRQ/lwb1nniI2pyEJdceythpLL+TLIzBhfRWEMHvNay/9fqZ16Y8kt0TNlCWM
qLKgs+3lggmAnA2ABQII4+V6bbONlZodKZFjK3mMHsyYIXnrtV6mt1Ai70LNb3ej
9AOaTb3+nX8wp8yZKPItRMGAmfUkYHZ4RuTqazkdO8mgJIxSOJ0i7/a1Wz2mr2yp
eLT66aVQgfa+ORSEzwCeeWpQQdJJV/xvC4PqsSgpxsXeepqj6Rjy6rDqB10vgW21
6q6PuPCCEgT8bshKLbjjQERq8PHdCmZEafRvpfVFF5opcjzsGEcXKej39QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHd9OOC1QPq11RjMc1Ca16Mco3LMMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvZDMwNDRMVkEtclhWR014elVKclhveHlqY3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQCuZXEAwQCubL0MA8EAgACMAkDBwEqB2kAAAAwDQYJ
KoZIhvcNAQELBQADggEBAGWISTP92/pqY8vYOMvnlxJTR4qLAeI92VOBu+viTDGl
a5GIxDHwbTTUfUl4LV0DSUsGQS/ppZe5JAspGhkJGLSMGLqX3n1sXESS14tN2suY
0vJSHgvguADIgRhhTQjCn8DIQQpiJd85Ql0ZuKSxK17qxu4BeKPwxodLoAxMxzEq
72guwx2oGbriWD14zFQww3y8tyEIeNeNbpjT/Ble6TxVV2DhIkCmg3uci6KpEwHT
ZAQlr4d2SusgvPaMpL9a7TnWX7SWuroDTSFAAFGt729JS9JHbEyMZFfNjM0M8P7p
ZmvVOxFd3I4Fsr0yaE7g0iU8dMfUurjVAE8huzm/crU=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:56 2024 by rpki-client on console-ams.rpki-client.org