Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/drDm-sztjou9Tasueb-KJFit3xc.roa
File: drDm-sztjou9Tasueb-KJFit3xc.roa (raw, json)
Hash identifier: lCEHGwlRLO2qTJzYjZpLlLnLthwUhf3v3LUINNTV7n8=
Subject key identifier: 76:B0:E6:FA:CC:ED:8E:8B:BD:4D:AB:2E:79:BF:8A:24:58:AD:DF:17
Certificate issuer: /CN=11bfa2961fa0e0b07041293ddc0c3693a9e0a238
Certificate serial: 0185728C74D229928CB23E416334B3B32AE5
Authority key identifier: 11:BF:A2:96:1F:A0:E0:B0:70:41:29:3D:DC:0C:36:93:A9:E0:A2:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eb-ilh-g4LBwQSk93Aw2k6ngojg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/drDm-sztjou9Tasueb-KJFit3xc.roa
Signing time: Mon 02 Jan 2023 12:54:45 +0000
ROA not before: Mon 02 Jan 2023 12:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42927
IP address blocks: 94.124.4.0/24 maxlen: 24
94.124.2.0/23 maxlen: 23
94.124.0.0/21 maxlen: 21
94.124.1.0/24 maxlen: 24
94.124.0.0/24 maxlen: 24
94.124.8.0/21 maxlen: 21
94.124.7.0/24 maxlen: 24
94.124.6.0/24 maxlen: 24
94.124.5.0/24 maxlen: 24
185.28.16.0/24 maxlen: 24
185.28.16.0/22 maxlen: 22
185.28.18.0/23 maxlen: 23
80.82.16.0/23 maxlen: 23
80.82.22.0/24 maxlen: 24
80.82.22.0/23 maxlen: 23
80.82.20.0/23 maxlen: 23
80.82.18.0/23 maxlen: 23
80.82.30.0/23 maxlen: 23
80.82.29.0/24 maxlen: 24
80.82.28.0/24 maxlen: 24
80.82.26.0/23 maxlen: 23
80.82.25.0/24 maxlen: 24
91.189.253.0/24 maxlen: 24
91.189.250.0/24 maxlen: 24
91.189.248.0/21 maxlen: 21
46.22.164.0/23 maxlen: 23
46.22.160.0/24 maxlen: 24
46.22.170.0/24 maxlen: 24
46.22.169.0/24 maxlen: 24
46.22.168.0/24 maxlen: 24
46.22.167.0/24 maxlen: 24
46.22.173.0/24 maxlen: 24
2a02:f78::/32 maxlen: 32
2a02:f7f:14::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:74:d2:29:92:8c:b2:3e:41:63:34:b3:b3:2a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bfa2961fa0e0b07041293ddc0c3693a9e0a238
Validity
Not Before: Jan 2 12:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b0e6facced8e8bbd4dab2e79bf8a2458addf17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9f:e9:e2:f6:b0:3e:1f:4d:48:47:3b:b0:67:
a3:17:98:80:e5:03:bd:f2:50:c5:e6:c7:18:49:68:
66:0d:92:30:1b:2a:81:19:2e:db:eb:06:7e:7c:db:
15:2c:74:36:d1:8b:21:0e:ac:75:55:af:e8:83:0f:
7f:ad:e3:fd:34:07:f0:c1:d0:d1:d8:d5:b8:57:92:
52:88:ce:eb:be:89:9b:67:3f:40:e4:b6:f1:e0:8d:
e6:c4:db:cc:ba:de:e0:d1:c7:02:64:5f:4f:59:38:
cd:f9:fc:27:56:b4:eb:b0:1d:b7:63:ab:f6:3e:c2:
9e:ec:b2:8e:4d:1f:d6:d1:32:d8:06:c7:74:0a:63:
2c:d8:f4:d3:f2:41:88:92:34:62:82:c6:c4:76:41:
c6:bf:9c:03:0a:51:e1:ae:d3:2c:af:d0:88:ac:dd:
72:e7:7f:f5:3a:5d:ec:1d:1b:44:c8:22:ce:a1:3a:
50:10:50:cf:4e:bc:57:a9:a0:9a:45:ab:83:74:32:
8e:2d:67:11:2f:67:e9:8d:46:da:07:9a:71:2d:83:
e7:96:f8:85:87:af:d6:a9:0a:df:d9:24:26:96:bd:
52:d0:df:e1:46:2a:e1:c5:bd:d7:3f:af:54:3c:0c:
b4:5c:bd:32:9d:4a:e6:92:a6:f5:04:d3:ac:94:c8:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B0:E6:FA:CC:ED:8E:8B:BD:4D:AB:2E:79:BF:8A:24:58:AD:DF:17
X509v3 Authority Key Identifier:
keyid:11:BF:A2:96:1F:A0:E0:B0:70:41:29:3D:DC:0C:36:93:A9:E0:A2:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eb-ilh-g4LBwQSk93Aw2k6ngojg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/drDm-sztjou9Tasueb-KJFit3xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/173173-819f-4bc9-92d8-78791c9356a3/1/Eb-ilh-g4LBwQSk93Aw2k6ngojg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.160.0/24
46.22.164.0/23
46.22.167.0-46.22.170.255
46.22.173.0/24
80.82.16.0/21
80.82.25.0-80.82.31.255
91.189.248.0/21
94.124.0.0/20
185.28.16.0/22
IPv6:
2a02:f78::/32
2a02:f7f:14::/48
Signature Algorithm: sha256WithRSAEncryption
6c:94:be:f7:79:56:a4:a7:81:b1:2a:c9:dd:a6:f2:2c:47:bf:
51:ad:91:97:36:7b:1a:a9:48:1b:b5:23:92:bf:1e:39:fb:69:
99:49:25:9d:eb:5f:eb:8b:65:3c:da:21:5a:9e:b8:f7:b3:bd:
a7:95:09:a3:3d:c3:d9:a3:e5:a1:43:cf:13:78:be:5a:64:2f:
dd:0f:c0:a9:b7:a6:f1:c9:5c:4e:14:25:ab:c0:e8:5c:2a:56:
71:0b:28:2c:5c:15:53:48:ec:1b:9c:38:3e:ad:f2:21:01:4a:
14:30:97:cc:65:7c:ae:c8:eb:d2:07:19:34:81:a9:34:f3:bd:
71:a7:a1:88:eb:b7:a4:82:98:23:71:b7:c0:a2:40:2a:60:2a:
4f:be:b2:77:fe:17:de:76:8c:ee:1c:7e:fc:39:fd:27:37:a2:
94:2c:10:b7:06:6c:2c:fc:a1:11:2d:63:39:d4:f2:1b:3c:7e:
27:8f:f9:ce:56:5d:c0:51:ec:84:f9:92:53:80:57:2b:03:13:
ef:c7:2d:ae:3e:15:bc:2d:75:36:74:9a:ee:f0:9c:a0:bb:2c:
3c:30:f6:8e:8e:b8:a5:09:0f:28:df:81:e5:7b:44:7d:64:4f:
62:28:07:c7:06:cf:77:6b:3a:b4:e5:2d:02:34:1f:24:b4:f2:
37:0b:e0:0c
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYVyjHTSKZKMsj5BYzSzsyrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmZhMjk2MWZhMGUwYjA3MDQxMjkzZGRjMGMzNjkzYTll
MGEyMzgwHhcNMjMwMTAyMTI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIwZTZmYWNjZWQ4ZThiYmQ0ZGFiMmU3OWJmOGEyNDU4YWRkZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp/p4vawPh9NSEc7sGejF5iA5QO9
8lDF5scYSWhmDZIwGyqBGS7b6wZ+fNsVLHQ20YshDqx1Va/ogw9/reP9NAfwwdDR
2NW4V5JSiM7rvombZz9A5Lbx4I3mxNvMut7g0ccCZF9PWTjN+fwnVrTrsB23Y6v2
PsKe7LKOTR/W0TLYBsd0CmMs2PTT8kGIkjRigsbEdkHGv5wDClHhrtMsr9CIrN1y
53/1Ol3sHRtEyCLOoTpQEFDPTrxXqaCaRauDdDKOLWcRL2fpjUbaB5pxLYPnlviF
h6/WqQrf2SQmlr1S0N/hRirhxb3XP69UPAy0XL0ynUrmkqb1BNOslMhgKQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFHaw5vrM7Y6LvU2rLnm/iiRYrd8XMB8GA1UdIwQY
MBaAFBG/opYfoOCwcEEpPdwMNpOp4KI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWItaWxoLWc0TEJ3UVNrOTNBdzJrNm5nb2pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xNzMxNzMtODE5Zi00YmM5LTkyZDgt
Nzg3OTFjOTM1NmEzLzEvZHJEbS1zenRqb3U5VGFzdWViLUtKRml0M3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xNzMxNzMtODE5Zi00YmM5LTkyZDgtNzg3OTFjOTM1NmEz
LzEvRWItaWxoLWc0TEJ3UVNrOTNBdzJrNm5nb2pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBMBAIAATBGAwQALhagAwQB
LhakMAwDBAAuFqcDBAAuFqoDBAAuFq0DBANQUhAwDAMEAFBSGQMEBVBSAAMEA1u9
+AMEBF58AAMEArkcEDAWBAIAAjAQAwUAKgIPeAMHACoCD38AFDANBgkqhkiG9w0B
AQsFAAOCAQEAbJS+93lWpKeBsSrJ3abyLEe/Ua2RlzZ7GqlIG7Ujkr8eOftpmUkl
netf64tlPNohWp6497O9p5UJoz3D2aPloUPPE3i+WmQv3Q/Aqbem8clcThQlq8Do
XCpWcQsoLFwVU0jsG5w4Pq3yIQFKFDCXzGV8rsjr0gcZNIGpNPO9caehiOu3pIKY
I3G3wKJAKmAqT76yd/4X3naM7hx+/Dn9JzeilCwQtwZsLPyhES1jOdTyGzx+J4/5
zlZdwFHshPmSU4BXKwMT78ctrj4VvC11NnSa7vCcoLssPDD2jo64pQkPKN+B5XtE
fWRPYigHxwbPd2s6tOUtAjQfJLTyNwvgDA==
-----END CERTIFICATE-----
Generated at Tue Dec 12 11:25:55 2023 by rpki-client on console-fra.rpki-client.org