Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa
File: fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa (raw, json)
Hash identifier: of07G19iwZOwKUfHI0xtQkUbWg28JTPnRowCyWJXm0E=
Subject key identifier: 7D:89:AC:B3:53:E4:D2:F0:74:75:07:F6:5C:B7:23:FD:E1:DD:32:C9
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018C24131C978A1C7A585E759CF8C72EF434
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa
Signing time: Fri 01 Dec 2023 06:31:21 +0000
ROA not before: Fri 01 Dec 2023 06:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 94.154.115.0/24 maxlen: 24
193.221.208.0/24 maxlen: 24
45.90.116.0/22 maxlen: 24
146.19.119.0/24 maxlen: 24
37.77.151.0/24 maxlen: 24
178.212.79.0/24 maxlen: 24
62.3.53.0/24 maxlen: 24
77.87.126.0/24 maxlen: 24
45.90.12.0/22 maxlen: 24
146.19.231.0/24 maxlen: 24
185.149.150.0/24 maxlen: 24
185.138.165.0/24 maxlen: 24
109.205.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:13:1c:97:8a:1c:7a:58:5e:75:9c:f8:c7:2e:f4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Dec 1 06:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d89acb353e4d2f0747507f65cb723fde1dd32c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3d:04:dd:a0:e3:c3:5d:a9:b3:8e:8a:a7:12:
07:08:1c:d3:2d:f1:44:e7:b0:ab:7c:c4:ba:18:a0:
79:43:7e:c0:7d:97:77:50:e6:4c:1e:99:fa:d7:96:
8b:c5:7b:fc:92:a1:4b:a8:00:9b:88:e8:c6:96:b6:
cb:08:d7:ee:9f:73:81:26:4c:63:2c:bc:92:98:3f:
43:60:b6:6c:55:75:79:61:bd:ef:d0:2d:b9:b4:8d:
6f:97:9d:b5:02:6b:0b:f8:60:02:00:69:ef:a9:28:
fd:83:0d:8f:53:73:af:b2:5f:fb:ab:9f:b6:b0:c0:
0b:e9:14:ea:c3:88:56:62:65:24:e9:95:59:1b:30:
b4:0f:c0:ac:ae:1e:67:79:56:e5:82:a0:ba:09:50:
12:05:df:4f:00:78:29:84:80:64:cf:81:12:dd:c6:
7d:db:79:88:74:74:1b:9b:b5:8e:a3:38:55:74:d5:
4d:9f:10:d2:98:d0:c8:ba:dc:dc:d8:68:a3:b6:03:
05:64:6a:ee:c0:ad:87:cd:23:4d:26:4c:1b:c8:27:
0b:3b:e2:05:a8:a1:0f:94:1c:2c:d7:fc:55:6c:5a:
1b:74:79:cb:b6:bc:c6:a8:1a:cb:04:a9:be:00:2e:
d1:07:05:f4:92:89:ee:35:e3:79:51:1b:4f:b8:ed:
ea:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:89:AC:B3:53:E4:D2:F0:74:75:07:F6:5C:B7:23:FD:E1:DD:32:C9
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/fYmss1Pk0vB0dQf2XLcj_eHdMsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.151.0/24
45.90.12.0/22
45.90.116.0/22
62.3.53.0/24
77.87.126.0/24
94.154.115.0/24
109.205.63.0/24
146.19.119.0/24
146.19.231.0/24
178.212.79.0/24
185.138.165.0/24
185.149.150.0/24
193.221.208.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ea:34:18:fe:79:b8:79:f5:58:92:14:fb:28:b1:9a:72:de:
99:25:2f:5a:23:88:8a:57:7f:6c:65:b8:19:06:31:99:5a:73:
a0:70:82:3d:2c:ca:e6:5c:35:d2:c9:90:72:8a:73:21:d7:63:
16:c8:7a:2a:34:f9:9b:5d:c4:6f:ac:ac:1f:ff:55:a0:32:df:
c2:00:23:18:3f:0d:22:ba:d4:4f:13:a6:1e:05:55:b2:5c:c5:
c4:a9:5d:ef:cf:fa:8e:97:f6:bf:2c:02:65:6e:a3:7c:ed:1d:
d0:53:65:6c:38:15:4c:a3:f3:21:1d:61:3a:68:ba:fb:08:b7:
f2:c8:4a:8d:29:60:5e:0c:46:89:4e:36:ac:9b:b4:5c:9c:17:
b1:28:d4:0b:1d:d0:f7:12:0a:bf:1b:2e:c5:01:cb:e6:04:18:
9b:14:cd:ea:7c:8e:f3:38:6b:e6:74:08:ed:ba:bd:c0:e2:ea:
29:08:dd:e4:2a:39:eb:b7:08:3b:03:ea:7b:af:94:e0:1b:99:
98:47:8b:b3:10:6f:ed:82:08:d5:19:5a:fe:6a:f4:06:a6:f0:
24:51:95:02:c3:16:75:cb:88:99:90:66:a7:73:7f:cf:25:f6:
c8:b1:d2:82:b0:78:03:75:00:46:04:57:f4:64:d5:1b:8a:6b:
2e:3f:c6:f0
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYwkExyXihx6WF51nPjHLvQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMjAxMDYzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDg5YWNiMzUzZTRkMmYwNzQ3NTA3ZjY1Y2I3MjNmZGUxZGQzMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT0E3aDjw12ps46KpxIHCBzTLfFE
57CrfMS6GKB5Q37AfZd3UOZMHpn615aLxXv8kqFLqACbiOjGlrbLCNfun3OBJkxj
LLySmD9DYLZsVXV5Yb3v0C25tI1vl521AmsL+GACAGnvqSj9gw2PU3Ovsl/7q5+2
sMAL6RTqw4hWYmUk6ZVZGzC0D8Csrh5neVblgqC6CVASBd9PAHgphIBkz4ES3cZ9
23mIdHQbm7WOozhVdNVNnxDSmNDIutzc2GijtgMFZGruwK2HzSNNJkwbyCcLO+IF
qKEPlBws1/xVbFobdHnLtrzGqBrLBKm+AC7RBwX0konuNeN5URtPuO3qMwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFH2JrLNT5NLwdHUH9ly3I/3h3TLJMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvZlltc3MxUGswdkIwZFFmMlhMY2pfZUhkTXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJU2XAwQC
LVoMAwQCLVp0AwQAPgM1AwQATVd+AwQAXppzAwQAbc0/AwQAkhN3AwQAkhPnAwQA
stRPAwQAuYqlAwQAuZWWAwQAwd3QMA0GCSqGSIb3DQEBCwUAA4IBAQBa6jQY/nm4
efVYkhT7KLGact6ZJS9aI4iKV39sZbgZBjGZWnOgcII9LMrmXDXSyZByinMh12MW
yHoqNPmbXcRvrKwf/1WgMt/CACMYPw0iutRPE6YeBVWyXMXEqV3vz/qOl/a/LAJl
bqN87R3QU2VsOBVMo/MhHWE6aLr7CLfyyEqNKWBeDEaJTjasm7RcnBexKNQLHdD3
Egq/Gy7FAcvmBBibFM3qfI7zOGvmdAjtur3A4uopCN3kKjnrtwg7A+p7r5TgG5mY
R4uzEG/tggjVGVr+avQGpvAkUZUCwxZ1y4iZkGanc3/PJfbIsdKCsHgDdQBGBFf0
ZNUbimsuP8bw
-----END CERTIFICATE-----
Generated at Wed Dec 6 14:00:21 2023 by rpki-client on console-fra.rpki-client.org