Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/CHXvYBjqyW2xv8m7kqiMHtNEYUs.roa
File: CHXvYBjqyW2xv8m7kqiMHtNEYUs.roa (raw, json)
Hash identifier: 09CeNCn9alhy4jyvTZ12Qnvsv5Q2FTDVspOAptTvubI=
Subject key identifier: 08:75:EF:60:18:EA:C9:6D:B1:BF:C9:BB:92:A8:8C:1E:D3:44:61:4B
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018570D514BAC993CFB72FBBD7EC1752C2C8
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/CHXvYBjqyW2xv8m7kqiMHtNEYUs.roa
Signing time: Mon 02 Jan 2023 04:54:50 +0000
ROA not before: Mon 02 Jan 2023 04:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34587
IP address blocks: 178.237.173.0/24 maxlen: 24
81.94.213.0/24 maxlen: 24
81.94.208.0/20 maxlen: 24
81.94.214.0/24 maxlen: 24
5.226.176.0/21 maxlen: 24
178.237.160.0/23 maxlen: 24
178.237.163.0/24 maxlen: 24
178.237.165.0/24 maxlen: 24
178.237.170.0/24 maxlen: 24
2a03:a860:a00::/40 maxlen: 48
2a03:a860:10::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:14:ba:c9:93:cf:b7:2f:bb:d7:ec:17:52:c2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 2 04:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0875ef6018eac96db1bfc9bb92a88c1ed344614b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:96:c2:44:f2:38:3a:93:5b:c4:90:d7:84:14:
ca:9d:1c:8b:39:55:45:2b:0d:83:70:d2:38:f5:78:
67:62:f7:6e:34:99:9c:dd:25:36:19:34:ff:82:0f:
23:b9:63:8d:86:68:42:42:56:cb:c2:25:c6:2a:3f:
73:44:17:32:7b:16:46:4e:2c:f5:25:1a:95:1b:0e:
a8:6e:5f:6f:e7:5e:c2:6d:99:f7:db:f0:20:b0:b5:
47:81:f4:e0:27:f1:e3:09:94:c8:3b:e7:b8:18:93:
43:de:6b:ed:0f:cb:f8:d6:2c:ae:43:d8:c5:83:8f:
57:c7:d5:3f:82:05:dc:6d:7b:b7:e3:36:48:91:11:
3b:cc:95:91:4e:42:e6:01:5b:dd:32:a0:9f:5e:41:
90:fc:13:fa:c0:69:af:cd:dd:fc:5f:63:c5:28:9a:
2a:04:51:e7:ba:b8:89:24:f9:51:92:d7:99:00:d2:
b1:e4:54:a0:4f:f9:5e:b1:39:d5:0f:25:c2:c0:9e:
6c:6b:ff:a6:0b:3a:8c:9e:db:16:02:68:c0:cc:0c:
30:c3:6c:87:77:58:0b:2e:6a:ef:68:10:e9:c3:d9:
b5:d2:e7:35:48:d0:a9:8b:0e:d2:24:7e:86:98:34:
e9:44:23:52:a5:18:ea:0f:ed:3c:da:06:52:a5:20:
f7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:75:EF:60:18:EA:C9:6D:B1:BF:C9:BB:92:A8:8C:1E:D3:44:61:4B
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/CHXvYBjqyW2xv8m7kqiMHtNEYUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.176.0/21
81.94.208.0/20
178.237.160.0/23
178.237.163.0/24
178.237.165.0/24
178.237.170.0/24
178.237.173.0/24
IPv6:
2a03:a860:10::/44
2a03:a860:a00::/40
Signature Algorithm: sha256WithRSAEncryption
60:8d:6b:bd:15:2e:76:3e:bf:50:47:22:da:18:03:3f:c5:26:
af:fd:8f:6b:4f:17:ad:c7:50:f7:3e:07:f5:8c:36:57:ed:f3:
c5:7a:59:50:18:5f:31:42:9a:28:6e:31:c5:2f:0c:ff:23:19:
02:a1:17:6d:41:31:b4:9f:20:7f:ea:3e:ea:34:a1:53:00:49:
a6:12:15:7b:25:cd:79:f3:88:cd:76:21:8b:bb:b1:bc:63:bb:
b4:1b:08:6f:27:69:c5:44:ef:f8:e6:6f:84:3b:40:72:96:b2:
5a:57:f5:b1:c2:49:be:ca:91:d6:a4:26:95:05:44:dd:cb:50:
61:55:8f:75:e2:18:d4:0c:d1:39:9f:68:15:87:c0:ba:03:cd:
12:91:9a:21:db:96:a0:c9:3d:a7:58:a0:39:28:3a:1f:88:6f:
a7:6a:07:1a:91:f0:9b:40:55:3c:05:cd:4e:2d:11:32:3e:4e:
c9:16:52:14:17:c5:a0:d1:04:11:c5:4d:91:b7:86:c8:09:58:
85:4c:6f:44:94:1f:fa:f8:af:70:bc:45:91:6c:b5:f4:04:34:
da:bb:aa:f7:12:4f:b1:2a:91:00:bb:2d:2a:8d:8e:48:cc:51:
47:2d:b8:78:ad:23:36:e1:c9:6e:4e:94:98:39:cd:59:7d:cc:
66:b9:1e:20
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYVw1RS6yZPPty+71+wXUsLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjMwMTAyMDQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODc1ZWY2MDE4ZWFjOTZkYjFiZmM5YmI5MmE4OGMxZWQzNDQ2MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJbCRPI4OpNbxJDXhBTKnRyLOVVF
Kw2DcNI49XhnYvduNJmc3SU2GTT/gg8juWONhmhCQlbLwiXGKj9zRBcyexZGTiz1
JRqVGw6obl9v517CbZn32/AgsLVHgfTgJ/HjCZTIO+e4GJND3mvtD8v41iyuQ9jF
g49Xx9U/ggXcbXu34zZIkRE7zJWRTkLmAVvdMqCfXkGQ/BP6wGmvzd38X2PFKJoq
BFHnuriJJPlRkteZANKx5FSgT/lesTnVDyXCwJ5sa/+mCzqMntsWAmjAzAwww2yH
d1gLLmrvaBDpw9m10uc1SNCpiw7SJH6GmDTpRCNSpRjqD+082gZSpSD3swIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFAh172AY6sltsb/Ju5KojB7TRGFLMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvQ0hYdllCanF5VzJ4djhtN2txaU1IdE5FWVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAwBAIAATAqAwQDBeKwAwQE
UV7QAwQBsu2gAwQAsu2jAwQAsu2lAwQAsu2qAwQAsu2tMBcEAgACMBEDBwQqA6hg
ABADBgAqA6hgCjANBgkqhkiG9w0BAQsFAAOCAQEAYI1rvRUudj6/UEci2hgDP8Um
r/2Pa08XrcdQ9z4H9Yw2V+3zxXpZUBhfMUKaKG4xxS8M/yMZAqEXbUExtJ8gf+o+
6jShUwBJphIVeyXNefOIzXYhi7uxvGO7tBsIbydpxUTv+OZvhDtAcpayWlf1scJJ
vsqR1qQmlQVE3ctQYVWPdeIY1AzROZ9oFYfAugPNEpGaIduWoMk9p1igOSg6H4hv
p2oHGpHwm0BVPAXNTi0RMj5OyRZSFBfFoNEEEcVNkbeGyAlYhUxvRJQf+vivcLxF
kWy19AQ02ruq9xJPsSqRALstKo2OSMxRRy24eK0jNuHJbk6UmDnNWX3MZrkeIA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:19 2024 by rpki-client on console-ams.rpki-client.org