Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/WQ1uhd0lFMgAzbkT8IAj28HzU5c.roa
File: WQ1uhd0lFMgAzbkT8IAj28HzU5c.roa (raw, json)
Hash identifier: n1aMqTQbbwJVmBLpDQ8PI5g9v5jLywnjyePXymcqcMw=
Subject key identifier: 59:0D:6E:85:DD:25:14:C8:00:CD:B9:13:F0:80:23:DB:C1:F3:53:97
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 018570427FC3C8E68D8ECB63DE4A948EE575
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/WQ1uhd0lFMgAzbkT8IAj28HzU5c.roa
Signing time: Mon 02 Jan 2023 02:14:44 +0000
ROA not before: Mon 02 Jan 2023 02:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198605
IP address blocks: 159.242.227.0/24 maxlen: 24
159.242.239.0/24 maxlen: 24
159.242.234.0/24 maxlen: 24
95.142.112.0/24 maxlen: 24
95.142.118.0/24 maxlen: 24
95.142.115.0/24 maxlen: 24
95.142.124.0/24 maxlen: 24
185.54.230.0/24 maxlen: 24
95.142.121.0/24 maxlen: 24
194.99.28.0/22 maxlen: 22
95.142.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:7f:c3:c8:e6:8d:8e:cb:63:de:4a:94:8e:e5:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jan 2 02:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=590d6e85dd2514c800cdb913f08023dbc1f35397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0a:0a:62:e4:6c:90:22:8c:ee:93:eb:48:d5:
b4:cc:57:0c:f7:c2:f6:00:ae:a4:6b:83:90:26:6a:
32:9a:90:16:a1:6f:9d:fb:ea:63:ef:a2:27:78:0b:
1c:8e:6d:28:eb:af:8a:fe:3b:4b:da:be:a7:c8:5c:
77:ff:c7:4b:b5:03:06:03:5e:27:3d:01:4d:9f:17:
cc:75:52:31:aa:fe:88:28:e8:94:ec:b8:0e:d9:53:
e5:df:e4:87:27:2b:64:1e:4a:fe:59:80:cd:77:58:
1e:c3:b9:67:a2:6e:d9:6b:cc:b9:c1:1e:75:b4:ed:
13:72:0a:1f:bc:32:57:d3:71:61:7a:76:ff:de:b9:
36:a9:e1:8a:86:07:1f:15:6a:ec:1a:30:d0:65:55:
a4:85:14:f1:09:35:55:76:9b:95:26:b8:2d:cb:c5:
6f:04:f9:62:c2:e8:9a:b9:4f:4e:cb:8a:db:57:b5:
58:bb:6f:87:1b:4b:d7:30:13:2e:64:2e:ed:85:69:
12:c3:4c:c2:6c:9e:f3:10:77:c9:a4:16:90:01:6c:
0a:b4:f3:dc:69:af:72:73:fd:fb:1c:b1:c4:df:3a:
48:a9:ed:b1:0b:e4:95:b6:e1:db:96:27:9b:06:6b:
d4:19:cd:61:4e:c3:ca:6d:2b:7a:e9:4f:76:b8:7f:
1c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:0D:6E:85:DD:25:14:C8:00:CD:B9:13:F0:80:23:DB:C1:F3:53:97
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/WQ1uhd0lFMgAzbkT8IAj28HzU5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.112.0/24
95.142.115.0/24
95.142.118.0/24
95.142.121.0/24
95.142.124.0/24
95.142.127.0/24
159.242.227.0/24
159.242.234.0/24
159.242.239.0/24
185.54.230.0/24
194.99.28.0/22
Signature Algorithm: sha256WithRSAEncryption
13:c7:6d:dd:5b:0d:c2:a0:31:27:26:13:e6:a5:a4:34:5d:79:
48:9c:ac:67:60:a7:fb:fd:b7:b7:6a:fb:59:5d:6f:ef:1d:39:
0f:c0:00:64:30:1d:4d:90:ba:10:1f:dc:e8:a2:ed:5e:a6:4f:
4a:1a:0f:18:17:f3:d9:95:cd:2c:82:16:bf:3b:f6:c2:46:c0:
82:9e:5c:9a:02:2a:b6:b6:bb:dc:b6:62:99:5e:7f:a9:ae:37:
5e:bd:5a:17:9e:cf:00:04:43:bc:32:f0:6c:49:57:f3:28:30:
a8:27:3e:da:ec:ff:0c:6b:1c:27:f4:e6:1e:67:cb:0c:90:49:
8b:47:05:15:8e:1e:03:5d:ec:44:0c:bf:11:d8:bd:47:a3:50:
6e:68:5b:7a:9f:2b:69:d5:d7:8f:7c:f3:b5:e1:57:3d:3c:de:
ce:f3:b5:9d:de:2f:6d:71:9e:bd:ac:93:d6:82:1d:9f:e9:e2:
e5:56:57:bb:9b:25:da:83:b6:d3:64:fa:f2:8e:a2:42:af:b0:
74:79:ff:a8:b3:94:12:7f:df:da:db:17:fb:11:28:42:38:c6:
d5:c8:6a:5f:ef:a0:1e:f1:bd:c8:4e:39:23:e0:91:50:f4:20:
b5:9b:04:81:eb:bb:03:97:7d:81:df:35:2c:fa:81:37:dc:39:
ad:3c:5f:2d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVwQn/DyOaNjstj3kqUjuV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjMwMTAyMDIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTBkNmU4NWRkMjUxNGM4MDBjZGI5MTNmMDgwMjNkYmMxZjM1Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQoKYuRskCKM7pPrSNW0zFcM98L2
AK6ka4OQJmoympAWoW+d++pj76IneAscjm0o66+K/jtL2r6nyFx3/8dLtQMGA14n
PQFNnxfMdVIxqv6IKOiU7LgO2VPl3+SHJytkHkr+WYDNd1gew7lnom7Za8y5wR51
tO0TcgofvDJX03Fhenb/3rk2qeGKhgcfFWrsGjDQZVWkhRTxCTVVdpuVJrgty8Vv
BPliwuiauU9Oy4rbV7VYu2+HG0vXMBMuZC7thWkSw0zCbJ7zEHfJpBaQAWwKtPPc
aa9yc/37HLHE3zpIqe2xC+SVtuHbliebBmvUGc1hTsPKbSt66U92uH8cHQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFkNboXdJRTIAM25E/CAI9vB81OXMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvV1ExdWhkMGxGTWdBemJrVDhJQWoyOEh6VTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAX45wAwQA
X45zAwQAX452AwQAX455AwQAX458AwQAX45/AwQAn/LjAwQAn/LqAwQAn/LvAwQA
uTbmAwQCwmMcMA0GCSqGSIb3DQEBCwUAA4IBAQATx23dWw3CoDEnJhPmpaQ0XXlI
nKxnYKf7/be3avtZXW/vHTkPwABkMB1NkLoQH9zoou1epk9KGg8YF/PZlc0sgha/
O/bCRsCCnlyaAiq2trvctmKZXn+prjdevVoXns8ABEO8MvBsSVfzKDCoJz7a7P8M
axwn9OYeZ8sMkEmLRwUVjh4DXexEDL8R2L1Ho1BuaFt6nytp1dePfPO14Vc9PN7O
87Wd3i9tcZ69rJPWgh2f6eLlVle7myXag7bTZPryjqJCr7B0ef+os5QSf9/a2xf7
EShCOMbVyGpf76Ae8b3ITjkj4JFQ9CC1mwSB67sDl32B3zUs+oE33DmtPF8t
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:33 2024 by rpki-client on console-ams.rpki-client.org