Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/K9loL7o6L8_C49emHFjOR_pv_0M.roa
File: K9loL7o6L8_C49emHFjOR_pv_0M.roa (raw, json)
Hash identifier: QIMzldQVtH31Xy1tCHRf+XFxzY3l+gBQv0W0J7YiBh4=
Subject key identifier: 2B:D9:68:2F:BA:3A:2F:CF:C2:E3:D7:A6:1C:58:CE:47:FA:6F:FF:43
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A9951D908E34CF41675439314F33192
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/K9loL7o6L8_C49emHFjOR_pv_0M.roa
Signing time: Sat 25 Mar 2023 21:07:48 +0000
ROA not before: Sat 25 Mar 2023 21:07:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 88.218.80.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
45.140.7.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:99:51:d9:08:e3:4c:f4:16:75:43:93:14:f3:31:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:07:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bd9682fba3a2fcfc2e3d7a61c58ce47fa6fff43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ff:1c:c5:1f:d4:e6:7b:8c:13:cc:25:5b:e7:
ee:4f:ff:e0:6c:b3:5e:f5:42:29:d3:9e:06:74:80:
a4:32:4c:26:33:fc:35:fe:a3:d0:cb:54:19:4a:b7:
d3:11:a2:65:f3:44:dc:81:88:05:50:51:66:4b:b2:
15:ae:95:e7:2f:9b:00:06:e5:42:a0:d8:78:0e:64:
92:7e:53:a2:9e:70:8c:f6:a5:d7:d7:a3:8b:30:3b:
e8:8a:0d:bc:de:33:bd:2f:92:37:1d:aa:93:22:2b:
82:fd:70:48:58:df:89:c0:13:1f:21:7c:b4:42:bd:
90:0e:bd:8a:7e:42:dc:18:cb:58:3a:93:f6:59:95:
35:a0:13:08:b5:ea:78:69:c7:07:fe:09:a8:d8:7c:
6a:fa:82:78:cf:84:83:81:6c:41:0f:52:ee:e2:f0:
b1:87:01:9b:a1:8d:63:4a:1d:9a:4f:a6:ba:5a:82:
c3:64:8e:72:68:bd:70:56:39:7a:4f:5d:f6:08:11:
0f:07:b7:ef:ac:51:5e:7f:81:f6:c0:4c:ad:86:97:
ac:c2:b3:76:9c:eb:5c:d8:fc:47:60:cb:64:a9:8e:
01:40:39:ba:7b:4f:65:42:ba:83:fd:b0:9c:d8:a0:
6d:b3:fd:de:df:69:66:a9:69:2e:54:40:04:f3:93:
a8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D9:68:2F:BA:3A:2F:CF:C2:E3:D7:A6:1C:58:CE:47:FA:6F:FF:43
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/K9loL7o6L8_C49emHFjOR_pv_0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/23
45.130.184.0-45.130.186.255
45.140.7.0/24
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
194.28.157.0/24
194.124.41.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
72:3f:04:15:ff:af:34:15:7c:da:11:76:f9:04:90:89:b2:54:
3d:ab:94:89:19:a5:d7:8e:84:0f:79:09:41:5f:69:3c:b3:bf:
1f:55:00:8c:53:a3:7e:a8:2b:48:92:67:ed:38:eb:c6:0f:d1:
42:81:7b:c2:63:e4:28:ec:d7:8e:82:a4:68:54:2b:68:55:d2:
65:26:6a:88:78:21:cd:9a:f9:33:8d:4b:79:1c:90:d4:72:e8:
de:45:77:2b:f6:db:06:67:2b:ae:86:a1:19:a9:28:dc:ca:9b:
92:c9:1f:56:68:15:96:a0:3b:c6:2b:43:c6:ab:f3:37:55:05:
16:8c:25:96:9f:be:6b:1a:a4:e1:58:24:93:37:3a:c3:38:3c:
c5:30:e2:70:0b:4b:60:63:ca:82:9b:67:c1:dc:06:2a:e7:b0:
8c:7b:88:0a:93:f3:6a:b2:d4:a4:95:cd:20:84:bf:be:35:ea:
00:a9:c8:d0:ee:a8:43:52:60:af:48:d4:7d:fc:c8:03:3c:de:
51:3f:10:e6:fe:af:de:f2:50:29:5e:db:2a:27:58:5f:02:ee:
a1:97:7a:03:a7:31:c9:e9:fd:67:30:d7:6b:b3:cc:18:41:07:
11:c9:5d:19:03:0e:3b:1f:5a:01:0c:01:48:93:73:f8:04:8f:
c2:58:c0:73
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYcamVHZCONM9BZ1Q5MU8zGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ5NjgyZmJhM2EyZmNmYzJlM2Q3YTYxYzU4Y2U0N2ZhNmZmZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/8cxR/U5nuME8wlW+fuT//gbLNe
9UIp054GdICkMkwmM/w1/qPQy1QZSrfTEaJl80TcgYgFUFFmS7IVrpXnL5sABuVC
oNh4DmSSflOinnCM9qXX16OLMDvoig283jO9L5I3HaqTIiuC/XBIWN+JwBMfIXy0
Qr2QDr2KfkLcGMtYOpP2WZU1oBMItep4accH/gmo2Hxq+oJ4z4SDgWxBD1Lu4vCx
hwGboY1jSh2aT6a6WoLDZI5yaL1wVjl6T132CBEPB7fvrFFef4H2wEythpeswrN2
nOtc2PxHYMtkqY4BQDm6e09lQrqD/bCc2KBts/3e32lmqWkuVEAE85OoLQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFCvZaC+6Oi/PwuPXphxYzkf6b/9DMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvSzlsb0w3bzZMOF9DNDllbUhGak9SX3B2XzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAF
aEgDBAEFaEowDAMEAy2CuAMEAC2CugMEAC2MBwMEAk1TFAMEAlT8QAMEAFjaUAME
AFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwMEAbmxTAME
AMGgRAMEAMGgSAMEAMIcnQMEAMJ8KQMEANRFhzANBgkqhkiG9w0BAQsFAAOCAQEA
cj8EFf+vNBV82hF2+QSQibJUPauUiRml146ED3kJQV9pPLO/H1UAjFOjfqgrSJJn
7Tjrxg/RQoF7wmPkKOzXjoKkaFQraFXSZSZqiHghzZr5M41LeRyQ1HLo3kV3K/bb
BmcrroahGako3MqbkskfVmgVlqA7xitDxqvzN1UFFowllp++axqk4Vgkkzc6wzg8
xTDicAtLYGPKgptnwdwGKuewjHuICpPzarLUpJXNIIS/vjXqAKnI0O6oQ1Jgr0jU
ffzIAzzeUT8Q5v6v3vJQKV7bKidYXwLuoZd6A6cxyen9ZzDXa7PMGEEHEcldGQMO
Ox9aAQwBSJNz+ASPwljAcw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org