Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/dw37MqusHdpDyFJ2F6IE1g-c2Bg.roa
File: dw37MqusHdpDyFJ2F6IE1g-c2Bg.roa (raw, json)
Hash identifier: Z7j/+I2/10ga7Mq5rWzeWZMxoKyyy8Xxrssgwc3V5go=
Subject key identifier: 77:0D:FB:32:AB:AC:1D:DA:43:C8:52:76:17:A2:04:D6:0F:9C:D8:18
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018AF5B60E45CAD0233FBABC449B693E6AEC
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/dw37MqusHdpDyFJ2F6IE1g-c2Bg.roa
Signing time: Tue 03 Oct 2023 13:24:23 +0000
ROA not before: Tue 03 Oct 2023 13:24:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 88.218.80.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:b6:0e:45:ca:d0:23:3f:ba:bc:44:9b:69:3e:6a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Oct 3 13:24:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=770dfb32abac1dda43c8527617a204d60f9cd818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a1:31:32:2f:62:d3:2e:a3:59:6a:34:6c:c5:
52:b1:cf:9f:f5:d3:bf:ef:1e:5a:da:d4:3b:7e:11:
bc:f3:f7:1d:10:99:f4:00:93:9e:d8:39:a8:d7:ef:
d6:59:df:e1:94:be:8e:bc:b9:5e:f4:7d:a0:ef:44:
e0:f9:5b:2e:ff:4e:cb:ad:a8:d2:ff:59:c1:e9:1d:
55:81:8a:eb:e9:fb:af:b2:57:f8:48:79:b5:dd:24:
04:c1:2c:06:55:b6:54:df:2b:a3:b9:ab:ef:b7:d8:
2d:4a:fb:39:90:c5:2c:17:1c:8f:47:f2:43:57:0a:
24:35:4e:7c:85:80:b2:3a:65:1a:e4:46:2e:78:8a:
24:65:69:07:90:48:b0:94:c3:8d:81:c7:9d:eb:26:
38:62:8d:ae:dc:47:f0:c1:79:6d:29:f1:f4:80:fe:
a9:0f:93:f2:80:5d:73:a6:75:c4:9e:66:a6:0b:79:
d6:a5:b0:11:8f:95:9e:df:2d:be:a0:79:80:02:1f:
12:b5:eb:7a:6b:de:65:cf:51:0e:48:78:b9:48:0b:
6e:3e:18:eb:41:2f:68:33:e9:a0:77:90:3b:1a:97:
3d:94:e0:18:f1:08:d7:4f:86:59:41:d9:13:84:7e:
74:5b:b2:20:00:1e:7a:bd:52:f9:34:83:76:85:a9:
c2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0D:FB:32:AB:AC:1D:DA:43:C8:52:76:17:A2:04:D6:0F:9C:D8:18
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/dw37MqusHdpDyFJ2F6IE1g-c2Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.7.0/24
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:63:59:2a:9b:f2:0e:ea:45:82:cc:0c:1e:5e:fb:7e:69:d3:
96:43:39:fa:18:92:86:b1:f4:83:72:ec:5f:c0:44:dd:e6:e2:
bc:d7:fe:d3:d9:01:8f:f8:f0:6d:23:ea:54:b0:e7:df:ef:3b:
c6:52:d2:5e:30:7c:18:4a:fb:5e:f5:df:32:76:cc:d8:08:fd:
55:6f:d6:99:ef:7c:39:6a:35:8b:e8:cf:8e:aa:6b:00:19:72:
bc:79:4b:e6:a6:d7:85:83:30:82:2a:67:c2:be:d9:6c:2a:b5:
59:bc:c0:3c:0d:38:98:a9:2e:9c:b9:08:55:a9:04:e4:7a:eb:
e6:e0:78:28:02:72:fc:c5:f8:ec:84:7b:00:9d:c4:c0:82:6b:
e8:b1:ff:65:c0:82:8c:9e:38:86:43:bb:ed:76:33:da:df:a4:
e1:0c:a0:9b:59:a6:a6:b6:13:e6:ea:9a:b1:03:c4:1f:7b:ef:
cb:b7:fb:60:3f:b1:5e:61:41:d7:09:ce:a1:39:34:a3:b2:f9:
2a:b1:78:bf:b5:b1:a6:df:7f:18:3e:7e:8f:ed:fd:9f:5e:7d:
51:29:d6:63:1d:5f:fb:5e:45:ad:fe:36:4b:4e:ee:38:f5:38:
1d:25:29:4d:72:b5:72:99:89:3a:93:80:f3:61:09:cd:8d:df:
4c:08:b1:f4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYr1tg5FytAjP7q8RJtpPmrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMxMDAzMTMyNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzBkZmIzMmFiYWMxZGRhNDNjODUyNzYxN2EyMDRkNjBmOWNkODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKExMi9i0y6jWWo0bMVSsc+f9dO/
7x5a2tQ7fhG88/cdEJn0AJOe2Dmo1+/WWd/hlL6OvLle9H2g70Tg+Vsu/07LrajS
/1nB6R1VgYrr6fuvslf4SHm13SQEwSwGVbZU3yujuavvt9gtSvs5kMUsFxyPR/JD
VwokNU58hYCyOmUa5EYueIokZWkHkEiwlMONgced6yY4Yo2u3EfwwXltKfH0gP6p
D5PygF1zpnXEnmamC3nWpbARj5We3y2+oHmAAh8Stet6a95lz1EOSHi5SAtuPhjr
QS9oM+mgd5A7Gpc9lOAY8QjXT4ZZQdkThH50W7IgAB56vVL5NIN2hanCgQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFHcN+zKrrB3aQ8hSdheiBNYPnNgYMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvZHczN01xdXNIZHBEeUZKMkY2SUUxZy1jMkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAF
aEgDBAAFaEowDAMEAy2CuAMEAC2CugMEAC2MBAMEAC2MBwMEAk1TFAMEAlT8QAME
AFjaUAMEAFja7wMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwMEAbB2vAMEALB2vwME
AbmxTAMEAMGgRAMEAMGgSAMEAsHkMAMEAMIcnQMEANRFhzANBgkqhkiG9w0BAQsF
AAOCAQEAK2NZKpvyDupFgswMHl77fmnTlkM5+hiShrH0g3LsX8BE3ebivNf+09kB
j/jwbSPqVLDn3+87xlLSXjB8GEr7XvXfMnbM2Aj9VW/Wme98OWo1i+jPjqprABly
vHlL5qbXhYMwgipnwr7ZbCq1WbzAPA04mKkunLkIVakE5Hrr5uB4KAJy/MX47IR7
AJ3EwIJr6LH/ZcCCjJ44hkO77XYz2t+k4Qygm1mmprYT5uqasQPEH3vvy7f7YD+x
XmFB1wnOoTk0o7L5KrF4v7Wxpt9/GD5+j+39n159USnWYx1f+15Frf42S07uOPU4
HSUpTXK1cpmJOpOA82EJzY3fTAix9A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:39 2024 by rpki-client on console-ams.rpki-client.org