Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/msEcDVVON20KwOedxj-osEO9pOY.roa
File: msEcDVVON20KwOedxj-osEO9pOY.roa (raw, json)
Hash identifier: ol+MkxlA6FdkmjAslXDizd54FD0iubEo/4lwBYt/SCM=
Subject key identifier: 9A:C1:1C:0D:55:4E:37:6D:0A:C0:E7:9D:C6:3F:A8:B0:43:BD:A4:E6
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018983F5BD0A52E919ABEEB3B6EF50A52AF0
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/msEcDVVON20KwOedxj-osEO9pOY.roa
Signing time: Sun 23 Jul 2023 18:14:27 +0000
ROA not before: Sun 23 Jul 2023 18:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59729
IP address blocks: 45.140.7.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
185.177.76.0/23 maxlen: 23
95.214.92.0/24 maxlen: 24
84.252.66.0/24 maxlen: 24
84.252.67.0/24 maxlen: 24
77.83.20.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:83:f5:bd:0a:52:e9:19:ab:ee:b3:b6:ef:50:a5:2a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jul 23 18:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ac11c0d554e376d0ac0e79dc63fa8b043bda4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:e8:3f:e5:85:d7:9c:79:8a:72:3d:91:67:
4c:d3:6e:5a:95:17:21:f0:35:a6:80:ed:3c:83:2f:
f7:54:30:f3:30:83:55:cb:7b:1f:a6:4f:7d:65:cd:
12:12:b3:f3:9e:83:08:70:dc:37:18:a4:0e:17:b9:
54:52:79:99:08:6d:69:73:4d:dc:2b:c5:9a:98:48:
9f:50:83:75:e5:5a:a0:14:e6:bc:96:dd:7e:73:f6:
90:32:51:e5:6f:d8:74:e1:8c:6a:7a:15:b0:89:ac:
71:5f:fa:95:aa:a4:07:d9:ec:e8:dc:31:31:26:bd:
6e:a9:07:01:4b:a4:01:a5:80:22:30:bf:38:19:e1:
0c:22:c5:49:15:b7:ee:a5:80:8c:0e:74:9e:42:94:
8c:3f:9a:6a:4b:54:0c:99:24:4c:f5:37:cc:8d:53:
df:94:cc:9d:98:b1:a9:20:6a:99:e0:00:e2:6e:b7:
ff:0b:a7:7e:35:97:f6:1f:35:ed:86:47:22:a9:b7:
86:6d:51:40:00:48:f7:6d:ab:64:13:dd:ac:48:e7:
91:e4:0a:da:02:74:12:53:1d:35:db:0f:6a:3d:10:
3d:3e:a0:22:a2:c3:27:7f:70:ee:59:80:ff:84:16:
9f:b3:ec:b1:9b:07:86:a8:8c:6b:cc:3a:ff:49:4c:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C1:1C:0D:55:4E:37:6D:0A:C0:E7:9D:C6:3F:A8:B0:43:BD:A4:E6
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/msEcDVVON20KwOedxj-osEO9pOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.7.0/24
77.83.20.0/22
84.252.66.0/23
88.218.239.0/24
91.245.239.0/24
95.214.92.0/24
176.118.188.0/23
185.177.76.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:19:da:1a:f5:c6:d1:9e:6d:19:d2:96:f0:5a:32:cb:c8:3e:
02:e5:8b:8e:96:dd:2a:4d:8a:4f:f8:47:1e:c9:da:cb:52:e6:
d2:ac:d8:dc:2b:63:e6:cc:4e:c6:13:bf:3b:be:07:d0:d5:e3:
61:4d:43:86:e2:b1:42:91:31:89:6b:ae:4b:78:89:79:c0:63:
eb:47:8f:2e:a9:c6:30:8a:12:8d:c8:a3:7c:07:ee:12:cd:3f:
f9:b2:48:eb:fb:15:49:73:9d:c0:61:df:1c:93:2d:ec:f2:e4:
78:28:1c:b2:b5:cf:17:9c:8c:6a:ff:84:09:80:97:9d:af:ee:
dc:c7:69:9c:0a:7c:ad:36:fb:f1:e9:6b:cb:69:82:d2:bf:b5:
ff:81:f1:7c:0c:e6:0d:a0:eb:c6:b0:b0:c7:83:b8:eb:c2:80:
20:be:ed:c0:de:fd:11:c9:6c:49:3e:dd:f8:e1:b1:4a:32:e0:
b8:2b:f5:a1:ea:e2:c1:a4:6a:1e:e9:1a:db:db:73:6f:5a:95:
de:ec:23:60:98:e1:b3:f4:d9:85:97:42:50:d6:cb:ca:05:25:
f4:77:23:f4:e9:0b:04:50:91:9b:53:76:88:27:19:2c:b1:3b:
3c:e2:10:16:cc:75:71:37:c4:d0:56:75:7e:e6:8e:cb:3b:03:
66:dc:b3:0f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYmD9b0KUukZq+6ztu9QpSrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNzIzMTgxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWMxMWMwZDU1NGUzNzZkMGFjMGU3OWRjNjNmYThiMDQzYmRhNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKjoP+WF15x5inI9kWdM025alRch
8DWmgO08gy/3VDDzMINVy3sfpk99Zc0SErPznoMIcNw3GKQOF7lUUnmZCG1pc03c
K8WamEifUIN15VqgFOa8lt1+c/aQMlHlb9h04YxqehWwiaxxX/qVqqQH2ezo3DEx
Jr1uqQcBS6QBpYAiML84GeEMIsVJFbfupYCMDnSeQpSMP5pqS1QMmSRM9TfMjVPf
lMydmLGpIGqZ4ADibrf/C6d+NZf2HzXthkciqbeGbVFAAEj3batkE92sSOeR5Ara
AnQSUx012w9qPRA9PqAiosMnf3DuWYD/hBafs+yxmweGqIxrzDr/SUxAYwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJrBHA1VTjdtCsDnncY/qLBDvaTmMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvbXNFY0RWVk9OMjBLd09lZHhqLW9zRU85cE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYwHAwQC
TVMUAwQBVPxCAwQAWNrvAwQAW/XvAwQAX9ZcAwQBsHa8AwQBubFMMA0GCSqGSIb3
DQEBCwUAA4IBAQB6Gdoa9cbRnm0Z0pbwWjLLyD4C5YuOlt0qTYpP+EceydrLUubS
rNjcK2PmzE7GE787vgfQ1eNhTUOG4rFCkTGJa65LeIl5wGPrR48uqcYwihKNyKN8
B+4SzT/5skjr+xVJc53AYd8cky3s8uR4KByytc8XnIxq/4QJgJedr+7cx2mcCnyt
Nvvx6WvLaYLSv7X/gfF8DOYNoOvGsLDHg7jrwoAgvu3A3v0RyWxJPt344bFKMuC4
K/Wh6uLBpGoe6Rrb23NvWpXe7CNgmOGz9NmFl0JQ1svKBSX0dyP06QsEUJGbU3aI
JxkssTs84hAWzHVxN8TQVnV+5o7LOwNm3LMP
-----END CERTIFICATE-----
Generated at Sun Jul 23 19:02:35 2023 by rpki-client on console-ams.rpki-client.org