Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/04LzuXPBM_MBrzjFTlMUePzrwDM.roa
File: 04LzuXPBM_MBrzjFTlMUePzrwDM.roa (raw, json)
Hash identifier: j2x5DrQmwEmM8Vtt7aROnYpAqAPxkVTCvmHeM0AKjg4=
Subject key identifier: D3:82:F3:B9:73:C1:33:F3:01:AF:38:C5:4E:53:14:78:FC:EB:C0:33
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 018572D5A8534A0439D0A06C40892C7DFDB1
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/04LzuXPBM_MBrzjFTlMUePzrwDM.roa
Signing time: Mon 02 Jan 2023 14:14:42 +0000
ROA not before: Mon 02 Jan 2023 14:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29518
IP address blocks: 94.255.128.0/17 maxlen: 17
91.191.128.0/20 maxlen: 20
89.160.0.0/17 maxlen: 17
62.220.160.0/19 maxlen: 19
31.208.0.0/16 maxlen: 16
217.118.208.0/20 maxlen: 20
31.209.0.0/18 maxlen: 18
217.78.32.0/20 maxlen: 20
82.209.128.0/18 maxlen: 18
195.238.255.0/24 maxlen: 24
87.251.192.0/19 maxlen: 19
83.219.192.0/19 maxlen: 19
193.23.57.0/24 maxlen: 24
89.233.192.0/18 maxlen: 18
185.113.96.0/22 maxlen: 22
217.76.80.0/20 maxlen: 20
46.162.64.0/18 maxlen: 18
83.233.0.0/16 maxlen: 16
217.115.32.0/19 maxlen: 19
2001:9c8::/29 maxlen: 29
2a00:1598::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:a8:53:4a:04:39:d0:a0:6c:40:89:2c:7d:fd:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jan 2 14:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d382f3b973c133f301af38c54e531478fcebc033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7d:6d:b8:20:a9:35:f3:c1:d5:9f:58:f3:89:
fa:b2:65:2a:b9:cb:50:45:9e:d2:a8:78:6e:5c:64:
5d:d5:c4:d0:23:9f:1d:17:24:de:cc:e5:83:36:8b:
19:a8:ef:f5:5b:8a:fb:a6:fd:5a:08:e6:58:71:49:
11:c8:65:61:d3:03:f7:0c:5a:ca:63:0d:4f:06:f7:
cd:aa:44:0f:6d:d9:40:87:5e:49:d6:30:cc:9d:ee:
86:b4:b3:7b:2f:75:3d:4a:f2:86:4c:31:9d:da:21:
28:9b:1d:fb:5e:5b:17:dc:60:ac:33:28:10:3c:e6:
fa:41:e8:6c:c2:a0:6e:82:4d:a2:a5:54:95:36:7c:
a1:b8:4f:2b:ac:5e:a0:97:7d:2a:7c:88:1f:bd:81:
51:dc:35:2f:b8:bd:70:5e:e1:f0:0d:ef:f4:09:eb:
24:80:6b:ff:eb:db:18:24:10:9d:73:8b:5d:66:83:
98:bc:30:8b:87:d6:ef:dc:97:c3:83:63:ef:48:c5:
c7:31:62:f6:05:2c:fb:33:fe:7e:28:12:77:ec:0d:
36:00:6f:ed:4f:96:b7:15:80:61:e1:3a:1d:3d:90:
cf:3c:b2:8a:d9:60:ea:c6:83:c1:b6:28:bc:78:78:
4d:4d:63:b7:d2:a9:54:b1:cc:b5:78:8b:e4:67:95:
51:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:82:F3:B9:73:C1:33:F3:01:AF:38:C5:4E:53:14:78:FC:EB:C0:33
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/04LzuXPBM_MBrzjFTlMUePzrwDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.208.0.0-31.209.63.255
46.162.64.0/18
62.220.160.0/19
82.209.128.0/18
83.219.192.0/19
83.233.0.0/16
87.251.192.0/19
89.160.0.0/17
89.233.192.0/18
91.191.128.0/20
94.255.128.0/17
185.113.96.0/22
193.23.57.0/24
195.238.255.0/24
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:9c8::/29
2a00:1598::/29
Signature Algorithm: sha256WithRSAEncryption
48:44:2f:67:13:1d:f0:12:c4:f2:9f:cd:ec:1e:df:f5:c7:55:
0e:6d:06:52:82:30:84:1d:99:85:26:45:43:5a:cd:07:18:86:
18:68:e4:7c:97:92:c7:07:d2:dc:d6:51:ec:55:56:e3:ab:53:
4e:fa:4a:b3:ce:21:91:1f:49:9b:07:6d:6d:8b:3d:80:42:8e:
37:6d:48:20:34:c9:a1:c8:00:91:d3:14:2f:2c:1c:2c:7c:58:
fa:86:a9:c9:fa:a0:87:4c:5c:40:78:3b:ba:81:6a:59:d8:f7:
bd:9c:83:33:6c:4e:aa:e4:f9:0d:eb:4c:2e:7c:ab:26:d5:71:
f7:f3:e8:db:e6:ae:bc:6c:f7:02:f5:c7:e1:43:a6:ba:14:af:
b0:0c:36:fc:f9:a7:0c:37:80:cc:b7:a2:bc:ec:16:33:77:c7:
75:6b:1a:30:1d:e1:12:ba:b8:84:d6:35:a1:a6:5d:5d:59:39:
75:28:0d:e6:e1:b0:ee:88:68:26:a9:e8:02:55:9e:4e:d1:44:
b1:d2:ec:d0:33:a0:76:c8:65:b5:f3:0e:16:0d:74:84:ae:4c:
0f:97:71:d4:b8:43:f5:3e:cb:fc:74:4b:5a:52:30:bf:57:38:
53:03:cc:00:a7:be:aa:e3:13:d7:95:a5:f7:0c:43:3a:d4:ac:
f4:b2:35:79
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYVy1ahTSgQ50KBsQIksff2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjMwMTAyMTQxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzgyZjNiOTczYzEzM2YzMDFhZjM4YzU0ZTUzMTQ3OGZjZWJjMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn31tuCCpNfPB1Z9Y84n6smUquctQ
RZ7SqHhuXGRd1cTQI58dFyTezOWDNosZqO/1W4r7pv1aCOZYcUkRyGVh0wP3DFrK
Yw1PBvfNqkQPbdlAh15J1jDMne6GtLN7L3U9SvKGTDGd2iEomx37XlsX3GCsMygQ
POb6QehswqBugk2ipVSVNnyhuE8rrF6gl30qfIgfvYFR3DUvuL1wXuHwDe/0Cesk
gGv/69sYJBCdc4tdZoOYvDCLh9bv3JfDg2PvSMXHMWL2BSz7M/5+KBJ37A02AG/t
T5a3FYBh4TodPZDPPLKK2WDqxoPBtii8eHhNTWO30qlUscy1eIvkZ5VRgQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNOC87lzwTPzAa84xU5TFHj868AzMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvMDRMenVYUEJNX01CcnpqRlRsTVVlUHpyd0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByMAsDAwQf
0AMEBh/RAAMEBi6iQAMEBT7coAMEBlLRgAMEBVPbwAMDAFPpAwQFV/vAAwQHWaAA
AwQGWenAAwQEW7+AAwQHXv+AAwQCuXFgAwQAwRc5AwQAw+7/AwQE2UxQAwQE2U4g
AwQF2XMgAwQE2XbQMBQEAgACMA4DBQMgAQnIAwUDKgAVmDANBgkqhkiG9w0BAQsF
AAOCAQEASEQvZxMd8BLE8p/N7B7f9cdVDm0GUoIwhB2ZhSZFQ1rNBxiGGGjkfJeS
xwfS3NZR7FVW46tTTvpKs84hkR9JmwdtbYs9gEKON21IIDTJocgAkdMULywcLHxY
+oapyfqgh0xcQHg7uoFqWdj3vZyDM2xOquT5DetMLnyrJtVx9/Po2+auvGz3AvXH
4UOmuhSvsAw2/PmnDDeAzLeivOwWM3fHdWsaMB3hErq4hNY1oaZdXVk5dSgN5uGw
7ohoJqnoAlWeTtFEsdLs0DOgdshltfMOFg10hK5MD5dx1LhD9T7L/HRLWlIwv1c4
UwPMAKe+quMT15Wl9wxDOtSs9LI1eQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:06 2023 by rpki-client on console-fra.rpki-client.org