Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1z3AWjus97Q2ZmT9gAP1zP7SuUw.roa
File: 1z3AWjus97Q2ZmT9gAP1zP7SuUw.roa (raw, json)
Hash identifier: 3gmtp9AleoYDEjDMyfo2K+JxGXhOxjd4Mq+xX6IydLU=
Subject key identifier: D7:3D:C0:5A:3B:AC:F7:B4:36:66:64:FD:80:03:F5:CC:FE:D2:B9:4C
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 018AC6D49E2614DF67196480D5B904CAC6B3
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1z3AWjus97Q2ZmT9gAP1zP7SuUw.roa
Signing time: Sun 24 Sep 2023 10:55:37 +0000
ROA not before: Sun 24 Sep 2023 10:55:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59592
IP address blocks: 185.14.92.0/22 maxlen: 22
94.154.51.0/24 maxlen: 24
94.154.48.0/21 maxlen: 24
94.154.49.0/24 maxlen: 24
94.154.54.0/24 maxlen: 24
94.154.53.0/24 maxlen: 24
94.154.52.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.33.0/24 maxlen: 24
176.100.32.0/24 maxlen: 24
176.100.35.0/24 maxlen: 24
176.100.34.0/24 maxlen: 24
37.114.38.0/24 maxlen: 24
37.114.32.0/19 maxlen: 24
37.114.36.0/24 maxlen: 24
37.114.35.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
2a00:ccc2::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:d4:9e:26:14:df:67:19:64:80:d5:b9:04:ca:c6:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Sep 24 10:55:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d73dc05a3bacf7b4366664fd8003f5ccfed2b94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8f:09:6d:9b:b3:95:37:49:c1:55:32:97:93:
02:2c:2f:3a:f5:b2:a1:b1:17:ff:97:30:7b:59:91:
2b:5e:b1:02:74:4d:db:64:5a:ac:29:74:f8:df:60:
c0:4f:de:a5:69:b9:d0:ba:a3:3f:e1:3c:7c:09:eb:
a2:f0:2a:b6:3a:d6:d4:c8:56:e0:84:a8:40:b5:c7:
6b:9f:1e:ba:11:cd:3a:d2:b7:c2:b8:2d:ff:ac:02:
0a:c6:a3:c3:52:34:39:f9:76:ca:e3:7e:c9:0d:ea:
f0:87:48:62:1e:c8:19:73:b3:80:c5:8a:e7:c6:05:
30:87:d7:68:35:7e:c4:22:6e:c0:a3:70:3b:8d:9f:
4e:94:d0:84:6e:ab:2b:4a:dc:5b:5d:81:68:a5:3a:
44:5d:c3:c1:79:b4:a5:37:a9:a3:d7:66:2b:2c:b7:
be:67:a9:72:67:52:9a:fd:2a:a4:96:30:34:66:4c:
44:be:91:34:ad:ed:d7:35:4c:a4:17:9d:5a:f8:a7:
91:b3:fa:f3:23:c2:dd:b0:b3:81:68:2a:92:22:5e:
4d:4a:2e:0b:a0:3f:03:46:b5:d7:c4:ac:c4:f3:fe:
45:00:49:3b:ed:6e:64:42:f0:32:8c:08:43:63:73:
20:07:2d:63:4b:ae:b5:69:80:d1:e7:e3:b6:c2:31:
31:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3D:C0:5A:3B:AC:F7:B4:36:66:64:FD:80:03:F5:CC:FE:D2:B9:4C
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/1z3AWjus97Q2ZmT9gAP1zP7SuUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.48.0/21
176.100.32.0-176.100.37.255
185.14.92.0/22
IPv6:
2a00:ccc2::/32
Signature Algorithm: sha256WithRSAEncryption
ba:6d:27:2f:47:02:c7:25:e3:72:95:7f:da:19:88:76:7b:a4:
f4:3b:30:88:21:66:91:94:77:01:b0:1d:86:67:ec:0a:33:f9:
b6:37:c3:c9:a7:cc:28:8f:6b:55:21:15:f5:6f:6d:45:6b:1a:
e1:98:8b:6e:25:3a:e3:d6:9f:1c:56:cb:a5:17:7d:e7:36:24:
15:d5:16:33:96:52:5a:30:e7:24:74:f2:51:a3:b7:61:cf:77:
cb:02:ed:0c:c6:9d:68:7c:4e:73:7e:2a:32:e7:4b:97:f5:6a:
b5:dc:93:2e:c8:be:83:8e:82:a4:61:8e:e1:ef:fd:c3:a0:a2:
f5:e8:28:aa:86:97:cd:c9:38:db:d0:be:5e:0c:a9:db:b9:49:
8b:f6:70:2b:63:a9:7d:a6:51:c6:1a:c9:e5:d3:16:0e:38:e4:
f1:41:e7:ab:4a:64:6e:08:bc:46:49:e1:99:f6:f5:b9:5a:f0:
08:44:40:4a:8d:39:03:11:f0:bd:1f:03:da:63:28:39:3e:0a:
a6:06:c7:35:ce:3d:bb:0a:dd:57:a7:0d:7c:da:6d:59:01:5f:
91:40:c0:fc:5d:97:7b:78:5b:0e:4f:d5:58:70:d5:75:83:42:
14:96:8c:bc:51:c0:4a:ee:9c:3f:7c:6a:0a:f1:8e:40:cb:eb:
32:6b:77:94
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYrG1J4mFN9nGWSA1bkEysazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwOTI0MTA1NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNkYzA1YTNiYWNmN2I0MzY2NjY0ZmQ4MDAzZjVjY2ZlZDJiOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI8JbZuzlTdJwVUyl5MCLC869bKh
sRf/lzB7WZErXrECdE3bZFqsKXT432DAT96labnQuqM/4Tx8Ceui8Cq2OtbUyFbg
hKhAtcdrnx66Ec060rfCuC3/rAIKxqPDUjQ5+XbK437JDerwh0hiHsgZc7OAxYrn
xgUwh9doNX7EIm7Ao3A7jZ9OlNCEbqsrStxbXYFopTpEXcPBebSlN6mj12YrLLe+
Z6lyZ1Ka/SqkljA0ZkxEvpE0re3XNUykF51a+KeRs/rzI8LdsLOBaCqSIl5NSi4L
oD8DRrXXxKzE8/5FAEk77W5kQvAyjAhDY3MgBy1jS661aYDR5+O2wjExUQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNc9wFo7rPe0NmZk/YAD9cz+0rlMMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvMXozQVdqdXM5N1EyWm1UOWdBUDF6UDdTdVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFJXIgAwQB
K/ugAwQDXpowMAwDBAWwZCADBAGwZCQDBAK5DlwwDQQCAAIwBwMFACoAzMIwDQYJ
KoZIhvcNAQELBQADggEBALptJy9HAscl43KVf9oZiHZ7pPQ7MIghZpGUdwGwHYZn
7Aoz+bY3w8mnzCiPa1UhFfVvbUVrGuGYi24lOuPWnxxWy6UXfec2JBXVFjOWUlow
5yR08lGjt2HPd8sC7QzGnWh8TnN+KjLnS5f1arXcky7IvoOOgqRhjuHv/cOgovXo
KKqGl83JONvQvl4Mqdu5SYv2cCtjqX2mUcYayeXTFg445PFB56tKZG4IvEZJ4Zn2
9bla8AhEQEqNOQMR8L0fA9pjKDk+CqYGxzXOPbsK3VenDXzabVkBX5FAwPxdl3t4
Ww5P1Vhw1XWDQhSWjLxRwErunD98agrxjkDL6zJrd5Q=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:42 2024 by rpki-client on console-fra.rpki-client.org