Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-VT3PeVjNaJDVEHwgHsvYoDqWek.roa
File: 1-VT3PeVjNaJDVEHwgHsvYoDqWek.roa (raw, json)
Hash identifier: kXDWzKN5P++/HWDDMD6SrVm8pPVeB13XVTTFEMJ7oLQ=
Subject key identifier: F9:54:F7:3D:E5:63:35:A2:43:54:41:F0:80:7B:2F:62:80:EA:59:E9
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018842403961C0B5B8DEBD2DEB10E8614E62
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-VT3PeVjNaJDVEHwgHsvYoDqWek.roa
Signing time: Mon 22 May 2023 06:58:05 +0000
ROA not before: Mon 22 May 2023 06:58:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
193.163.85.0/24 maxlen: 24
193.163.86.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a04:ccc6::/32 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a10:ccc0:420::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:40:39:61:c0:b5:b8:de:bd:2d:eb:10:e8:61:4e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 22 06:58:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f954f73de56335a2435441f0807b2f6280ea59e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:fd:3f:41:88:32:c7:b6:bb:f2:ed:24:f1:
31:da:5f:33:36:ca:48:a4:ab:28:a2:86:dc:cb:8c:
a0:00:53:01:17:26:b1:01:2d:b5:09:72:48:06:50:
a3:bf:05:a3:d8:d9:8d:d3:8f:19:36:6f:6f:8c:cf:
99:5b:ed:b9:ec:35:c7:16:53:2f:e1:5d:3e:6a:60:
81:d6:c0:77:99:2d:9c:f5:4e:a7:3c:51:ac:45:63:
91:a7:ac:65:c9:3d:56:2f:12:7a:3f:48:5d:1a:9b:
be:83:16:f9:81:8f:f6:b5:fe:a6:f4:de:01:dd:df:
73:c1:1d:a4:5e:0c:6e:69:26:fc:c8:0a:b7:0b:1d:
9e:b4:66:ca:8f:45:6b:49:2b:23:6f:a7:3c:f9:1e:
37:cd:0d:77:36:f0:93:05:b0:f8:10:63:45:38:cb:
a6:04:c7:d3:38:a3:ae:43:89:5c:22:a3:38:41:db:
0f:d8:8d:84:73:cd:a3:5e:d6:b2:86:63:5d:3e:e9:
92:4c:98:63:45:99:00:48:61:30:9e:d6:c6:7c:27:
3b:83:0e:84:8e:0d:72:71:d4:3d:2b:9e:53:d6:ec:
d5:40:6b:ec:d1:16:4c:c7:3f:e3:ef:c1:31:d4:09:
5b:50:e3:aa:ed:83:7c:48:eb:eb:1b:06:65:a3:77:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:54:F7:3D:E5:63:35:A2:43:54:41:F0:80:7B:2F:62:80:EA:59:E9
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-VT3PeVjNaJDVEHwgHsvYoDqWek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
193.163.85.0-193.163.86.255
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc1::/32
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
2f:b7:9e:55:9d:e5:58:0e:57:17:54:dd:3e:2c:28:19:6e:84:
30:63:1c:97:46:2e:86:6d:3a:24:49:42:09:1a:40:6d:47:49:
a1:61:31:75:9c:b1:92:24:de:cf:8f:31:0a:ca:89:70:18:5d:
36:e6:3a:b6:f2:4e:ef:1d:24:b9:8f:ac:3f:c0:2c:85:a7:d0:
6f:a4:15:b3:ad:8f:53:5d:f4:ea:47:53:89:00:fa:db:82:e5:
36:c8:95:46:0e:23:7c:3a:3b:ac:98:ab:f0:f0:2e:9b:41:ef:
12:47:fe:72:68:6d:6f:3b:20:bf:fe:63:50:c1:e0:80:1d:75:
a6:17:63:cf:aa:73:6a:f2:6f:53:2e:79:5e:3c:ae:8d:6c:56:
ae:7a:d9:00:10:1a:e9:7b:17:86:9b:94:66:4b:82:a4:6e:e4:
f7:2a:da:19:a9:7e:d2:2f:4d:57:81:c9:42:c1:68:12:42:c6:
a8:a5:8f:72:b4:78:59:e3:23:56:42:bc:bd:13:a8:52:04:16:
e0:3c:b0:e7:e7:09:9d:90:60:b3:2f:ac:7b:8b:0a:61:77:15:
09:40:a1:b1:47:b9:b2:d5:b6:e6:1c:e7:c5:d2:31:29:1a:ac:
52:1a:09:69:e8:70:bd:0c:5b:e7:f3:92:42:18:43:97:51:c7:
fb:6c:1f:11
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAYhCQDlhwLW43r0t6xDoYU5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTIyMDY1ODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU0ZjczZGU1NjMzNWEyNDM1NDQxZjA4MDdiMmY2MjgwZWE1OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspz9P0GIMse2u/LtJPEx2l8zNspI
pKsooobcy4ygAFMBFyaxAS21CXJIBlCjvwWj2NmN048ZNm9vjM+ZW+257DXHFlMv
4V0+amCB1sB3mS2c9U6nPFGsRWORp6xlyT1WLxJ6P0hdGpu+gxb5gY/2tf6m9N4B
3d9zwR2kXgxuaSb8yAq3Cx2etGbKj0VrSSsjb6c8+R43zQ13NvCTBbD4EGNFOMum
BMfTOKOuQ4lcIqM4QdsP2I2Ec82jXtayhmNdPumSTJhjRZkASGEwntbGfCc7gw6E
jg1ycdQ9K55T1uzVQGvs0RZMxz/j78Ex1AlbUOOq7YN8SOvrGwZlo3dgCwIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFPlU9z3lYzWiQ1RB8IB7L2KA6lnpMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS1WVDNQZVZqTmFKRFZFSHdnSHN2WW9EcVdlay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAT0GCCsGAQUFBwEHAQH/BIIBLDCCASgwVgQCAAEwUAME
AB8qtwMEAi0MRAMEAi2DuAMEAi2IiAMEAU1RMgMEAFXKywMEAF6xegMEAoscYAME
ALnodTAMAwQAwaNVAwQAwaNWAwQAwjJcAwQAwjJeMIHNBAIAAjCBxgMFACoEzMEw
DgMFACoEzMMDBQMqBMzAAwUDKgkEwDAOAwUHKgw7gAMFACoMO4YDBwAqDpfAAXAD
BwQqDpfAAdADBwQqDpfAAmADBgAqDpfBAgMHBCoOl8MBEAMHBCoOl8QBAAMHBCoO
l8QBIAMHACoOsQcJ8gMHACoOsQcRZQMHACoOsQcXhgMHAyoOsQchwAMHACoP5AQB
AgMHACoQLwABjQMHACoQLwABjwMHBCoQzEACUAMHBCoQzEUBMAMHBCoQzMAEIDAN
BgkqhkiG9w0BAQsFAAOCAQEAL7eeVZ3lWA5XF1TdPiwoGW6EMGMcl0Yuhm06JElC
CRpAbUdJoWExdZyxkiTez48xCsqJcBhdNuY6tvJO7x0kuY+sP8AshafQb6QVs62P
U1306kdTiQD624LlNsiVRg4jfDo7rJir8PAum0HvEkf+cmhtbzsgv/5jUMHggB11
phdjz6pzavJvUy55XjyujWxWrnrZABAa6XsXhpuUZkuCpG7k9yraGal+0i9NV4HJ
QsFoEkLGqKWPcrR4WeMjVkK8vROoUgQW4Dyw5+cJnZBgsy+se4sKYXcVCUChsUe5
stW25hznxdIxKRqsUhoJaehwvQxb5/OSQhhDl1HH+2wfEQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org