Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_KlqsFuSMQAbQCNIA7baGhbuEUU.roa
File: _KlqsFuSMQAbQCNIA7baGhbuEUU.roa (raw, json)
Hash identifier: EUdRAM8qfsL8xp2f+mOXIPuI/Fk5pwLLK8xJemITerA=
Subject key identifier: FC:A9:6A:B0:5B:92:31:00:1B:40:23:48:03:B6:DA:1A:16:EE:11:45
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187EC5FAB78B48430D4C44E93B7C55BA7B4
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_KlqsFuSMQAbQCNIA7baGhbuEUU.roa
Signing time: Fri 05 May 2023 14:45:05 +0000
ROA not before: Fri 05 May 2023 14:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.148.116.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:97c3:110::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:5f:ab:78:b4:84:30:d4:c4:4e:93:b7:c5:5b:a7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 5 14:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fca96ab05b9231001b40234803b6da1a16ee1145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7c:bc:94:7d:75:1e:d8:3c:42:77:46:ba:0f:
df:28:4e:42:46:24:b6:cd:55:38:73:1b:9d:d1:27:
4e:b6:1a:e7:ef:1a:db:60:34:bb:b0:76:26:5f:5a:
7b:53:c3:50:cd:55:3e:d7:c0:d8:0e:7b:f5:78:5c:
d1:4c:66:87:5a:07:e5:9b:25:d3:d1:fe:34:3f:f1:
f2:7a:fd:1c:1c:86:e5:23:b1:4b:01:5b:63:67:5c:
5d:58:d6:10:39:e7:05:3d:62:50:5f:f6:7d:7a:e5:
39:36:4d:02:ed:3a:a4:92:4e:6e:d2:c7:d9:4a:c6:
9a:1a:53:32:67:8e:a7:6b:37:81:f1:f4:3e:18:40:
7c:a0:b5:5d:24:cc:0a:36:f8:d3:78:ff:1a:1d:9f:
24:df:e2:bd:ad:12:5e:d7:05:a2:b8:7e:11:fb:43:
89:93:54:6f:18:59:e5:b7:89:28:41:d5:93:35:bb:
8e:46:ba:d6:3d:cb:28:14:19:f5:33:de:67:e8:57:
6e:f3:b6:c5:9f:87:c8:75:5c:88:2d:f7:e9:d6:bd:
64:2b:13:1f:6c:28:de:b7:26:f7:78:9b:66:46:a3:
8f:ad:6c:e0:dd:2c:0b:9a:02:23:7d:b5:e9:06:88:
9f:f8:37:e5:59:ec:e8:9c:df:c6:1f:6b:62:f4:a7:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A9:6A:B0:5B:92:31:00:1B:40:23:48:03:B6:DA:1A:16:EE:11:45
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_KlqsFuSMQAbQCNIA7baGhbuEUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
45.148.116.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
Signature Algorithm: sha256WithRSAEncryption
31:fa:78:ca:32:6a:f1:2a:6c:27:79:ef:73:a2:60:ac:c7:33:
07:29:00:94:07:27:6f:6b:e4:d0:20:dc:96:d1:eb:9c:f8:eb:
a9:c6:c9:e9:d8:ec:28:b3:63:d4:50:07:90:db:30:e2:cc:8e:
9a:74:f7:84:37:c0:24:3c:89:3c:7c:25:d5:cf:0f:a6:62:b4:
ec:9d:0a:85:07:cf:01:28:c2:7d:fc:66:28:31:d1:61:54:c7:
c6:1b:24:96:e4:a0:a2:58:a3:a5:55:a4:82:7b:dc:01:7e:f3:
05:0f:97:1f:f3:6b:02:60:d4:11:df:79:70:9d:0f:ca:18:ff:
6c:8a:8a:e9:73:f1:d7:5e:b6:71:b7:a1:13:a3:69:ec:6c:18:
5a:ad:a4:dd:ac:0d:7c:35:ab:59:09:2f:13:e5:a1:29:9b:19:
d6:08:a5:35:7c:b2:31:42:4f:ab:86:06:9b:26:44:48:c9:54:
7b:f9:e6:cd:7a:09:77:17:ce:9b:12:63:d3:73:18:df:14:96:
d8:32:7b:b3:fa:99:70:6f:fc:d3:b0:4c:5d:b9:76:de:16:89:
5e:b0:6a:85:cd:11:f1:03:8f:43:92:2f:ea:b4:29:60:4d:59:
00:04:61:db:5f:3e:7c:d0:05:5f:47:7f:0f:ec:8b:3e:fb:d7:
e3:79:cb:47
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAYfsX6t4tIQw1MROk7fFW6e0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTA1MTQ0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2E5NmFiMDViOTIzMTAwMWI0MDIzNDgwM2I2ZGExYTE2ZWUxMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHy8lH11Htg8QndGug/fKE5CRiS2
zVU4cxud0SdOthrn7xrbYDS7sHYmX1p7U8NQzVU+18DYDnv1eFzRTGaHWgflmyXT
0f40P/Hyev0cHIblI7FLAVtjZ1xdWNYQOecFPWJQX/Z9euU5Nk0C7Tqkkk5u0sfZ
SsaaGlMyZ46nazeB8fQ+GEB8oLVdJMwKNvjTeP8aHZ8k3+K9rRJe1wWiuH4R+0OJ
k1RvGFnlt4koQdWTNbuORrrWPcsoFBn1M95n6Fdu87bFn4fIdVyILffp1r1kKxMf
bCjetyb3eJtmRqOPrWzg3SwLmgIjfbXpBoif+DflWezonN/GH2ti9Kc19QIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFPyparBbkjEAG0AjSAO22hoW7hFFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX0tscXNGdVNNUUFiUUNOSUE3YmFHaGJ1RVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADBOBAIAATBIAwQA
Hyq3AwQCLQxEAwQCLYO4AwQCLYiIAwQCLZR0AwQBTVEyAwQAVcrLAwQAXrF6AwQC
ixxgAwQAueh1AwQAwjJcAwQAwjJeMIGtBAIAAjCBpgMFAyoJBMAwDgMFByoMO4AD
BQAqDDuGAwcAKg6XwAFwAwcEKg6XwAHQAwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfD
ARADBwQqDpfEAQADBwQqDpfEASADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YD
BwMqDrEHIcADBwAqD+QEAQIDBwAqEC8AAY0DBwAqEC8AAY8DBwQqEMxAAlADBwQq
EMxFATAwDQYJKoZIhvcNAQELBQADggEBADH6eMoyavEqbCd573OiYKzHMwcpAJQH
J29r5NAg3JbR65z466nGyenY7CizY9RQB5DbMOLMjpp094Q3wCQ8iTx8JdXPD6Zi
tOydCoUHzwEown38Zigx0WFUx8YbJJbkoKJYo6VVpIJ73AF+8wUPlx/zawJg1BHf
eXCdD8oY/2yKiulz8ddetnG3oROjaexsGFqtpN2sDXw1q1kJLxPloSmbGdYIpTV8
sjFCT6uGBpsmREjJVHv55s16CXcXzpsSY9NzGN8Ultgye7P6mXBv/NOwTF25dt4W
iV6waoXNEfEDj0OSL+q0KWBNWQAEYdtfPnzQBV9Hfw/siz771+N5y0c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org