Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iw7RvplFyoGaeUq9lvnC0i-aQ90.roa
File: iw7RvplFyoGaeUq9lvnC0i-aQ90.roa (raw, json)
Hash identifier: 8pJbGqDRLPU0pd1t3v68krz4d5sveb3IY6HNeQ7rA4U=
Subject key identifier: 8B:0E:D1:BE:99:45:CA:81:9A:79:4A:BD:96:F9:C2:D2:2F:9A:43:DD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018857EE74C1A857B54376AEBEA9E7934371
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iw7RvplFyoGaeUq9lvnC0i-aQ90.roa
Signing time: Fri 26 May 2023 12:00:25 +0000
ROA not before: Fri 26 May 2023 12:00:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
193.163.85.0/24 maxlen: 24
193.163.86.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.148.116.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a04:ccc6::/32 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a10:ccc0:420::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:57:ee:74:c1:a8:57:b5:43:76:ae:be:a9:e7:93:43:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 26 12:00:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b0ed1be9945ca819a794abd96f9c2d22f9a43dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:65:d0:32:e8:e3:b3:db:61:61:89:f7:b8:
e6:e8:30:c7:96:67:1c:ee:79:20:ce:f7:3d:52:47:
3a:08:b5:3f:0d:bf:4e:85:c1:19:28:e1:bb:4d:a4:
45:35:16:29:05:85:74:74:d7:a6:f8:4d:42:84:22:
cc:54:90:3f:a8:bc:25:fc:ea:36:07:df:3e:16:73:
3c:c1:05:a9:1d:fc:74:5b:50:01:7e:96:d6:29:b4:
ab:2b:04:73:f8:e2:99:93:71:2a:a0:29:a7:91:fb:
06:11:2b:78:43:76:da:49:54:bb:99:40:3d:6d:17:
c6:40:13:54:35:a5:87:b9:3e:71:e7:15:4c:21:5a:
ca:ed:07:9e:1d:6a:20:28:95:2b:1a:e8:67:70:94:
29:29:76:3f:9d:69:12:1f:4b:e6:bc:71:52:7f:a3:
7f:26:f3:84:7e:0e:d1:36:bb:24:8e:f7:d3:3d:a6:
ca:9a:d2:16:e8:6c:a8:fd:c6:7a:db:2a:3f:e6:4a:
01:a7:25:c5:a2:d5:2b:7c:c7:9c:e7:c5:12:6c:69:
5a:5a:92:0b:32:10:61:85:70:8b:e8:43:4a:0f:f3:
6e:71:b9:3d:95:eb:06:47:aa:0f:19:eb:0a:91:bc:
ed:a3:23:76:99:72:61:88:91:67:1d:91:44:a5:b3:
05:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0E:D1:BE:99:45:CA:81:9A:79:4A:BD:96:F9:C2:D2:2F:9A:43:DD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iw7RvplFyoGaeUq9lvnC0i-aQ90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
45.148.116.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
193.163.85.0-193.163.86.255
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc1::/32
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
21:e4:f5:20:22:ec:92:0e:fd:41:1a:63:0a:f9:38:e1:2b:ea:
ca:6f:6e:ec:f8:0a:0a:d7:11:93:49:9f:44:f2:7d:a3:75:aa:
8b:ae:c7:e4:c2:cb:ca:db:50:54:12:77:b5:b2:d9:cb:5d:a9:
fb:08:9c:ae:44:ab:69:bd:1d:e3:2c:28:05:8d:0b:27:94:6d:
fc:5b:78:44:04:c2:4c:34:f6:24:48:0c:5a:c4:4b:4b:6f:83:
df:69:1b:f8:50:21:10:19:29:7b:68:89:7b:6f:1d:ed:50:73:
1e:79:7c:02:2a:6a:ba:db:c8:1a:6d:17:4a:6a:22:0d:17:8b:
a9:9c:10:1c:a1:66:1e:da:60:b5:2e:f4:66:3c:94:68:e1:c3:
da:db:23:1f:d9:fb:22:d6:e4:09:60:79:11:4d:fb:8f:f9:7c:
b7:75:70:54:4d:4e:a0:29:c4:7e:29:60:7f:82:3d:3a:88:fd:
93:e3:56:9b:8d:23:08:0e:a1:9a:47:c3:da:9b:ce:cd:d3:91:
5d:46:54:1a:4b:1b:39:20:8c:38:f4:5b:35:0d:86:aa:50:72:
3c:25:6c:13:88:4b:2f:2e:60:cb:8b:8f:5b:70:52:9e:05:36:
c1:6f:68:2c:9c:75:0b:2f:1f:3c:f4:d2:f3:df:44:e4:92:96:
a3:e1:1c:81
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgISAYhX7nTBqFe1Q3auvqnnk0NxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTI2MTIwMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBlZDFiZTk5NDVjYTgxOWE3OTRhYmQ5NmY5YzJkMjJmOWE0M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqdl0DLo47PbYWGJ97jm6DDHlmcc
7nkgzvc9Ukc6CLU/Db9OhcEZKOG7TaRFNRYpBYV0dNem+E1ChCLMVJA/qLwl/Oo2
B98+FnM8wQWpHfx0W1ABfpbWKbSrKwRz+OKZk3EqoCmnkfsGESt4Q3baSVS7mUA9
bRfGQBNUNaWHuT5x5xVMIVrK7QeeHWogKJUrGuhncJQpKXY/nWkSH0vmvHFSf6N/
JvOEfg7RNrskjvfTPabKmtIW6Gyo/cZ62yo/5koBpyXFotUrfMec58USbGlaWpIL
MhBhhXCL6ENKD/Nucbk9lesGR6oPGesKkbztoyN2mXJhiJFnHZFEpbMFNQIDAQAB
o4IDLzCCAyswHQYDVR0OBBYEFIsO0b6ZRcqBmnlKvZb5wtIvmkPdMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaXc3UnZwbEZ5b0dhZVVxOWx2bkMwaS1hUTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQwYIKwYBBQUHAQcBAf8EggEyMIIBLjBcBAIAATBWAwQA
Hyq3AwQCLQxEAwQCLYO4AwQCLYiIAwQCLZR0AwQBTVEyAwQAVcrLAwQAXrF6AwQC
ixxgAwQAueh1MAwDBADBo1UDBADBo1YDBADCMlwDBADCMl4wgc0EAgACMIHGAwUA
KgTMwTAOAwUAKgTMwwMFAyoEzMADBQMqCQTAMA4DBQcqDDuAAwUAKgw7hgMHACoO
l8ABcAMHBCoOl8AB0AMHBCoOl8ACYAMGACoOl8ECAwcEKg6XwwEQAwcEKg6XxAEA
AwcEKg6XxAEgAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcDKg6xByHAAwcA
Kg/kBAECAwcAKhAvAAGNAwcAKhAvAAGPAwcEKhDMQAJQAwcEKhDMRQEwAwcEKhDM
wAQgMA0GCSqGSIb3DQEBCwUAA4IBAQAh5PUgIuySDv1BGmMK+TjhK+rKb27s+AoK
1xGTSZ9E8n2jdaqLrsfkwsvK21BUEne1stnLXan7CJyuRKtpvR3jLCgFjQsnlG38
W3hEBMJMNPYkSAxaxEtLb4PfaRv4UCEQGSl7aIl7bx3tUHMeeXwCKmq628gabRdK
aiINF4upnBAcoWYe2mC1LvRmPJRo4cPa2yMf2fsi1uQJYHkRTfuP+Xy3dXBUTU6g
KcR+KWB/gj06iP2T41abjSMIDqGaR8Pam87N05FdRlQaSxs5IIw49Fs1DYaqUHI8
JWwTiEsvLmDLi49bcFKeBTbBb2gsnHULLx889NLz30Tkkpaj4RyB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:02 2023 by rpki-client on console-ams.rpki-client.org