Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wk9vlXRz3OuBazjfuRJgBxtvLso.roa
File: wk9vlXRz3OuBazjfuRJgBxtvLso.roa (raw, json)
Hash identifier: Dn84vXlcjuibz8HvfyWJBe6c9YkKLhOcwPvAn8DnRjc=
Subject key identifier: C2:4F:6F:95:74:73:DC:EB:81:6B:38:DF:B9:12:60:07:1B:6F:2E:CA
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01869C372A7069A051BCA0BC158EBA500F81
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wk9vlXRz3OuBazjfuRJgBxtvLso.roa
Signing time: Wed 01 Mar 2023 08:08:26 +0000
ROA not before: Wed 01 Mar 2023 08:08:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.148.116.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:b105:120::/44 maxlen: 48
2a0e:97c0:260::/44 maxlen: 44
2a0c:3b80::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:b107:1e40::/44 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0c:3b83::/32 maxlen: 48
2a0e:b107:1165::/48 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:6f0::/44 maxlen: 44
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a10:cc41:800::/37 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:37:2a:70:69:a0:51:bc:a0:bc:15:8e:ba:50:0f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 1 08:08:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c24f6f957473dceb816b38dfb91260071b6f2eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a3:9b:48:6c:01:d0:e0:63:e6:c9:fe:ba:69:
5b:b1:88:b5:c3:10:82:1f:0c:f6:a2:ce:8e:17:32:
87:24:c5:03:5d:e8:ee:e9:fa:47:bc:dc:b4:58:38:
7c:29:f4:0d:61:78:f5:3e:b9:4a:5f:f4:02:dd:68:
b7:b2:74:cd:98:eb:e2:59:3c:5c:fa:18:c7:82:43:
7f:39:0a:bb:1b:31:30:69:80:be:5b:ea:4a:a8:68:
f1:b8:a0:c9:be:b2:63:40:df:50:13:37:ca:a6:80:
44:47:40:76:85:90:a8:0d:9f:ea:85:60:16:8b:7c:
40:cf:45:1a:fa:88:56:8b:df:8c:05:b8:4e:21:e0:
3e:2b:58:ac:40:d0:a3:b8:25:fc:80:ab:4f:dc:1a:
bf:aa:0d:01:32:07:40:91:6f:f1:8d:bf:25:14:d6:
4a:6f:8a:c1:f0:b5:a6:52:f9:fc:48:4c:64:73:b6:
1c:45:67:0c:f7:bd:48:69:d8:3f:0c:2b:b7:a6:73:
fa:bf:7a:2d:64:0d:70:6f:38:b1:e0:68:a8:9f:1b:
a7:6b:0e:a7:11:e6:d0:cf:6a:ec:f9:76:dd:6f:9a:
54:25:db:ea:4e:d5:48:4f:e9:9b:c6:b0:6c:b0:dc:
27:7f:ce:94:61:d0:da:53:5b:09:37:83:49:89:6a:
5a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4F:6F:95:74:73:DC:EB:81:6B:38:DF:B9:12:60:07:1B:6F:2E:CA
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wk9vlXRz3OuBazjfuRJgBxtvLso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
45.148.116.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
194.50.92.0/24
194.50.94.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c4:100::/44
2a0e:b105:120::/44
2a0e:b107:6f0::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:1e40::/44
2a0f:e404:102::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc41:800::/37
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
3d:c5:5b:51:3c:46:66:df:cd:0d:ee:8a:2d:b9:a2:21:76:10:
fc:b2:67:38:4e:f2:56:8c:72:fc:d8:71:4e:09:dc:0b:a3:5b:
dd:81:b7:73:18:5e:03:44:c1:62:8f:72:a3:f1:72:d9:ae:ab:
70:8f:3b:cd:c8:37:3a:a2:68:7e:57:a0:7c:68:cd:ed:ad:30:
e9:c6:a6:3c:ab:05:88:ab:33:02:9f:9a:c1:ee:d5:35:b2:2d:
bc:3b:18:c5:78:4d:a2:9a:1f:a6:75:f1:18:c4:10:7c:03:bb:
ee:32:ad:9e:8b:16:36:5a:4e:62:d4:4a:af:db:f2:92:5a:ac:
00:be:31:df:ed:71:42:71:8d:a0:58:cc:b5:31:ff:99:18:ff:
fe:35:3d:6a:7f:42:29:39:b6:9c:a9:2e:e3:22:00:9b:76:3f:
24:01:f7:a2:c6:fa:cd:f6:fa:d2:c9:fd:76:e5:f2:49:28:01:
27:63:bb:ee:f1:ce:97:43:5c:82:52:36:45:c2:fb:08:8a:b2:
8d:08:3a:c0:3a:91:d7:79:be:3f:ab:a3:db:3a:87:75:29:68:
bf:52:90:cd:29:95:47:86:83:d8:59:11:3b:13:f6:ab:df:a7:
82:b2:7f:a2:31:20:39:03:70:55:c3:09:eb:b8:08:09:a9:8b:
b3:1e:7d:13
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYacNypwaaBRvKC8FY66UA+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAxMDgwODI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRmNmY5NTc0NzNkY2ViODE2YjM4ZGZiOTEyNjAwNzFiNmYyZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKObSGwB0OBj5sn+umlbsYi1wxCC
Hwz2os6OFzKHJMUDXeju6fpHvNy0WDh8KfQNYXj1PrlKX/QC3Wi3snTNmOviWTxc
+hjHgkN/OQq7GzEwaYC+W+pKqGjxuKDJvrJjQN9QEzfKpoBER0B2hZCoDZ/qhWAW
i3xAz0Ua+ohWi9+MBbhOIeA+K1isQNCjuCX8gKtP3Bq/qg0BMgdAkW/xjb8lFNZK
b4rB8LWmUvn8SExkc7YcRWcM971Iadg/DCu3pnP6v3otZA1wbzix4Gionxunaw6n
EebQz2rs+Xbdb5pUJdvqTtVIT+mbxrBssNwnf86UYdDaU1sJN4NJiWpawQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFMJPb5V0c9zrgWs437kSYAcbby7KMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd2s5dmxYUnozT3VCYXpqZnVSSmdCeHR2THNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwSAQCAAEwQgMEAB8q
twMEAi0MRAMEAi2DuAMEAi2IiAMEAi2UdAMEAFXKywMEAF6xegMEAoscYAMEALno
dQMEAMIyXAMEAMIyXjCBqwQCAAIwgaQDBwAgAQf4ARkDBQMqCQTAMA4DBQcqDDuA
AwUAKgw7hgMHACoOl8ABcAMHBCoOl8ACYAMGACoOl8ECAwcEKg6XxAEAAwcEKg6x
BQEgAwcEKg6xBwbwAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcEKg6xBx5A
AwcAKg/kBAECAwcAKhAvAAGPAwcEKhDMQAJQAwYDKhDMQQgDBgQqEMxGEDANBgkq
hkiG9w0BAQsFAAOCAQEAPcVbUTxGZt/NDe6KLbmiIXYQ/LJnOE7yVoxy/NhxTgnc
C6Nb3YG3cxheA0TBYo9yo/Fy2a6rcI87zcg3OqJoflegfGjN7a0w6camPKsFiKsz
Ap+awe7VNbItvDsYxXhNopofpnXxGMQQfAO77jKtnosWNlpOYtRKr9vyklqsAL4x
3+1xQnGNoFjMtTH/mRj//jU9an9CKTm2nKku4yIAm3Y/JAH3osb6zfb60sn9duXy
SSgBJ2O77vHOl0NcglI2RcL7CIqyjQg6wDqR13m+P6uj2zqHdSlov1KQzSmVR4aD
2FkROxP2q9+ngrJ/ojEgOQNwVcMJ67gICamLsx59Ew==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:21 2023 by rpki-client on console-fra.rpki-client.org