Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/a02qIEjmKaziZ4AmvTWUXEkBlsc.roa
File: a02qIEjmKaziZ4AmvTWUXEkBlsc.roa (raw, json)
Hash identifier: UQeE+mH71JpRXulQ+M5AE4u10WcllSa/TolnHp+6S0U=
Subject key identifier: 6B:4D:AA:20:48:E6:29:AC:E2:67:80:26:BD:35:94:5C:49:01:96:C7
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709519E73C8375DF664D33D53B76C903
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/a02qIEjmKaziZ4AmvTWUXEkBlsc.roa
Signing time: Mon 02 Jan 2023 03:44:57 +0000
ROA not before: Mon 02 Jan 2023 03:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41575
IP address blocks: 95.46.144.0/24 maxlen: 24
95.46.34.0/23 maxlen: 24
31.148.224.0/20 maxlen: 24
93.171.48.0/20 maxlen: 24
31.148.32.0/21 maxlen: 24
93.171.80.0/20 maxlen: 24
92.253.240.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:19:e7:3c:83:75:df:66:4d:33:d5:3b:76:c9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b4daa2048e629ace2678026bd35945c490196c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9c:0f:67:65:60:fb:4b:42:ea:38:ff:f1:89:
52:46:36:c7:4f:dc:35:6c:1f:b2:86:77:8d:00:c4:
d7:00:bf:4a:68:1a:55:ac:36:bc:08:f5:21:e2:d8:
7e:57:ed:39:ae:f8:07:e8:2a:23:4b:ed:68:61:13:
c8:6c:18:bb:2e:4c:bd:9e:19:fe:06:bb:2f:9a:6b:
a1:a8:04:38:3d:a8:eb:49:90:67:cc:3f:41:64:d6:
20:e0:17:7a:05:e2:d2:92:73:fd:a8:19:3c:ba:3d:
f9:54:29:78:82:64:6e:4a:03:ee:a4:d5:cd:38:eb:
5a:04:68:dd:c9:b9:58:0d:19:6c:1e:f0:83:39:b7:
f4:28:27:e6:55:95:92:0e:4c:ac:3b:7b:a4:96:88:
d6:5f:bd:61:04:3b:4b:46:7d:03:d0:53:74:ae:d5:
8a:1e:11:b5:10:05:ab:33:48:97:6e:0b:e7:11:64:
a5:cf:b9:88:e3:3d:b9:81:d9:2e:c7:0a:e0:f1:39:
89:61:aa:9a:4c:53:06:08:7f:53:76:ea:3c:9b:0a:
7b:c4:9e:49:37:f0:ac:9b:77:0a:bd:1e:71:54:a7:
be:99:c1:48:2f:fb:fe:21:a0:60:fc:7f:2a:61:47:
c5:c1:da:23:7f:18:7b:5f:09:10:cb:8c:ca:a2:bf:
d9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4D:AA:20:48:E6:29:AC:E2:67:80:26:BD:35:94:5C:49:01:96:C7
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/a02qIEjmKaziZ4AmvTWUXEkBlsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.32.0/21
31.148.224.0/20
92.253.240.0/20
93.171.48.0/20
93.171.80.0/20
95.46.34.0/23
95.46.144.0/24
Signature Algorithm: sha256WithRSAEncryption
48:b8:e4:32:f1:38:8a:85:b0:41:21:39:12:79:d0:04:c3:85:
3d:6c:f1:b3:61:7d:7a:ea:a2:98:9d:17:06:83:33:72:c3:33:
6f:a5:c7:ee:ca:58:89:2e:df:6f:5e:5e:17:49:25:dc:22:aa:
cc:a5:93:cb:85:e0:31:3b:e8:13:39:5c:f7:c3:fd:fd:7c:c2:
59:17:23:f4:1b:fa:e6:af:52:a4:19:45:ff:4d:a2:f8:ac:ed:
79:b4:53:c9:f0:1e:33:b0:54:30:08:0c:e6:c8:3e:01:5f:70:
6f:21:cc:2b:a2:ed:63:cb:97:d2:07:15:7d:45:f4:34:36:03:
97:ae:b9:4c:93:0c:d6:90:96:9b:11:53:77:e0:c6:f6:1a:c9:
64:43:cf:fa:ea:c6:45:6b:6e:77:d3:08:b2:24:c6:ff:2a:15:
d5:28:68:16:bc:30:cc:f9:0f:5c:6d:0d:b9:06:0c:61:34:be:
ac:7e:59:19:5b:ff:2e:7e:3c:77:4b:fb:0f:e6:d5:ab:a8:83:
67:29:71:61:35:b2:06:2d:2c:29:dd:81:c6:c1:9f:dd:d5:55:
b1:1e:cd:05:5c:86:2f:95:54:ca:c5:55:e7:fd:5a:ec:93:1f:
02:e8:b0:b5:f2:5c:af:b7:ba:79:bb:ff:98:cc:9a:ba:f1:58:
64:aa:07:2d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVwlRnnPIN132ZNM9U7dskDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjRkYWEyMDQ4ZTYyOWFjZTI2NzgwMjZiZDM1OTQ1YzQ5MDE5NmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZwPZ2Vg+0tC6jj/8YlSRjbHT9w1
bB+yhneNAMTXAL9KaBpVrDa8CPUh4th+V+05rvgH6CojS+1oYRPIbBi7Lky9nhn+
BrsvmmuhqAQ4PajrSZBnzD9BZNYg4Bd6BeLSknP9qBk8uj35VCl4gmRuSgPupNXN
OOtaBGjdyblYDRlsHvCDObf0KCfmVZWSDkysO3uklojWX71hBDtLRn0D0FN0rtWK
HhG1EAWrM0iXbgvnEWSlz7mI4z25gdkuxwrg8TmJYaqaTFMGCH9Tduo8mwp7xJ5J
N/Csm3cKvR5xVKe+mcFIL/v+IaBg/H8qYUfFwdojfxh7XwkQy4zKor/ZzwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGtNqiBI5ims4meAJr01lFxJAZbHMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYTAycUlFam1LYXppWjRBbXZUV1VYRWtCbHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDH5QgAwQE
H5TgAwQEXP3wAwQEXaswAwQEXatQAwQBXy4iAwQAXy6QMA0GCSqGSIb3DQEBCwUA
A4IBAQBIuOQy8TiKhbBBITkSedAEw4U9bPGzYX166qKYnRcGgzNywzNvpcfuyliJ
Lt9vXl4XSSXcIqrMpZPLheAxO+gTOVz3w/39fMJZFyP0G/rmr1KkGUX/TaL4rO15
tFPJ8B4zsFQwCAzmyD4BX3BvIcwrou1jy5fSBxV9RfQ0NgOXrrlMkwzWkJabEVN3
4Mb2GslkQ8/66sZFa2530wiyJMb/KhXVKGgWvDDM+Q9cbQ25BgxhNL6sflkZW/8u
fjx3S/sP5tWrqINnKXFhNbIGLSwp3YHGwZ/d1VWxHs0FXIYvlVTKxVXn/Vrskx8C
6LC18lyvt7p5u/+YzJq68Vhkqgct
-----END CERTIFICATE-----
Generated at Wed Dec 27 13:58:46 2023 by rpki-client on console-ams.rpki-client.org