Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/S3SDn_-DH-Z1rpulkQzPavRdp_0.roa
File: S3SDn_-DH-Z1rpulkQzPavRdp_0.roa (raw, json)
Hash identifier: nrZx4JDY+j6Y+xGzkvFdZuso5z2zMK/VudkdnciIyI4=
Subject key identifier: 4B:74:83:9F:FF:83:1F:E6:75:AE:9B:A5:91:0C:CF:6A:F4:5D:A7:FD
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018AAF6646D56CD9899B56F247488A1E8FE2
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/S3SDn_-DH-Z1rpulkQzPavRdp_0.roa
Signing time: Tue 19 Sep 2023 21:43:50 +0000
ROA not before: Tue 19 Sep 2023 21:43:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41079
IP address blocks: 185.204.216.0/22 maxlen: 24
195.114.0.0/23 maxlen: 24
193.17.184.0/24 maxlen: 24
178.250.40.0/21 maxlen: 24
185.201.112.0/22 maxlen: 24
185.208.164.0/24 maxlen: 24
194.169.227.0/24 maxlen: 24
195.242.116.0/23 maxlen: 24
193.218.152.0/22 maxlen: 24
195.2.254.0/23 maxlen: 24
91.228.196.0/22 maxlen: 24
91.237.52.0/24 maxlen: 24
185.193.112.0/22 maxlen: 24
185.25.148.0/22 maxlen: 24
185.5.96.0/22 maxlen: 24
91.199.22.0/24 maxlen: 24
91.239.66.0/23 maxlen: 24
185.123.160.0/22 maxlen: 24
185.243.52.0/22 maxlen: 24
195.78.66.0/23 maxlen: 24
91.234.146.0/24 maxlen: 24
185.180.204.0/22 maxlen: 24
2a02:1778::/32 maxlen: 32
2a02:1778::/48 maxlen: 64
2a02:1778:194::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:af:66:46:d5:6c:d9:89:9b:56:f2:47:48:8a:1e:8f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Sep 19 21:43:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b74839fff831fe675ae9ba5910ccf6af45da7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:20:5f:bf:ad:c6:08:ac:5f:b1:6e:6f:11:94:
7a:b3:9d:cf:f2:65:79:cd:04:14:57:28:bd:37:a7:
88:70:c7:2b:6e:6c:04:a9:70:6f:a3:61:eb:9d:01:
3c:da:dd:2d:e3:7b:f8:e7:7f:4e:fa:92:c9:fb:66:
a7:51:ed:10:15:53:2f:21:2c:9a:37:b0:24:28:7e:
ec:23:9c:14:d5:85:e6:58:2b:90:6c:0a:29:d2:62:
e5:33:87:1b:7c:9c:79:7d:91:0d:fe:77:42:e3:11:
27:78:51:2f:c2:b0:8f:b4:1d:31:16:96:25:d9:48:
64:9e:40:2e:e2:07:a7:43:f6:86:e2:8d:fd:96:ea:
ec:76:2d:66:4f:a9:b8:ba:02:f3:3d:78:4c:aa:3b:
56:2a:4c:a1:a9:48:77:09:cf:5f:a0:6f:ff:4b:56:
69:a3:e2:0a:29:fe:52:b4:e7:54:d3:71:ab:d6:9d:
96:37:6a:41:6d:8e:67:a0:0c:d0:9d:d5:9f:07:0d:
80:ab:e2:ce:16:19:19:42:88:2d:b4:da:92:10:0c:
f9:8c:a8:b8:92:69:21:01:ce:6b:4e:22:44:26:18:
d9:76:9c:6f:64:ce:27:2e:59:98:b4:48:1f:5d:e3:
a3:89:a8:83:eb:9f:14:5c:89:b2:6f:8d:2c:e9:d5:
2a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:74:83:9F:FF:83:1F:E6:75:AE:9B:A5:91:0C:CF:6A:F4:5D:A7:FD
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/S3SDn_-DH-Z1rpulkQzPavRdp_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
178.250.40.0/21
185.5.96.0/22
185.25.148.0/22
185.123.160.0/22
185.180.204.0/22
185.193.112.0/22
185.201.112.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.17.184.0/24
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
IPv6:
2a02:1778::/32
Signature Algorithm: sha256WithRSAEncryption
57:80:6a:62:a5:37:59:f6:25:e1:cb:db:4d:b7:ef:a9:83:b5:
c9:bd:a1:6e:2a:98:b1:93:68:9a:99:60:b4:fb:50:65:27:34:
15:49:0d:6d:39:a8:fe:1c:68:bb:b0:7c:d0:27:a3:34:67:5b:
7c:83:b3:39:d3:c3:f6:4e:4b:47:4a:29:42:53:ad:2d:f2:87:
f8:df:ec:fb:4d:81:de:94:a7:8a:62:1e:07:fa:e0:61:4a:90:
42:ac:5a:c2:8f:12:ac:bd:7c:46:14:88:f3:cd:13:cd:0c:af:
77:75:66:63:b7:75:b5:4d:10:5d:46:a6:da:c6:b1:7b:51:19:
66:28:14:96:69:6f:52:13:cd:32:31:58:dc:1f:47:6f:f1:3a:
f0:92:63:81:fa:a7:6d:8b:7f:ae:92:69:3f:ac:0a:18:fb:d0:
ed:44:21:75:c8:ef:6e:eb:74:e9:42:0a:d8:1e:03:b9:c4:de:
a3:28:49:43:6b:e8:76:32:83:29:85:83:ef:96:e4:f1:ed:a5:
05:11:99:15:02:7e:f1:0c:be:a9:3a:15:cc:cf:b3:a6:5e:f4:
ac:17:9d:03:47:e5:73:86:16:44:b5:b1:6c:96:81:52:1a:f5:
ff:b8:81:b2:57:9a:59:40:c3:ff:38:68:af:ae:70:dc:c7:44:
d8:44:3b:9b
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYqvZkbVbNmJm1byR0iKHo/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwOTE5MjE0MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjc0ODM5ZmZmODMxZmU2NzVhZTliYTU5MTBjY2Y2YWY0NWRhN2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyBfv63GCKxfsW5vEZR6s53P8mV5
zQQUVyi9N6eIcMcrbmwEqXBvo2HrnQE82t0t43v4539O+pLJ+2anUe0QFVMvISya
N7AkKH7sI5wU1YXmWCuQbAop0mLlM4cbfJx5fZEN/ndC4xEneFEvwrCPtB0xFpYl
2UhknkAu4genQ/aG4o39lursdi1mT6m4ugLzPXhMqjtWKkyhqUh3Cc9foG//S1Zp
o+IKKf5StOdU03Gr1p2WN2pBbY5noAzQndWfBw2Aq+LOFhkZQogttNqSEAz5jKi4
kmkhAc5rTiJEJhjZdpxvZM4nLlmYtEgfXeOjiaiD658UXImyb40s6dUqLQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFEt0g5//gx/mda6bpZEMz2r0Xaf9MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvUzNTRG5fLURILVoxcnB1bGtRelBhdlJkcF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBABb
xxYDBAJb5MQDBABb6pIDBABb7TQDBAFb70IDBAOy+igDBAK5BWADBAK5GZQDBAK5
e6ADBAK5tMwDBAK5wXADBAK5yXADBAK5zNgDBAC50KQDBAK58zQDBADBEbgDBALB
2pgDBADCqeMDBAHDAv4DBAHDTkIDBAHDcgADBAHD8nQwDQQCAAIwBwMFACoCF3gw
DQYJKoZIhvcNAQELBQADggEBAFeAamKlN1n2JeHL202376mDtcm9oW4qmLGTaJqZ
YLT7UGUnNBVJDW05qP4caLuwfNAnozRnW3yDsznTw/ZOS0dKKUJTrS3yh/jf7PtN
gd6Up4piHgf64GFKkEKsWsKPEqy9fEYUiPPNE80Mr3d1ZmO3dbVNEF1GptrGsXtR
GWYoFJZpb1ITzTIxWNwfR2/xOvCSY4H6p22Lf66SaT+sChj70O1EIXXI727rdOlC
CtgeA7nE3qMoSUNr6HYygymFg++W5PHtpQURmRUCfvEMvqk6FczPs6Ze9KwXnQNH
5XOGFkS1sWyWgVIa9f+4gbJXmllAw/84aK+ucNzHRNhEO5s=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:56 2024 by rpki-client on console-fra.rpki-client.org