Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/PwfS07DDPg9sKp4cJ_m5UckLMso.roa
File: PwfS07DDPg9sKp4cJ_m5UckLMso.roa (raw, json)
Hash identifier: NMwaMQH7CUM3xE0cQskomH4iS55cR1c/Hyuki/P4udY=
Subject key identifier: 3F:07:D2:D3:B0:C3:3E:0F:6C:2A:9E:1C:27:F9:B9:51:C9:0B:32:CA
Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial: 01876B25A61A5A42509920492D0CDC68276F
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/PwfS07DDPg9sKp4cJ_m5UckLMso.roa
Signing time: Mon 10 Apr 2023 12:30:42 +0000
ROA not before: Mon 10 Apr 2023 12:30:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15774
IP address blocks: 188.168.160.0/21 maxlen: 32
188.168.188.0/23 maxlen: 32
188.168.128.0/24 maxlen: 32
188.244.216.0/21 maxlen: 32
188.244.224.0/20 maxlen: 32
188.168.96.0/23 maxlen: 32
188.168.92.0/22 maxlen: 32
188.168.4.0/23 maxlen: 32
188.168.10.0/23 maxlen: 32
188.168.8.0/23 maxlen: 32
188.168.8.0/22 maxlen: 32
188.168.224.0/22 maxlen: 32
188.168.13.0/24 maxlen: 32
188.168.15.0/24 maxlen: 32
188.168.14.0/24 maxlen: 32
188.168.232.0/21 maxlen: 32
188.168.240.0/21 maxlen: 32
188.168.33.0/24 maxlen: 32
2a02:618::/32 maxlen: 96
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6b:25:a6:1a:5a:42:50:99:20:49:2d:0c:dc:68:27:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Validity
Not Before: Apr 10 12:30:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f07d2d3b0c33e0f6c2a9e1c27f9b951c90b32ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:74:a3:3c:24:a3:a9:47:17:61:08:5f:15:18:
0d:31:02:63:8a:55:c2:38:08:ff:95:e2:40:2b:71:
41:30:e5:18:d5:86:c9:45:92:19:d5:9b:fa:1c:2f:
b2:de:fa:40:f6:4e:09:81:3f:5f:e2:c2:9c:d5:40:
e1:74:02:b7:ca:95:c6:c7:bf:a4:80:89:62:53:ed:
cc:07:5c:42:26:1a:44:c2:89:80:77:7a:92:28:42:
00:56:e4:c3:86:4c:54:34:70:55:cd:3d:ba:66:ea:
dd:4b:c3:77:a1:11:18:8e:ad:01:85:05:93:72:17:
fa:6d:4e:6f:b7:56:19:1d:4d:56:c8:bd:2a:11:f6:
02:11:49:53:15:62:fe:81:0b:e2:43:96:f8:1b:98:
3d:7a:98:f5:a9:19:cd:d7:e2:a0:c6:e2:e2:74:4a:
4d:c4:3c:2c:37:e9:6e:77:0f:a5:4d:e9:2f:46:a0:
06:08:bf:af:52:36:bc:da:de:cf:b4:76:fb:32:35:
17:25:b6:39:ce:73:f5:11:63:c2:1a:d2:ba:e1:c2:
6e:dc:0f:2b:a7:d9:c6:d4:ad:4f:3d:ac:65:1b:79:
8d:c1:3c:57:01:fd:d9:71:85:2b:b2:8f:11:f3:62:
d5:a9:a5:b0:5d:e4:78:18:13:0f:75:47:84:23:20:
24:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:07:D2:D3:B0:C3:3E:0F:6C:2A:9E:1C:27:F9:B9:51:C9:0B:32:CA
X509v3 Authority Key Identifier:
keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/PwfS07DDPg9sKp4cJ_m5UckLMso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.168.4.0/23
188.168.8.0/22
188.168.13.0-188.168.15.255
188.168.33.0/24
188.168.92.0-188.168.97.255
188.168.128.0/24
188.168.160.0/21
188.168.188.0/23
188.168.224.0/22
188.168.232.0-188.168.247.255
188.244.216.0-188.244.239.255
IPv6:
2a02:618::/32
Signature Algorithm: sha256WithRSAEncryption
0f:28:b3:5c:08:de:74:5f:b0:a7:12:e7:4e:bd:75:f8:f7:3f:
3b:d7:85:70:30:7a:a2:d0:3d:ef:68:25:d2:d4:b6:eb:df:8d:
a1:a3:e2:ec:d4:96:84:4a:47:ff:fd:02:15:ef:ba:37:50:96:
b0:8b:67:9a:4e:3b:96:ec:27:3c:d6:b5:4f:5e:c9:ae:36:41:
44:63:02:c1:e6:63:e3:9f:37:10:31:ec:58:c6:e0:25:af:30:
8b:74:be:18:91:ab:42:10:90:cc:4c:5d:2d:34:e8:6f:b1:53:
aa:12:b2:10:82:c0:4d:50:19:03:41:6e:1c:d3:be:87:3e:c9:
bf:33:52:44:1a:3f:bc:4d:51:fb:60:f0:ce:52:cc:9e:77:f7:
ba:98:f8:9d:32:8c:94:39:05:21:8a:08:84:1b:5f:f8:8d:71:
e4:ba:bc:de:59:ce:80:63:e8:82:30:36:79:31:1d:0c:bf:fd:
a8:3e:7b:91:82:e5:cd:6b:6f:ff:3f:d7:fc:0b:62:7d:b5:7a:
05:42:e0:11:cc:0e:cf:29:75:ad:49:ca:74:16:d1:d6:0c:1a:
1c:1d:7f:bf:af:62:56:0d:9d:26:c6:7e:a2:cf:6d:e1:59:28:
7a:05:03:c8:01:56:c9:48:f8:2a:5f:03:10:4c:53:ec:34:3b:
1e:bb:6f:f9
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYdrJaYaWkJQmSBJLQzcaCdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjMwNDEwMTIzMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA3ZDJkM2IwYzMzZTBmNmMyYTllMWMyN2Y5Yjk1MWM5MGIzMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXSjPCSjqUcXYQhfFRgNMQJjilXC
OAj/leJAK3FBMOUY1YbJRZIZ1Zv6HC+y3vpA9k4JgT9f4sKc1UDhdAK3ypXGx7+k
gIliU+3MB1xCJhpEwomAd3qSKEIAVuTDhkxUNHBVzT26ZurdS8N3oREYjq0BhQWT
chf6bU5vt1YZHU1WyL0qEfYCEUlTFWL+gQviQ5b4G5g9epj1qRnN1+KgxuLidEpN
xDwsN+ludw+lTekvRqAGCL+vUja82t7PtHb7MjUXJbY5znP1EWPCGtK64cJu3A8r
p9nG1K1PPaxlG3mNwTxXAf3ZcYUrso8R82LVqaWwXeR4GBMPdUeEIyAkRQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFD8H0tOwwz4PbCqeHCf5uVHJCzLKMB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvUHdmUzA3RERQZzlzS3A0Y0pfbTVVY2tMTXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk
LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAbyoBAME
AryoCDAMAwQAvKgNAwQEvKgAAwQAvKghMAwDBAK8qFwDBAG8qGADBAC8qIADBAO8
qKADBAG8qLwDBAK8qOAwDAMEA7yo6AMEA7yo8DAMAwQDvPTYAwQEvPTgMA0EAgAC
MAcDBQAqAgYYMA0GCSqGSIb3DQEBCwUAA4IBAQAPKLNcCN50X7CnEudOvXX49z87
14VwMHqi0D3vaCXS1Lbr342ho+Ls1JaESkf//QIV77o3UJawi2eaTjuW7Cc81rVP
XsmuNkFEYwLB5mPjnzcQMexYxuAlrzCLdL4YkatCEJDMTF0tNOhvsVOqErIQgsBN
UBkDQW4c076HPsm/M1JEGj+8TVH7YPDOUsyed/e6mPidMoyUOQUhigiEG1/4jXHk
urzeWc6AY+iCMDZ5MR0Mv/2oPnuRguXNa2//P9f8C2J9tXoFQuARzA7PKXWtScp0
FtHWDBocHX+/r2JWDZ0mxn6iz23hWSh6BQPIAVbJSPgqXwMQTFPsNDseu2/5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:47 2023 by rpki-client on console-ams.rpki-client.org