Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/32EH0Qqiw57r1MGAcB1_lBvo_Nk.roa
File: 32EH0Qqiw57r1MGAcB1_lBvo_Nk.roa (raw, json)
Hash identifier: /WZQapyJ29X3Uhcb/j4xksi2vxFjBhYc5lUaDcpjq6w=
Subject key identifier: DF:61:07:D1:0A:A2:C3:9E:EB:D4:C1:80:70:1D:7F:94:1B:E8:FC:D9
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 01892AE4A34DEEDC2B814D811614EA0A1986
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/32EH0Qqiw57r1MGAcB1_lBvo_Nk.roa
Signing time: Thu 06 Jul 2023 11:09:34 +0000
ROA not before: Thu 06 Jul 2023 11:09:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35819
IP address blocks: 89.237.173.0/24 maxlen: 24
78.138.192.0/18 maxlen: 18
78.138.240.0/24 maxlen: 24
212.24.226.0/24 maxlen: 24
212.24.227.0/24 maxlen: 24
89.237.139.0/24 maxlen: 24
89.237.162.0/24 maxlen: 24
89.237.167.0/24 maxlen: 24
2a00:f580::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:e4:a3:4d:ee:dc:2b:81:4d:81:16:14:ea:0a:19:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: Jul 6 11:09:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df6107d10aa2c39eebd4c180701d7f941be8fcd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:64:40:01:8b:f8:2b:7f:54:aa:20:f8:ad:02:
16:6a:dc:6a:c4:c5:e6:a6:8d:1d:d8:9f:0f:68:9b:
53:e7:f3:ca:3d:6c:f3:9e:74:66:f5:01:60:95:b2:
a7:94:9d:c8:e8:5d:74:a1:2e:14:66:f0:b2:7a:0c:
3e:2d:a0:4a:8d:50:8c:8b:b9:37:96:67:71:df:32:
16:91:50:05:78:28:fa:2b:cd:43:a8:98:93:59:8c:
3b:03:65:80:18:aa:d5:c7:4a:67:2b:29:f1:26:60:
a5:e8:4a:ae:6d:14:b7:93:8f:a6:4d:af:fc:40:ae:
a9:d0:15:65:d1:19:1f:b1:51:06:e2:13:80:44:f4:
cf:eb:d5:8e:9a:4e:f2:57:13:97:d7:27:fe:74:43:
2b:9f:a0:eb:5f:c6:06:84:86:92:fd:08:5a:0e:e2:
a9:30:bd:86:a1:86:e5:8d:ee:8d:9e:ae:a8:0d:24:
f4:8f:3c:b7:fa:f7:18:4a:d5:f4:57:6b:d4:37:cf:
93:65:53:92:5d:cc:8e:4c:66:82:f7:0a:f7:d4:47:
d6:c1:77:78:fd:7b:18:ec:4e:f6:f8:ec:4d:d1:e5:
76:0f:9e:39:04:6d:4a:03:1b:26:50:f3:d0:d4:e0:
5e:62:b3:50:72:a9:f5:41:8f:e2:1e:ad:91:6e:5d:
4d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:61:07:D1:0A:A2:C3:9E:EB:D4:C1:80:70:1D:7F:94:1B:E8:FC:D9
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/32EH0Qqiw57r1MGAcB1_lBvo_Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.192.0/18
89.237.139.0/24
89.237.162.0/24
89.237.167.0/24
89.237.173.0/24
212.24.226.0/23
IPv6:
2a00:f580::/32
Signature Algorithm: sha256WithRSAEncryption
81:aa:96:7c:d1:2c:3f:3c:df:6b:66:52:07:f0:54:46:e6:f3:
19:57:d4:45:8f:58:21:8f:29:cd:4f:82:e9:fc:90:a5:15:b3:
cc:eb:64:dc:5e:8d:9a:78:08:9f:e3:6c:00:fe:db:ec:77:1b:
d6:8a:61:cc:41:8a:65:7d:02:41:03:06:3d:3e:96:d6:f8:ce:
48:a8:ed:4c:e3:34:e8:7e:ae:5a:0c:fa:03:b0:28:be:4c:75:
dd:99:42:58:81:ef:ef:3f:1f:9b:ae:37:f9:43:e2:d4:38:1d:
a7:06:8b:d5:ca:92:72:96:ca:ce:0f:93:b7:9e:8f:14:91:ef:
ee:0f:f3:01:38:c2:8a:55:84:89:d4:3c:af:ab:1d:03:30:0d:
63:44:49:6a:09:da:2b:db:bb:af:0c:37:de:71:d4:86:13:1e:
e2:61:e8:e6:36:17:43:dc:70:a4:86:21:33:b9:a0:15:ab:49:
65:c9:6e:7a:2f:8e:35:07:32:84:1e:bb:c6:74:89:b6:12:b4:
5c:8d:f6:68:f0:fc:84:88:13:28:3b:50:b7:f9:c7:93:ac:82:
62:0a:8e:71:79:e1:da:a6:c4:41:e8:a5:69:75:8e:8d:3e:0d:
35:e7:09:bc:cb:32:4c:88:e1:e2:c8:80:a9:4b:7d:af:55:f7:
64:66:f9:46
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYkq5KNN7twrgU2BFhTqChmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjMwNzA2MTEwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjYxMDdkMTBhYTJjMzllZWJkNGMxODA3MDFkN2Y5NDFiZThmY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2RAAYv4K39UqiD4rQIWatxqxMXm
po0d2J8PaJtT5/PKPWzznnRm9QFglbKnlJ3I6F10oS4UZvCyegw+LaBKjVCMi7k3
lmdx3zIWkVAFeCj6K81DqJiTWYw7A2WAGKrVx0pnKynxJmCl6EqubRS3k4+mTa/8
QK6p0BVl0RkfsVEG4hOARPTP69WOmk7yVxOX1yf+dEMrn6DrX8YGhIaS/QhaDuKp
ML2GoYblje6Nnq6oDST0jzy3+vcYStX0V2vUN8+TZVOSXcyOTGaC9wr31EfWwXd4
/XsY7E72+OxN0eV2D545BG1KAxsmUPPQ1OBeYrNQcqn1QY/iHq2Rbl1NaQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFN9hB9EKosOe69TBgHAdf5Qb6PzZMB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvMzJFSDBRcWl3NTdyMU1HQWNCMV9sQnZvX05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGTorAAwQA
We2LAwQAWe2iAwQAWe2nAwQAWe2tAwQB1BjiMA0EAgACMAcDBQAqAPWAMA0GCSqG
SIb3DQEBCwUAA4IBAQCBqpZ80Sw/PN9rZlIH8FRG5vMZV9RFj1ghjynNT4Lp/JCl
FbPM62TcXo2aeAif42wA/tvsdxvWimHMQYplfQJBAwY9PpbW+M5IqO1M4zTofq5a
DPoDsCi+THXdmUJYge/vPx+brjf5Q+LUOB2nBovVypJylsrOD5O3no8Uke/uD/MB
OMKKVYSJ1Dyvqx0DMA1jRElqCdor27uvDDfecdSGEx7iYejmNhdD3HCkhiEzuaAV
q0llyW56L441BzKEHrvGdIm2ErRcjfZo8PyEiBMoO1C3+ceTrIJiCo5xeeHapsRB
6KVpdY6NPg015wm8yzJMiOHiyICpS32vVfdkZvlG
-----END CERTIFICATE-----
Generated at Mon Aug 21 17:09:59 2023 by rpki-client on console-fra.rpki-client.org