Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/0NUTtG4l0NHs9Dby3TmqNwLthwE.roa
File: 0NUTtG4l0NHs9Dby3TmqNwLthwE.roa (raw, json)
Hash identifier: ho2k9fD3RTwRYrRj1hviY8tAWEAF/1IO/gDUGFmWH44=
Subject key identifier: D0:D5:13:B4:6E:25:D0:D1:EC:F4:36:F2:DD:39:AA:37:02:ED:87:01
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 01856C13920C52850352FEFBB5C285645CCB
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/0NUTtG4l0NHs9Dby3TmqNwLthwE.roa
Signing time: Sun 01 Jan 2023 06:44:59 +0000
ROA not before: Sun 01 Jan 2023 06:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49293
IP address blocks: 95.170.112.0/24 maxlen: 24
95.170.118.0/24 maxlen: 24
95.170.117.0/24 maxlen: 24
95.170.116.0/24 maxlen: 24
95.170.115.0/24 maxlen: 24
95.170.114.0/24 maxlen: 24
95.170.113.0/24 maxlen: 24
95.170.112.0/21 maxlen: 21
95.170.119.0/24 maxlen: 24
212.107.226.0/24 maxlen: 24
212.107.225.0/24 maxlen: 24
212.107.224.0/20 maxlen: 20
212.107.224.0/24 maxlen: 24
212.107.230.0/24 maxlen: 24
212.107.229.0/24 maxlen: 24
212.107.228.0/24 maxlen: 24
212.107.227.0/24 maxlen: 24
212.107.233.0/24 maxlen: 24
212.107.232.0/24 maxlen: 24
212.107.231.0/24 maxlen: 24
212.107.237.0/24 maxlen: 24
212.107.236.0/24 maxlen: 24
212.107.235.0/24 maxlen: 24
212.107.234.0/24 maxlen: 24
212.107.239.0/24 maxlen: 24
212.107.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:92:0c:52:85:03:52:fe:fb:b5:c2:85:64:5c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 06:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0d513b46e25d0d1ecf436f2dd39aa3702ed8701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:e9:c9:ba:36:b3:89:2a:fb:49:f5:31:02:
b7:de:63:4f:1f:c8:61:fc:c6:85:41:3d:7e:ab:8b:
17:51:b3:40:b9:4c:5f:88:7b:cc:b6:d8:31:08:2b:
c7:1a:c2:99:65:5c:ed:9d:ef:81:68:77:fe:35:4e:
92:a6:f0:6d:ab:fd:61:e6:5f:97:6e:58:d9:e0:5b:
cb:d1:11:af:21:a4:a4:f5:b3:a5:1b:3a:a2:72:28:
d8:15:6f:26:b0:b9:75:98:ee:3a:1b:1b:b7:e7:04:
cb:dd:76:90:a4:99:8a:1b:3b:75:5e:6c:80:b9:f5:
1e:04:89:09:73:98:c0:65:d0:5c:d2:b3:d3:27:88:
56:d8:57:57:a7:8e:d4:e1:0e:26:62:b9:ff:7e:1f:
00:55:0a:b1:98:0b:f8:2d:7d:0d:db:f4:8a:0b:57:
de:85:75:bd:f9:bb:20:12:68:55:76:1c:a1:b5:00:
11:53:af:9c:10:dd:04:65:f1:e1:da:1a:67:fc:df:
c7:88:10:2b:4a:06:d0:35:5b:d5:b3:1c:be:b3:58:
c0:56:12:c0:0e:f4:a7:96:10:9a:4c:bf:2c:db:ac:
59:96:b4:07:94:de:23:b5:1f:39:7e:7a:36:62:7c:
66:48:82:45:5e:22:e1:f6:1e:63:57:b4:cf:fd:f6:
3f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D5:13:B4:6E:25:D0:D1:EC:F4:36:F2:DD:39:AA:37:02:ED:87:01
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/0NUTtG4l0NHs9Dby3TmqNwLthwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.112.0/21
212.107.224.0/20
Signature Algorithm: sha256WithRSAEncryption
05:d4:7c:bb:3b:1f:2b:93:d0:3f:11:52:6f:fe:0e:87:f2:44:
8c:32:0c:ae:7d:82:f3:a8:51:a7:65:47:21:61:07:2e:24:e4:
94:7c:cd:6e:f8:d0:73:28:44:d5:c8:69:af:e8:79:01:38:8b:
85:b4:2a:87:40:ad:8f:b6:bf:b6:0f:72:cc:7c:a2:3a:4b:d7:
53:af:48:a1:23:93:8e:86:45:65:08:03:d9:c8:18:9a:43:b3:
4e:1b:cd:42:16:6a:0e:49:e5:d5:b2:d3:8a:9e:17:8e:95:d2:
3f:0c:27:c3:00:dc:53:8b:75:f0:40:f3:9c:17:f9:22:14:40:
92:bf:3f:35:9c:0e:38:d3:71:1f:2a:a0:9f:10:f5:22:4f:15:
b0:bf:7e:b2:87:56:f0:44:36:4b:01:4f:fb:aa:c3:77:f4:3a:
74:11:c6:7a:5b:03:66:94:f3:e3:b7:c8:5e:9b:94:b2:11:38:
cf:62:b8:b2:4c:53:80:13:84:37:91:b0:32:45:3f:c6:b3:a6:
b8:85:72:b8:bf:ea:1c:db:6c:87:80:e2:71:c8:3b:34:8c:ee:
90:36:fa:75:9f:f2:2a:5c:5f:98:a2:de:91:1f:15:11:24:eb:
c7:d1:c5:ec:f9:ce:80:ac:e8:b3:2f:23:f3:9e:f3:74:a5:26:
a3:aa:29:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsE5IMUoUDUv77tcKFZFzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjMwMTAxMDY0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGQ1MTNiNDZlMjVkMGQxZWNmNDM2ZjJkZDM5YWEzNzAyZWQ4NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqLpybo2s4kq+0n1MQK33mNPH8hh
/MaFQT1+q4sXUbNAuUxfiHvMttgxCCvHGsKZZVztne+BaHf+NU6SpvBtq/1h5l+X
bljZ4FvL0RGvIaSk9bOlGzqicijYFW8msLl1mO46Gxu35wTL3XaQpJmKGzt1XmyA
ufUeBIkJc5jAZdBc0rPTJ4hW2FdXp47U4Q4mYrn/fh8AVQqxmAv4LX0N2/SKC1fe
hXW9+bsgEmhVdhyhtQARU6+cEN0EZfHh2hpn/N/HiBArSgbQNVvVsxy+s1jAVhLA
DvSnlhCaTL8s26xZlrQHlN4jtR85fno2YnxmSIJFXiLh9h5jV7TP/fY/xwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNDVE7RuJdDR7PQ28t05qjcC7YcBMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvME5VVHRHNGwwTkhzOURieTNUbXFOd0x0aHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX6pwAwQE
1GvgMA0GCSqGSIb3DQEBCwUAA4IBAQAF1Hy7Ox8rk9A/EVJv/g6H8kSMMgyufYLz
qFGnZUchYQcuJOSUfM1u+NBzKETVyGmv6HkBOIuFtCqHQK2Ptr+2D3LMfKI6S9dT
r0ihI5OOhkVlCAPZyBiaQ7NOG81CFmoOSeXVstOKnheOldI/DCfDANxTi3XwQPOc
F/kiFECSvz81nA4403EfKqCfEPUiTxWwv36yh1bwRDZLAU/7qsN39Dp0EcZ6WwNm
lPPjt8hem5SyETjPYriyTFOAE4Q3kbAyRT/Gs6a4hXK4v+oc22yHgOJxyDs0jO6Q
Nvp1n/IqXF+Yot6RHxURJOvH0cXs+c6ArOizLyPznvN0pSajqim/
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:20 2024 by rpki-client on console-fra.rpki-client.org