Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/jVlY1Nts8n5igrTp7oeU39YM5iE.roa
File: jVlY1Nts8n5igrTp7oeU39YM5iE.roa (raw, json)
Hash identifier: 5CrvLX7LTOfBsLLYZVikUX7UMtoFFXDxR2/TpJLm8CM=
Subject key identifier: 8D:59:58:D4:DB:6C:F2:7E:62:82:B4:E9:EE:87:94:DF:D6:0C:E6:21
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 018A6FD12DC37194D91D4881E0BCB7340868
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/jVlY1Nts8n5igrTp7oeU39YM5iE.roa
Signing time: Thu 07 Sep 2023 13:24:54 +0000
ROA not before: Thu 07 Sep 2023 13:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 146.60.0.0/16 maxlen: 24
213.23.0.0/16 maxlen: 24
82.82.0.0/20 maxlen: 20
212.144.0.0/16 maxlen: 24
92.72.0.0/13 maxlen: 24
195.50.128.0/18 maxlen: 18
176.94.0.0/17 maxlen: 24
85.238.224.0/19 maxlen: 19
145.254.0.0/16 maxlen: 24
145.253.0.0/20 maxlen: 20
145.253.0.0/16 maxlen: 16
195.158.128.0/19 maxlen: 19
176.94.128.0/17 maxlen: 24
84.56.0.0/13 maxlen: 24
94.216.0.0/13 maxlen: 24
193.25.240.0/22 maxlen: 22
193.25.244.0/23 maxlen: 23
176.95.0.0/16 maxlen: 24
193.25.247.0/24 maxlen: 24
185.2.132.0/22 maxlen: 22
188.96.0.0/12 maxlen: 24
88.64.0.0/12 maxlen: 24
178.0.0.0/12 maxlen: 22
92.216.0.0/14 maxlen: 24
2a00:20::/32 maxlen: 42
2a00::/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:d1:2d:c3:71:94:d9:1d:48:81:e0:bc:b7:34:08:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Sep 7 13:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d5958d4db6cf27e6282b4e9ee8794dfd60ce621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:97:69:b7:77:dc:8f:9e:3b:27:db:88:13:5a:
ce:2b:57:e0:75:17:ce:e1:c4:e5:f5:49:6e:21:05:
72:a6:cc:d3:7e:6e:d8:b2:9a:5b:b8:7a:4d:25:30:
57:12:7b:a5:b2:44:e9:83:36:ba:b3:2a:07:20:10:
7e:75:64:1b:72:89:23:52:d7:45:bf:50:af:64:af:
ce:ed:ed:42:c7:06:41:f6:b8:0a:c6:80:5b:b5:c5:
0e:3c:e6:a5:a2:b6:e7:bd:4c:6f:c1:96:36:4f:52:
ee:d1:01:fe:08:ac:02:8a:ac:eb:ef:17:92:d9:d5:
08:db:38:8a:17:4e:9a:ba:81:74:02:44:be:cb:b0:
82:d4:bf:14:42:bf:c0:f0:48:35:98:f4:9a:8a:36:
c9:ea:5c:76:39:32:d8:66:83:64:58:e9:48:b0:b3:
ce:5e:51:8d:ba:1a:14:b8:1e:c9:8c:5f:0a:53:d7:
aa:0c:8e:be:5c:3a:6d:b1:d9:44:23:49:13:ae:00:
2e:e4:55:0c:86:d3:ed:dc:bf:3b:45:95:74:c2:9c:
8c:52:b3:fd:6f:bc:19:04:5b:c9:87:f3:dc:9e:50:
49:8f:09:27:9c:db:91:68:cf:50:0a:43:8e:ef:4d:
29:b0:53:ca:0f:86:ea:78:5a:e4:8c:e0:ab:07:07:
d9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:59:58:D4:DB:6C:F2:7E:62:82:B4:E9:EE:87:94:DF:D6:0C:E6:21
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/jVlY1Nts8n5igrTp7oeU39YM5iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.82.0.0/20
84.56.0.0/13
85.238.224.0/19
88.64.0.0/12
92.72.0.0/13
92.216.0.0/14
94.216.0.0/13
145.253.0.0-145.254.255.255
146.60.0.0/16
176.94.0.0/15
178.0.0.0/12
185.2.132.0/22
188.96.0.0/12
193.25.240.0-193.25.245.255
193.25.247.0/24
195.50.128.0/18
195.158.128.0/19
212.144.0.0/16
213.23.0.0/16
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
53:7d:9e:24:e0:88:07:f3:db:48:40:fc:69:81:c2:fb:d5:4f:
53:ae:e1:b7:b8:10:0f:e5:44:78:21:2b:e4:ba:61:cc:37:27:
1c:8b:a7:d1:1c:f9:fe:0a:b6:9a:0b:db:e3:c0:6c:75:51:65:
cc:9a:7b:48:e6:a0:be:97:2e:7c:44:23:e1:81:8d:dd:b6:f9:
a0:b7:f4:35:5c:1e:e5:24:41:cd:37:74:dd:28:18:02:df:da:
9e:89:58:77:74:c5:dd:5a:06:6c:ca:b0:b0:80:9e:5b:f8:a1:
24:98:de:92:40:30:9a:71:0b:1a:c6:30:1b:db:1b:fc:2a:42:
64:33:19:53:41:5d:21:af:48:cc:cf:05:51:90:6e:d4:78:54:
fb:08:52:1b:98:83:46:ce:67:f2:a0:20:29:6e:82:70:e4:9e:
c7:ed:bf:4e:30:73:19:53:25:fa:f7:69:49:59:52:ca:f9:a9:
a3:d6:e0:91:72:53:9c:24:1f:86:45:6b:14:78:34:6d:20:e9:
9f:f3:10:9a:5f:fc:b3:5c:87:71:1f:7c:04:f9:c9:07:f2:91:
84:7f:78:d1:e8:06:51:b6:45:1b:57:39:6c:c3:75:af:b4:c0:
71:cc:2c:e0:bd:70:99:41:10:60:2a:9d:f3:b0:63:79:be:c2:
88:c6:9d:f6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYpv0S3DcZTZHUiB4Ly3NAhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjMwOTA3MTMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDU5NThkNGRiNmNmMjdlNjI4MmI0ZTllZTg3OTRkZmQ2MGNlNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJdpt3fcj547J9uIE1rOK1fgdRfO
4cTl9UluIQVypszTfm7YsppbuHpNJTBXEnulskTpgza6syoHIBB+dWQbcokjUtdF
v1CvZK/O7e1CxwZB9rgKxoBbtcUOPOalorbnvUxvwZY2T1Lu0QH+CKwCiqzr7xeS
2dUI2ziKF06auoF0AkS+y7CC1L8UQr/A8Eg1mPSaijbJ6lx2OTLYZoNkWOlIsLPO
XlGNuhoUuB7JjF8KU9eqDI6+XDptsdlEI0kTrgAu5FUMhtPt3L87RZV0wpyMUrP9
b7wZBFvJh/PcnlBJjwknnNuRaM9QCkOO700psFPKD4bqeFrkjOCrBwfZLwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFI1ZWNTbbPJ+YoK06e6HlN/WDOYhMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvalZsWTFOdHM4bjVpZ3JUcDdvZVUzOVlNNWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB7BAIAATB1AwQEUlIA
AwMDVDgDBAVV7uADAwRYQAMDA1xIAwMCXNgDAwNe2DAKAwMAkf0DAwCR/gMDAJI8
AwMBsF4DAwSyAAMEArkChAMDBLxgMAwDBATBGfADBAHBGfQDBADBGfcDBAbDMoAD
BAXDnoADAwDUkAMDANUXMAwEAgACMAYDBAIqAAAwDQYJKoZIhvcNAQELBQADggEB
AFN9niTgiAfz20hA/GmBwvvVT1Ou4be4EA/lRHghK+S6Ycw3JxyLp9Ec+f4KtpoL
2+PAbHVRZcyae0jmoL6XLnxEI+GBjd22+aC39DVcHuUkQc03dN0oGALf2p6JWHd0
xd1aBmzKsLCAnlv4oSSY3pJAMJpxCxrGMBvbG/wqQmQzGVNBXSGvSMzPBVGQbtR4
VPsIUhuYg0bOZ/KgIClugnDknsftv04wcxlTJfr3aUlZUsr5qaPW4JFyU5wkH4ZF
axR4NG0g6Z/zEJpf/LNch3EffAT5yQfykYR/eNHoBlG2RRtXOWzDda+0wHHMLOC9
cJlBEGAqnfOwY3m+wojGnfY=
-----END CERTIFICATE-----
Generated at Fri Sep 8 09:06:13 2023 by rpki-client on console-fra.rpki-client.org