Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/deNMH47WXSwjNoUT13xsfaRK2cA.roa
File: deNMH47WXSwjNoUT13xsfaRK2cA.roa (raw, json)
Hash identifier: CVYU+7qzAYW8H4km1axB+T6UpR7rbFYVx8XP3z4keNM=
Subject key identifier: 75:E3:4C:1F:8E:D6:5D:2C:23:36:85:13:D7:7C:6C:7D:A4:4A:D9:C0
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 01881EBEEFCFEE25C1935934A05B52007E0E
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/deNMH47WXSwjNoUT13xsfaRK2cA.roa
Signing time: Mon 15 May 2023 09:30:09 +0000
ROA not before: Mon 15 May 2023 09:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42354
IP address blocks: 94.16.23.0/24 maxlen: 24
94.16.27.0/24 maxlen: 32
185.228.148.184/29 maxlen: 32
185.228.148.84/32 maxlen: 32
185.228.149.112/28 maxlen: 32
144.208.213.140/32 maxlen: 32
185.228.150.176/29 maxlen: 32
144.208.213.143/32 maxlen: 32
2a00:11c0:62::/48 maxlen: 128
2a00:11c0:3d::/48 maxlen: 48
2a00:11c0:82:359:217:146:20:72/128 maxlen: 128
2a00:11c0:4b::/48 maxlen: 48
2a00:11c0:e:ffff:1::7/128 maxlen: 128
2a00:11c0:e:ffff:1::6/128 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:be:ef:cf:ee:25:c1:93:59:34:a0:5b:52:00:7e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: May 15 09:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75e34c1f8ed65d2c23368513d77c6c7da44ad9c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8f:c0:c5:24:00:ce:36:a2:9d:2a:51:95:dc:
7a:32:ee:77:2f:8b:86:8f:f5:ac:50:7f:98:0f:42:
b6:7d:69:71:5e:c2:10:05:fe:21:45:69:4c:34:2f:
59:88:33:4e:40:57:84:1c:46:dc:9d:a3:2c:9f:46:
07:57:12:a1:81:91:d1:c1:47:45:41:1e:03:38:53:
ef:a5:91:4c:10:b5:5a:88:44:32:94:08:ef:83:d4:
f7:42:39:0f:7e:50:e4:23:b1:13:5b:07:32:35:5b:
36:af:f3:11:b2:7c:cd:90:ec:bc:94:f3:1d:eb:ac:
74:54:e4:05:58:cb:52:f1:28:ff:8b:68:39:e4:6c:
a0:63:6a:d0:e5:09:51:9d:ff:f5:75:87:52:bb:ba:
df:67:b4:5d:b0:84:f8:fc:45:bc:55:b7:a4:11:db:
2c:a8:ae:69:a2:68:d9:0b:cf:97:5c:73:ef:13:14:
4c:c7:d0:19:a9:e1:0c:9b:c3:4e:16:12:25:9a:48:
90:e9:54:a1:43:ae:95:1a:8a:31:fc:ba:8c:b7:15:
95:df:9d:7c:a6:8e:b2:16:b4:65:72:a4:c4:04:33:
40:c0:44:1b:53:6b:79:5d:ce:72:a0:5f:a7:33:6c:
8a:29:71:e6:e0:04:aa:51:30:7b:75:59:00:d5:d3:
c6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E3:4C:1F:8E:D6:5D:2C:23:36:85:13:D7:7C:6C:7D:A4:4A:D9:C0
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/deNMH47WXSwjNoUT13xsfaRK2cA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.23.0/24
94.16.27.0/24
144.208.213.140/32
144.208.213.143/32
185.228.148.84/32
185.228.148.184/29
185.228.149.112/28
185.228.150.176/29
IPv6:
2a00:11c0:e:ffff:1:0:0:6/127
2a00:11c0:3d::/48
2a00:11c0:4b::/48
2a00:11c0:62::/48
2a00:11c0:82:359:217:146:20:72/128
Signature Algorithm: sha256WithRSAEncryption
49:2e:0e:3a:86:f6:1b:c4:91:2f:08:84:d6:ce:42:4b:06:a3:
c9:e4:7f:d7:61:df:57:01:cf:2e:38:82:58:f5:78:92:32:08:
62:38:7b:b4:a3:58:86:b9:a9:0c:1c:c6:6f:4e:68:0e:1c:da:
c2:e8:91:5c:5e:51:bd:f6:22:3f:b1:6e:27:50:6c:ef:72:73:
a9:3b:1c:f8:02:9a:35:3f:53:a1:14:29:e1:aa:c7:03:a9:21:
38:02:82:82:f3:a8:b2:d7:f9:e3:04:9a:d4:25:89:c8:de:b8:
b9:80:6c:b5:6f:4a:aa:d9:70:32:e1:eb:a8:a9:17:e9:6b:d7:
fd:73:4b:6c:ca:5c:5d:0a:fc:e6:f8:d1:7e:f9:4a:35:88:7f:
6e:36:f2:ef:8e:2a:fc:ce:ba:4e:c6:02:cd:45:4e:03:0d:9b:
15:1f:48:38:54:c0:d4:f4:47:13:8f:33:72:37:c9:c7:fa:31:
a0:47:29:72:7d:bb:fe:14:e3:9b:4c:c2:7a:01:13:29:89:87:
e3:a3:20:a2:4e:c0:fd:42:01:b6:9a:f5:34:0a:7e:bb:f3:84:
2e:7d:b2:e2:64:c0:94:27:9e:a6:e2:bf:74:b4:e0:bb:0e:b4:
df:9a:b3:6d:84:fb:0c:03:64:ea:fd:74:db:6b:ac:c2:33:33:
50:d9:ab:9b
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYgevu/P7iXBk1k0oFtSAH4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwNTE1MDkzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWUzNGMxZjhlZDY1ZDJjMjMzNjg1MTNkNzdjNmM3ZGE0NGFkOWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI/AxSQAzjainSpRldx6Mu53L4uG
j/WsUH+YD0K2fWlxXsIQBf4hRWlMNC9ZiDNOQFeEHEbcnaMsn0YHVxKhgZHRwUdF
QR4DOFPvpZFMELVaiEQylAjvg9T3QjkPflDkI7ETWwcyNVs2r/MRsnzNkOy8lPMd
66x0VOQFWMtS8Sj/i2g55GygY2rQ5QlRnf/1dYdSu7rfZ7RdsIT4/EW8VbekEdss
qK5pomjZC8+XXHPvExRMx9AZqeEMm8NOFhIlmkiQ6VShQ66VGoox/LqMtxWV3518
po6yFrRlcqTEBDNAwEQbU2t5Xc5yoF+nM2yKKXHm4ASqUTB7dVkA1dPGLwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHXjTB+O1l0sIzaFE9d8bH2kStnAMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvZGVOTUg0N1dYU3dqTm9VVDEzeHNmYVJLMmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzA8BAIAATA2AwQAXhAX
AwQAXhAbAwUAkNDVjAMFAJDQ1Y8DBQC55JRUAwUDueSUuAMFBLnklXADBQO55Jaw
MEcEAgACMEEDEQEqABHAAA7//wABAAAAAAAGAwcAKgARwAA9AwcAKgARwABLAwcA
KgARwABiAxEAKgARwACCA1kCFwFGACAAcjANBgkqhkiG9w0BAQsFAAOCAQEASS4O
Oob2G8SRLwiE1s5CSwajyeR/12HfVwHPLjiCWPV4kjIIYjh7tKNYhrmpDBzGb05o
DhzawuiRXF5RvfYiP7FuJ1Bs73JzqTsc+AKaNT9ToRQp4arHA6khOAKCgvOostf5
4wSa1CWJyN64uYBstW9KqtlwMuHrqKkX6WvX/XNLbMpcXQr85vjRfvlKNYh/bjby
744q/M66TsYCzUVOAw2bFR9IOFTA1PRHE48zcjfJx/oxoEcpcn27/hTjm0zCegET
KYmH46Mgok7A/UIBtpr1NAp+u/OELn2y4mTAlCeepuK/dLTguw6035qzbYT7DANk
6v1022uswjMzUNmrmw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:33 2024 by rpki-client on console-ams.rpki-client.org