Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/1IcUyQo6td3ga8HCg2es7SnXfZY.roa
File: 1IcUyQo6td3ga8HCg2es7SnXfZY.roa (raw, json)
Hash identifier: 02FQu2fAEMK3gKTVPDZW64SHdSTVKHbsMPzeMno5Z6I=
Subject key identifier: D4:87:14:C9:0A:3A:B5:DD:E0:6B:C1:C2:83:67:AC:ED:29:D7:7D:96
Certificate issuer: /CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Certificate serial: 0188AF858C6283C3944B97B4D29934992BBE
Authority key identifier: F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/1IcUyQo6td3ga8HCg2es7SnXfZY.roa
Signing time: Mon 12 Jun 2023 12:12:24 +0000
ROA not before: Mon 12 Jun 2023 12:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47956
IP address blocks: 141.226.144.0/20 maxlen: 24
141.226.144.0/21 maxlen: 21
141.226.152.0/21 maxlen: 21
188.120.128.0/19 maxlen: 24
141.226.160.0/20 maxlen: 24
141.226.160.0/22 maxlen: 22
141.226.160.0/21 maxlen: 21
141.226.168.0/21 maxlen: 21
141.226.176.0/21 maxlen: 24
94.230.80.0/20 maxlen: 24
141.226.0.0/22 maxlen: 22
141.226.0.0/21 maxlen: 21
141.226.0.0/19 maxlen: 24
141.226.0.0/18 maxlen: 23
141.226.4.0/22 maxlen: 22
141.226.8.0/22 maxlen: 22
141.226.8.0/21 maxlen: 21
141.226.12.0/22 maxlen: 22
5.102.192.0/18 maxlen: 24
91.205.152.0/22 maxlen: 24
31.210.176.0/20 maxlen: 24
37.46.32.0/20 maxlen: 24
141.226.32.0/20 maxlen: 24
141.226.48.0/22 maxlen: 24
141.226.52.0/23 maxlen: 24
141.226.54.0/24 maxlen: 24
141.226.56.0/21 maxlen: 24
141.226.64.0/20 maxlen: 23
141.226.64.0/22 maxlen: 24
141.226.68.0/23 maxlen: 24
141.226.70.0/24 maxlen: 24
141.226.72.0/21 maxlen: 24
2a02:ed5::/32 maxlen: 32
2a02:ed0::/29 maxlen: 29
2a02:ed1::/32 maxlen: 32
2a02:ed2::/32 maxlen: 32
2a02:ed0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:85:8c:62:83:c3:94:4b:97:b4:d2:99:34:99:2b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c0aa7b3e3cbff88262add92b339e35051ce1a0
Validity
Not Before: Jun 12 12:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d48714c90a3ab5dde06bc1c28367aced29d77d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:df:f1:5e:76:86:cc:e4:3c:24:23:54:18:
f5:0c:92:38:47:bb:2e:c5:42:58:8e:d1:56:59:78:
3d:17:cc:65:78:0f:ed:5c:f5:8c:d6:2a:dd:fb:5c:
6b:ed:1f:8c:f8:fb:d3:1f:1a:83:6c:f7:e2:85:7e:
53:cd:18:60:f1:8e:6f:f2:51:b3:9c:89:c8:7e:bf:
2f:2a:4a:d2:6f:dd:63:f0:80:e0:ab:8d:c8:70:cf:
98:96:0b:0e:f1:67:2e:b9:20:e0:f2:87:70:87:81:
9e:8a:46:52:3c:4f:81:b3:c8:3b:90:c6:c2:5d:2e:
83:33:e3:a6:ca:e6:14:71:fa:11:6e:fc:3c:40:f1:
8d:bf:e5:de:34:00:3e:f7:7c:80:02:a6:c9:64:1f:
76:d6:8d:ac:51:54:5d:38:99:b3:8d:cb:b6:bf:97:
8a:d2:de:59:b6:d8:5c:e2:ec:77:49:9f:1b:d7:d9:
a2:36:62:c3:e4:88:e5:f9:f8:28:fa:ab:8c:94:3b:
81:5e:3f:ca:11:0f:75:3f:b8:64:3a:7c:0d:3c:b4:
cb:9b:bb:58:54:fc:7b:c7:8b:23:aa:32:b5:b1:f2:
e7:d0:8e:1e:68:0f:5b:04:4e:a8:a4:ca:ea:b9:30:
49:c8:7c:a2:d8:93:9b:fe:05:d9:00:5a:30:38:84:
81:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:87:14:C9:0A:3A:B5:DD:E0:6B:C1:C2:83:67:AC:ED:29:D7:7D:96
X509v3 Authority Key Identifier:
keyid:F4:C0:AA:7B:3E:3C:BF:F8:82:62:AD:D9:2B:33:9E:35:05:1C:E1:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MCqez48v_iCYq3ZKzOeNQUc4aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/1IcUyQo6td3ga8HCg2es7SnXfZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9e2b1a-163b-4854-961a-ea75ddf47b4a/1/9MCqez48v_iCYq3ZKzOeNQUc4aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.192.0/18
31.210.176.0/20
37.46.32.0/20
91.205.152.0/22
94.230.80.0/20
141.226.0.0-141.226.79.255
141.226.144.0-141.226.183.255
188.120.128.0/19
IPv6:
2a02:ed0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:8a:62:2d:c1:49:96:2f:18:af:a2:04:46:18:72:8a:b9:ad:
bf:c6:9d:ba:da:3e:6c:61:85:58:74:4c:98:9a:04:41:9f:cf:
13:82:5c:25:d3:de:7f:26:b9:77:8d:4a:ab:c5:8a:72:6a:78:
e1:98:44:b0:90:24:6b:eb:34:db:72:90:99:45:98:37:19:5d:
4e:ae:eb:de:c3:7f:fd:4d:d1:0a:dd:bf:9d:a9:3d:f7:4a:dd:
8c:f5:bb:6a:8b:a6:cd:4d:59:4e:1a:58:9f:9f:14:65:81:21:
12:34:9b:50:40:77:f9:fb:5e:b4:de:74:4b:c4:9d:5d:c3:9b:
73:27:b7:1e:50:58:21:56:5d:91:f2:98:fc:ac:b7:7c:7c:2e:
2e:d5:bb:d6:18:7f:24:20:31:b2:a6:c7:32:d2:29:fd:08:9e:
08:18:0b:3c:e6:da:69:ef:da:c1:c7:45:77:db:da:1b:08:37:
22:64:1a:b7:5a:52:ba:f4:d6:fa:98:8c:cb:6c:66:8c:ae:9f:
66:41:ac:ef:17:a8:2c:f8:0b:2e:02:c5:02:ec:76:eb:d6:57:
c7:7a:cf:be:d4:ed:04:5c:c0:91:8c:e1:d7:7d:45:46:a2:60:
f8:4d:c1:7f:77:da:ac:10:67:70:b9:88:24:10:2e:e7:5f:c9:
6d:d4:8b:57
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYivhYxig8OUS5e00pk0mSu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzBhYTdiM2UzY2JmZjg4MjYyYWRkOTJiMzM5ZTM1MDUx
Y2UxYTAwHhcNMjMwNjEyMTIxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg3MTRjOTBhM2FiNWRkZTA2YmMxYzI4MzY3YWNlZDI5ZDc3ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1nf8V52hszkPCQjVBj1DJI4R7su
xUJYjtFWWXg9F8xleA/tXPWM1ird+1xr7R+M+PvTHxqDbPfihX5TzRhg8Y5v8lGz
nInIfr8vKkrSb91j8IDgq43IcM+YlgsO8WcuuSDg8odwh4GeikZSPE+Bs8g7kMbC
XS6DM+OmyuYUcfoRbvw8QPGNv+XeNAA+93yAAqbJZB921o2sUVRdOJmzjcu2v5eK
0t5Ztthc4ux3SZ8b19miNmLD5Ijl+fgo+quMlDuBXj/KEQ91P7hkOnwNPLTLm7tY
VPx7x4sjqjK1sfLn0I4eaA9bBE6opMrquTBJyHyi2JOb/gXZAFowOISBzwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNSHFMkKOrXd4GvBwoNnrO0p132WMB8GA1UdIwQY
MBaAFPTAqns+PL/4gmKt2SsznjUFHOGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEt
ZWE3NWRkZjQ3YjRhLzEvMUljVXlRbzZ0ZDNnYThIQ2cyZXM3U25YZlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85ZTJiMWEtMTYzYi00ODU0LTk2MWEtZWE3NWRkZjQ3YjRh
LzEvOU1DcWV6NDh2X2lDWXEzWkt6T2VOUVVjNGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQGBWbAAwQE
H9KwAwQEJS4gAwQCW82YAwQEXuZQMAsDAwGN4gMEBI3iQDAMAwQEjeKQAwQDjeKw
AwQFvHiAMA0EAgACMAcDBQMqAg7QMA0GCSqGSIb3DQEBCwUAA4IBAQA+imItwUmW
LxivogRGGHKKua2/xp262j5sYYVYdEyYmgRBn88Tglwl095/Jrl3jUqrxYpyanjh
mESwkCRr6zTbcpCZRZg3GV1Oruvew3/9TdEK3b+dqT33St2M9btqi6bNTVlOGlif
nxRlgSESNJtQQHf5+1603nRLxJ1dw5tzJ7ceUFghVl2R8pj8rLd8fC4u1bvWGH8k
IDGypscy0in9CJ4IGAs85tpp79rBx0V329obCDciZBq3WlK69Nb6mIzLbGaMrp9m
QazvF6gs+AsuAsUC7Hbr1lfHes++1O0EXMCRjOHXfUVGomD4TcF/d9qsEGdwuYgk
EC7nX8lt1ItX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:50 2023 by rpki-client on console-fra.rpki-client.org