Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/rwepXnwknA70nDZK4mUtKwfoNjM.roa
File: rwepXnwknA70nDZK4mUtKwfoNjM.roa (raw, json)
Hash identifier: 4Af/5aPIAICpb2rzq5/MHGK/PHsgFP7fCCVpFmlFe/w=
Subject key identifier: AF:07:A9:5E:7C:24:9C:0E:F4:9C:36:4A:E2:65:2D:2B:07:E8:36:33
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 0189654A8ED749C82F91D9289E98306146CD
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/rwepXnwknA70nDZK4mUtKwfoNjM.roa
Signing time: Mon 17 Jul 2023 19:18:52 +0000
ROA not before: Mon 17 Jul 2023 19:18:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 193.201.127.0/24 maxlen: 24
193.160.218.0/24 maxlen: 24
193.160.217.0/24 maxlen: 24
193.160.216.0/24 maxlen: 24
45.144.0.0/24 maxlen: 24
45.138.156.0/24 maxlen: 24
45.138.159.0/24 maxlen: 24
45.150.112.0/24 maxlen: 24
185.128.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:4a:8e:d7:49:c8:2f:91:d9:28:9e:98:30:61:46:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Jul 17 19:18:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af07a95e7c249c0ef49c364ae2652d2b07e83633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:72:f3:06:dd:9c:8c:28:2e:5e:a4:3b:45:2c:
77:cd:dc:5d:04:80:c2:10:39:1a:53:81:c9:7e:4d:
35:f0:c7:11:3c:82:e5:c1:83:ba:ac:e8:ad:3b:7a:
7b:a2:3a:35:9c:07:b3:c3:50:eb:eb:99:76:b0:cc:
75:05:8a:30:e0:8b:61:2e:7f:b7:58:da:b6:16:1e:
05:af:ac:6f:72:83:21:11:0d:73:5b:50:4d:5b:23:
f7:8a:9a:8e:cb:4c:be:7d:c7:f5:bf:90:f2:40:4d:
06:a1:72:7c:7b:39:ef:4e:74:b8:7f:f8:8f:f0:89:
9d:ec:b5:15:25:a1:f9:e3:d9:76:36:9a:75:cb:76:
98:b5:14:b0:e4:69:c9:bf:f4:0b:f5:a0:d1:d6:6f:
bd:1f:6f:7e:44:a8:61:88:b9:71:78:09:1f:ba:72:
42:00:ed:4a:78:cd:16:0f:55:9d:b5:4f:87:7a:c8:
5d:84:5d:54:d4:b8:42:6d:95:b2:c3:a4:3e:95:93:
83:35:75:59:12:0a:b2:69:01:e1:cc:4e:18:3e:49:
81:14:52:00:69:3d:99:37:43:f2:d9:28:04:e6:12:
61:70:04:08:3e:58:af:fb:41:34:46:ae:73:0c:1f:
34:a8:30:de:77:29:7d:bb:68:ac:be:b4:92:af:2a:
48:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:07:A9:5E:7C:24:9C:0E:F4:9C:36:4A:E2:65:2D:2B:07:E8:36:33
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/rwepXnwknA70nDZK4mUtKwfoNjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.156.0/24
45.138.159.0/24
45.144.0.0/24
45.150.112.0/24
185.128.41.0/24
193.160.216.0-193.160.218.255
193.201.127.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c8:f0:e6:62:63:af:a7:0f:80:e2:a8:4f:02:49:a4:15:fe:
a6:34:1a:66:c1:57:a1:09:b8:6f:14:41:77:ec:b4:82:1f:8d:
03:20:5b:92:52:c7:1a:8d:e9:89:ab:aa:45:87:85:d5:5d:13:
08:37:4a:df:ff:59:ba:7c:4a:ab:34:0f:40:3d:dc:fd:4e:53:
34:07:17:cf:58:50:89:b7:f9:42:93:00:d3:fe:11:d8:16:82:
2b:be:d6:33:e3:06:ff:74:b8:01:8c:aa:f8:9b:bc:82:29:29:
b4:1e:09:cc:71:0e:68:84:63:b4:6f:4a:7a:62:aa:76:d4:48:
02:e6:8a:93:58:5c:10:56:9a:50:10:b3:10:87:e1:a9:ca:34:
a1:23:8c:56:57:07:85:3f:f8:68:b1:83:27:76:c3:ab:bd:bb:
27:34:14:d9:5e:d5:6c:b1:7c:0a:26:99:a6:ed:32:fe:f9:ea:
b6:13:f0:95:4a:fd:5f:aa:7f:b6:34:96:54:a9:2a:56:e8:55:
98:09:ef:87:74:f7:71:b7:7e:ca:c7:84:ae:98:2b:96:9f:e1:
44:be:26:2b:10:40:94:17:42:6b:40:06:1e:ff:b9:ba:d6:a2:
dc:18:6b:f3:fa:7b:a1:38:68:6b:e3:80:12:5d:c2:a7:ce:e4:
16:ec:ef:6c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYllSo7XScgvkdkonpgwYUbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjMwNzE3MTkxODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA3YTk1ZTdjMjQ5YzBlZjQ5YzM2NGFlMjY1MmQyYjA3ZTgzNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHLzBt2cjCguXqQ7RSx3zdxdBIDC
EDkaU4HJfk018McRPILlwYO6rOitO3p7ojo1nAezw1Dr65l2sMx1BYow4IthLn+3
WNq2Fh4Fr6xvcoMhEQ1zW1BNWyP3ipqOy0y+fcf1v5DyQE0GoXJ8eznvTnS4f/iP
8Imd7LUVJaH549l2Npp1y3aYtRSw5GnJv/QL9aDR1m+9H29+RKhhiLlxeAkfunJC
AO1KeM0WD1WdtU+HeshdhF1U1LhCbZWyw6Q+lZODNXVZEgqyaQHhzE4YPkmBFFIA
aT2ZN0Py2SgE5hJhcAQIPliv+0E0Rq5zDB80qDDedyl9u2isvrSSrypIVwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFK8HqV58JJwO9Jw2SuJlLSsH6DYzMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvcndlcFhud2tuQTcwbkRaSzRtVXRLd2ZvTmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALYqcAwQA
LYqfAwQALZAAAwQALZZwAwQAuYApMAwDBAPBoNgDBADBoNoDBADByX8wDQYJKoZI
hvcNAQELBQADggEBAHjI8OZiY6+nD4DiqE8CSaQV/qY0GmbBV6EJuG8UQXfstIIf
jQMgW5JSxxqN6YmrqkWHhdVdEwg3St//Wbp8Sqs0D0A93P1OUzQHF89YUIm3+UKT
ANP+EdgWgiu+1jPjBv90uAGMqvibvIIpKbQeCcxxDmiEY7RvSnpiqnbUSALmipNY
XBBWmlAQsxCH4anKNKEjjFZXB4U/+Gixgyd2w6u9uyc0FNle1WyxfAommabtMv75
6rYT8JVK/V+qf7Y0llSpKlboVZgJ74d093G3fsrHhK6YK5af4US+JisQQJQXQmtA
Bh7/ubrWotwYa/P6e6E4aGvjgBJdwqfO5Bbs72w=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:50 2024 by rpki-client on console-fra.rpki-client.org