Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/ctvgIZ__QZoJVeD2I9yZbkDwqNg.roa
File: ctvgIZ__QZoJVeD2I9yZbkDwqNg.roa (raw, json)
Hash identifier: LtUUqfWEMDheA2OssFRltfvJC8ZGujXTQmkgFkjB1b8=
Subject key identifier: 72:DB:E0:21:9F:FF:41:9A:09:55:E0:F6:23:DC:99:6E:40:F0:A8:D8
Certificate issuer: /CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Certificate serial: 0185718C2D8A89D6EFF821C59B628D84E51F
Authority key identifier: EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/ctvgIZ__QZoJVeD2I9yZbkDwqNg.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15954
IP address blocks: 37.247.120.0/21 maxlen: 21
91.216.219.0/24 maxlen: 24
185.49.184.0/22 maxlen: 22
217.18.32.0/20 maxlen: 20
31.24.120.0/21 maxlen: 21
194.176.119.0/24 maxlen: 24
185.203.224.0/22 maxlen: 22
185.57.196.0/22 maxlen: 22
31.47.72.0/21 maxlen: 21
2a02:2810::/32 maxlen: 32
2a01:a940::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2d:8a:89:d6:ef:f8:21:c5:9b:62:8d:84:e5:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72dbe0219fff419a0955e0f623dc996e40f0a8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f9:14:79:3d:7a:07:0b:e3:4d:88:ee:e8:74:
4c:63:20:6f:7b:60:89:34:4d:37:0c:97:35:f8:6b:
2d:58:36:db:52:d9:cc:9a:76:52:c0:5a:f5:e6:5d:
5a:d2:de:7b:66:50:6e:a8:54:c8:af:4e:da:a1:42:
92:2f:d0:0a:8b:e1:4d:8c:3f:33:3b:ca:f9:50:f1:
6b:04:53:8f:8d:59:17:3d:46:3e:6c:7b:c6:71:d1:
6e:9a:3b:a8:3d:a8:fb:8f:80:df:82:f9:f3:68:6d:
05:bf:22:cb:be:fc:c8:96:67:eb:4d:b7:09:8f:83:
f6:42:5a:1e:c0:be:52:61:81:0c:79:d5:1d:a6:3f:
12:d4:bf:f3:ae:8d:f1:1e:06:0e:3f:37:da:a1:15:
10:15:e0:4e:cf:48:67:c4:9b:fb:8f:b3:b1:46:77:
8c:f0:a4:bb:6b:d2:c6:a9:dc:f5:c4:66:09:8f:45:
d1:0d:65:b6:81:d3:bb:b7:e5:f6:9e:22:2f:05:f7:
66:45:ab:5a:3e:53:17:0f:bc:fe:09:d8:e8:86:67:
a5:fa:d7:fb:f6:09:5f:cb:36:7c:90:34:6f:83:e9:
fd:55:df:a0:f3:fb:4b:5f:c4:1a:36:f1:27:c0:0a:
3f:8c:ce:3b:1b:e1:12:4b:34:4a:ac:36:77:6b:be:
a5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DB:E0:21:9F:FF:41:9A:09:55:E0:F6:23:DC:99:6E:40:F0:A8:D8
X509v3 Authority Key Identifier:
keyid:EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/ctvgIZ__QZoJVeD2I9yZbkDwqNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.120.0/21
31.47.72.0/21
37.247.120.0/21
91.216.219.0/24
185.49.184.0/22
185.57.196.0/22
185.203.224.0/22
194.176.119.0/24
217.18.32.0/20
IPv6:
2a01:a940::/32
2a02:2810::/32
Signature Algorithm: sha256WithRSAEncryption
4c:c1:0e:2d:43:53:b8:e1:20:d4:84:cc:a2:f5:57:83:5d:bb:
97:ef:b5:0b:63:ff:80:15:f4:f1:e8:31:67:4e:0c:b9:92:43:
1f:66:66:21:43:e5:a3:ef:87:33:a6:90:d5:7e:bb:b7:57:5c:
50:35:a9:97:c6:f0:d4:4e:02:ac:b4:4f:ca:1a:48:12:39:14:
c2:d4:4d:7a:f0:1a:c6:b5:37:ab:88:19:bd:18:a4:cf:b0:0f:
ba:04:6d:d5:91:b6:56:02:ae:72:78:6c:fb:a1:03:df:8f:f1:
81:1c:18:03:fd:b0:04:ba:62:7a:70:f2:c9:96:14:d5:20:99:
24:5c:f2:45:ec:96:2f:92:36:53:e6:a1:5e:20:cd:94:8c:80:
3a:35:95:6d:fd:4f:54:32:72:50:e6:59:4c:2c:b6:a3:c5:a9:
fb:58:70:dd:d8:bd:8d:2b:df:58:5e:9a:f4:24:ad:cb:9b:18:
03:b3:11:74:8e:e3:f6:d1:7c:b9:03:a1:84:82:ff:13:04:69:
64:5d:05:3b:ac:5c:85:bd:e2:76:66:4e:6e:79:e5:1f:28:29:
41:e1:2d:f6:e9:ce:4c:df:33:a4:2c:c3:1f:b6:25:8c:05:e0:
a2:4c:1e:ae:5e:6d:b6:cd:ba:08:9a:45:b6:70:57:96:4b:38:
b8:b0:cd:48
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVxjC2Kidbv+CHFm2KNhOUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGY3ODk0NzM0MWNlNTU4ODhiN2ViZjM2OTAxNDNiMGNi
ZmYzZDYwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRiZTAyMTlmZmY0MTlhMDk1NWUwZjYyM2RjOTk2ZTQwZjBhOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPkUeT16BwvjTYju6HRMYyBve2CJ
NE03DJc1+GstWDbbUtnMmnZSwFr15l1a0t57ZlBuqFTIr07aoUKSL9AKi+FNjD8z
O8r5UPFrBFOPjVkXPUY+bHvGcdFumjuoPaj7j4DfgvnzaG0FvyLLvvzIlmfrTbcJ
j4P2QloewL5SYYEMedUdpj8S1L/zro3xHgYOPzfaoRUQFeBOz0hnxJv7j7OxRneM
8KS7a9LGqdz1xGYJj0XRDWW2gdO7t+X2niIvBfdmRataPlMXD7z+Cdjohmel+tf7
9glfyzZ8kDRvg+n9Vd+g8/tLX8QaNvEnwAo/jM47G+ESSzRKrDZ3a76lbwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFHLb4CGf/0GaCVXg9iPcmW5A8KjYMB8GA1UdIwQY
MBaAFO9PeJRzQc5ViIt+vzaQFDsMv/PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAt
OWJhYTY2Y2ExNDA0LzEvY3R2Z0laX19RWm9KVmVEMkk5eVpia0R3cU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAtOWJhYTY2Y2ExNDA0
LzEvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDHxh4AwQD
Hy9IAwQDJfd4AwQAW9jbAwQCuTG4AwQCuTnEAwQCucvgAwQAwrB3AwQE2RIgMBQE
AgACMA4DBQAqAalAAwUAKgIoEDANBgkqhkiG9w0BAQsFAAOCAQEATMEOLUNTuOEg
1ITMovVXg127l++1C2P/gBX08egxZ04MuZJDH2ZmIUPlo++HM6aQ1X67t1dcUDWp
l8bw1E4CrLRPyhpIEjkUwtRNevAaxrU3q4gZvRikz7APugRt1ZG2VgKucnhs+6ED
34/xgRwYA/2wBLpienDyyZYU1SCZJFzyReyWL5I2U+ahXiDNlIyAOjWVbf1PVDJy
UOZZTCy2o8Wp+1hw3di9jSvfWF6a9CSty5sYA7MRdI7j9tF8uQOhhIL/EwRpZF0F
O6xchb3idmZObnnlHygpQeEt9unOTN8zpCzDH7YljAXgokwerl5tts26CJpFtnBX
lks4uLDNSA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:16 2023 by rpki-client on console-fra.rpki-client.org