Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/E1R7drgLQA30s7byEuNNb3gKq4E.roa
File: E1R7drgLQA30s7byEuNNb3gKq4E.roa (raw, json)
Hash identifier: H98M43VppiWnRIbGBSGZV204R7TrbKu7bpDEEFZ/D60=
Subject key identifier: 13:54:7B:76:B8:0B:40:0D:F4:B3:B6:F2:12:E3:4D:6F:78:0A:AB:81
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 01856B9361DB897321B5A927A6ACA8592531
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/E1R7drgLQA30s7byEuNNb3gKq4E.roa
Signing time: Sun 01 Jan 2023 04:24:58 +0000
ROA not before: Sun 01 Jan 2023 04:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 193.56.168.0/22 maxlen: 24
91.92.18.0/23 maxlen: 24
45.152.184.0/22 maxlen: 24
45.129.48.0/22 maxlen: 24
185.107.84.0/22 maxlen: 24
185.61.144.0/22 maxlen: 24
109.70.16.0/21 maxlen: 24
45.11.148.0/22 maxlen: 24
45.85.176.0/22 maxlen: 24
80.240.176.0/20 maxlen: 24
185.163.60.0/22 maxlen: 24
185.203.180.0/22 maxlen: 24
45.90.224.0/22 maxlen: 24
5.252.60.0/22 maxlen: 24
188.92.64.0/21 maxlen: 24
5.252.88.0/22 maxlen: 24
45.65.104.0/21 maxlen: 24
185.13.180.0/22 maxlen: 24
95.214.44.0/22 maxlen: 24
2.59.68.0/22 maxlen: 24
2.59.72.0/22 maxlen: 24
193.8.116.0/22 maxlen: 24
185.229.176.0/22 maxlen: 24
128.127.16.0/21 maxlen: 24
185.189.20.0/22 maxlen: 24
185.253.36.0/22 maxlen: 24
212.104.240.0/20 maxlen: 24
185.128.140.0/22 maxlen: 24
194.182.112.0/20 maxlen: 24
2a06:4280::/29 maxlen: 48
2a02:cfc0::/29 maxlen: 48
2a02:79e0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:61:db:89:73:21:b5:a9:27:a6:ac:a8:59:25:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Jan 1 04:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13547b76b80b400df4b3b6f212e34d6f780aab81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:48:fb:71:89:fd:76:44:95:d5:dd:55:ca:09:
3c:5d:34:03:ab:f3:9e:df:09:bb:32:00:79:bf:ee:
27:f1:88:8f:0e:9e:a8:76:35:52:f9:a4:50:98:82:
c3:50:a9:4f:86:5e:71:11:64:c2:2f:3a:31:d1:74:
e7:85:16:07:c4:f5:ef:3a:3b:ce:63:df:d1:c7:05:
dd:2a:92:ce:e8:1f:ed:f7:c8:38:7d:8c:fb:63:3a:
72:62:2c:9a:f0:2d:6e:bf:dc:9d:37:86:4b:10:36:
c3:a9:99:7d:2b:9e:f2:99:c4:92:9d:2b:4e:02:7f:
a0:55:49:6f:e0:e9:45:c5:f6:d5:a2:80:8b:16:e5:
ed:74:61:99:e9:76:12:fe:7a:e1:25:bf:fb:ac:e9:
5c:0c:a7:0c:c0:f4:a4:f5:d6:b4:52:93:c9:0e:74:
33:8f:69:2c:39:37:5b:00:d1:57:48:76:49:56:b1:
cb:13:f1:f4:9d:16:04:94:20:81:43:96:d5:e1:2b:
85:e7:5d:5a:56:0e:d5:e2:14:88:44:6d:48:8f:42:
5f:b2:c1:61:75:40:7a:8a:22:f3:1b:a4:52:ff:54:
38:01:f1:e6:fb:1e:55:26:56:0c:0a:1b:e7:56:f1:
68:6a:21:04:90:21:33:8f:c2:ec:72:a2:4d:2b:af:
2e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:54:7B:76:B8:0B:40:0D:F4:B3:B6:F2:12:E3:4D:6F:78:0A:AB:81
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/E1R7drgLQA30s7byEuNNb3gKq4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.65.104.0/21
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/20
91.92.18.0/23
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.189.20.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
55:a4:bd:66:3d:66:9b:f8:db:32:e1:66:60:a2:b5:0e:98:ae:
66:f9:25:ed:93:9c:3c:2f:ef:a4:cd:7f:e2:26:3e:48:dd:ab:
57:b7:38:c7:8d:f7:6f:a0:a2:ca:71:5b:59:56:bb:fc:33:dc:
8a:5e:2a:bb:52:35:b9:03:be:89:c2:41:6e:01:8b:ce:3e:76:
35:9f:bd:12:6e:49:59:aa:71:a4:74:10:6d:d8:49:ee:a5:f1:
4f:60:df:c9:1c:2e:8b:38:7b:00:de:ef:69:b1:6d:44:34:23:
69:f1:8f:7a:87:90:9c:63:10:2d:d0:c1:07:c6:0f:36:8a:4f:
dc:63:87:51:c8:e7:db:dd:21:25:b2:53:1d:20:51:12:60:7b:
74:80:ff:22:d8:a4:f5:10:ad:ce:a0:8a:6a:c2:89:be:ea:62:
a2:c1:d5:d5:1b:da:56:7c:84:fe:d6:55:2e:66:0b:84:4a:31:
71:18:d2:00:57:c7:86:77:93:a8:74:99:53:c8:d2:85:63:00:
19:d7:f9:aa:ce:98:98:25:aa:8a:49:93:ae:c2:2b:3c:01:db:
b3:85:6b:ff:e2:40:0c:1a:85:9c:d3:29:c2:be:87:ab:19:b8:
43:16:03:a8:27:b5:b5:c2:d9:51:ce:43:9e:f1:a1:c2:89:47:
41:92:b5:18
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYVrk2HbiXMhtaknpqyoWSUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjMwMTAxMDQyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzU0N2I3NmI4MGI0MDBkZjRiM2I2ZjIxMmUzNGQ2Zjc4MGFhYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkj7cYn9dkSV1d1Vygk8XTQDq/Oe
3wm7MgB5v+4n8YiPDp6odjVS+aRQmILDUKlPhl5xEWTCLzox0XTnhRYHxPXvOjvO
Y9/RxwXdKpLO6B/t98g4fYz7YzpyYiya8C1uv9ydN4ZLEDbDqZl9K57ymcSSnStO
An+gVUlv4OlFxfbVooCLFuXtdGGZ6XYS/nrhJb/7rOlcDKcMwPSk9da0UpPJDnQz
j2ksOTdbANFXSHZJVrHLE/H0nRYElCCBQ5bV4SuF511aVg7V4hSIRG1Ij0JfssFh
dUB6iiLzG6RS/1Q4AfHm+x5VJlYMChvnVvFoaiEEkCEzj8LscqJNK68uMwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFBNUe3a4C0AN9LO28hLjTW94CquBMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvRTFSN2RyZ0xRQTMwczdieUV1Tk5iM2dLcTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBtwQCAAEwgbAwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAy1BaAMEAi1VsAMEAi1a4AME
Ai2BMAMEAi2YuAMEBFDwsAMEAVtcEgMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAME
Ark9kAMEArlrVAMEArmAjAMEArmjPAMEArm9FAMEArnLtAMEArnlsAMEArn9JAME
A7xcQAMEAsEIdAMEAsE4qAMEBMK2cAMEBNRo8DAbBAIAAjAVAwUAKgJ54AMFAyoC
z8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQBVpL1mPWab+Nsy4WZgorUOmK5m
+SXtk5w8L++kzX/iJj5I3atXtzjHjfdvoKLKcVtZVrv8M9yKXiq7UjW5A76JwkFu
AYvOPnY1n70SbklZqnGkdBBt2EnupfFPYN/JHC6LOHsA3u9psW1ENCNp8Y96h5Cc
YxAt0MEHxg82ik/cY4dRyOfb3SElslMdIFESYHt0gP8i2KT1EK3OoIpqwom+6mKi
wdXVG9pWfIT+1lUuZguESjFxGNIAV8eGd5OodJlTyNKFYwAZ1/mqzpiYJaqKSZOu
wis8AduzhWv/4kAMGoWc0ynCvoerGbhDFgOoJ7W1wtlRzkOe8aHCiUdBkrUY
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:45 2024 by rpki-client on console-fra.rpki-client.org