Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/aD7yFGssPe_gx-bqJ74LGWORmbM.roa
File: aD7yFGssPe_gx-bqJ74LGWORmbM.roa (raw, json)
Hash identifier: 0gnpCKJi8ShK/n3ldGubyw6bZJFTdMuCWfx2DKeHBLI=
Subject key identifier: 68:3E:F2:14:6B:2C:3D:EF:E0:C7:E6:EA:27:BE:0B:19:63:91:99:B3
Certificate issuer: /CN=045c5f3bb81191720c0ddf8b3cf34d91dab4e1d3
Certificate serial: 01856DDD3211EE12827C369A5F05A78E8B2C
Authority key identifier: 04:5C:5F:3B:B8:11:91:72:0C:0D:DF:8B:3C:F3:4D:91:DA:B4:E1:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/aD7yFGssPe_gx-bqJ74LGWORmbM.roa
Signing time: Sun 01 Jan 2023 15:04:50 +0000
ROA not before: Sun 01 Jan 2023 15:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25184
IP address blocks: 78.109.192.0/20 maxlen: 24
79.175.128.0/18 maxlen: 24
31.47.32.0/19 maxlen: 24
81.90.144.0/20 maxlen: 24
80.75.0.0/20 maxlen: 24
217.11.16.0/20 maxlen: 24
185.3.124.0/22 maxlen: 24
31.14.112.0/20 maxlen: 24
86.104.32.0/20 maxlen: 24
93.113.224.0/20 maxlen: 24
46.102.128.0/20 maxlen: 24
2a03:4680::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:32:11:ee:12:82:7c:36:9a:5f:05:a7:8e:8b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=045c5f3bb81191720c0ddf8b3cf34d91dab4e1d3
Validity
Not Before: Jan 1 15:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=683ef2146b2c3defe0c7e6ea27be0b19639199b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7c:be:71:e3:a2:95:54:36:b9:1f:41:8d:2d:
9b:f1:96:34:7d:42:d8:2c:95:ee:79:4c:72:bd:b6:
5b:50:a1:96:97:a1:db:e3:f7:a8:95:eb:9f:7b:8e:
cc:f6:96:76:6f:d9:4e:d1:d6:c3:13:e5:b2:25:5d:
c1:4a:1d:41:cc:21:f6:d0:4b:68:f3:04:62:21:0e:
f1:df:4e:38:e2:e3:26:80:b7:85:29:42:ea:ad:f6:
68:58:a1:5a:88:73:f4:c6:9d:bd:bd:6b:d8:82:e7:
d7:72:6d:c1:c7:a2:51:b2:68:8d:8d:74:9c:a9:69:
82:d3:2f:27:04:53:e3:97:9f:e9:be:0e:68:c3:2e:
91:bb:7d:9b:86:37:ea:e2:92:e2:a4:8b:8d:30:b7:
e6:7f:cf:0f:58:62:7d:04:a6:1e:24:ab:aa:6a:6e:
02:b2:9f:7b:94:39:65:7f:bb:d4:6e:de:58:b6:23:
d1:72:b0:0e:ad:f6:92:46:f3:7a:53:f0:51:f6:e2:
ca:27:99:1e:8b:bb:06:91:f2:f5:06:36:df:8f:be:
99:b2:40:7a:5e:2a:29:26:fb:5d:8e:8d:09:b1:c3:
8a:fe:a5:db:48:e8:97:6f:3d:c5:89:b7:26:04:24:
d0:08:8a:58:ab:d1:c2:14:ff:9b:31:ac:c9:19:a8:
b6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3E:F2:14:6B:2C:3D:EF:E0:C7:E6:EA:27:BE:0B:19:63:91:99:B3
X509v3 Authority Key Identifier:
keyid:04:5C:5F:3B:B8:11:91:72:0C:0D:DF:8B:3C:F3:4D:91:DA:B4:E1:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/aD7yFGssPe_gx-bqJ74LGWORmbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.112.0/20
31.47.32.0/19
46.102.128.0/20
78.109.192.0/20
79.175.128.0/18
80.75.0.0/20
81.90.144.0/20
86.104.32.0/20
93.113.224.0/20
185.3.124.0/22
217.11.16.0/20
IPv6:
2a03:4680::/29
Signature Algorithm: sha256WithRSAEncryption
a3:1e:c0:b6:60:e2:ba:c2:c7:0e:00:ac:d2:f4:5a:97:c7:5f:
75:b2:0f:18:b1:f5:6e:f6:43:ea:7f:b0:7e:32:61:bc:ab:af:
d6:18:d3:ae:43:f1:99:fe:8d:51:8d:b7:d9:95:f5:72:e9:f8:
cc:42:9d:e2:da:ab:43:12:9c:70:c5:1f:d5:bf:b2:ca:23:14:
5e:92:c9:62:02:d5:5f:ff:e9:2e:74:4f:55:fe:5b:27:50:b5:
2c:96:7c:d3:8d:43:f8:e0:13:6f:53:92:10:9f:9d:4a:04:95:
ec:df:ed:5d:8e:c9:fc:67:64:83:35:9d:62:a7:05:ca:b5:2e:
44:70:07:9e:cc:15:e2:44:5b:40:b5:68:a1:2d:dd:c9:74:22:
35:cd:0b:f8:2b:c6:d7:a3:f8:8f:9a:5e:90:29:88:9c:83:99:
3d:de:8b:38:e7:96:22:30:b2:5a:af:de:7f:f4:f5:60:61:64:
1c:8f:62:f9:b1:f6:56:c0:16:d2:9f:18:ab:41:ad:07:c5:58:
5d:8e:7f:17:36:59:2b:74:a7:8a:a1:e6:93:87:24:e4:3e:14:
75:fd:fd:76:62:f1:73:33:06:e7:8a:b6:b9:dd:52:fa:d3:06:
8b:3f:f2:2d:de:be:a0:79:53:3c:77:32:8e:00:d8:b2:33:ab:
fe:3e:17:0a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVt3TIR7hKCfDaaXwWnjossMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NWM1ZjNiYjgxMTkxNzIwYzBkZGY4YjNjZjM0ZDkxZGFi
NGUxZDMwHhcNMjMwMTAxMTUwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNlZjIxNDZiMmMzZGVmZTBjN2U2ZWEyN2JlMGIxOTYzOTE5OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3y+ceOilVQ2uR9BjS2b8ZY0fULY
LJXueUxyvbZbUKGWl6Hb4/eoleufe47M9pZ2b9lO0dbDE+WyJV3BSh1BzCH20Eto
8wRiIQ7x30444uMmgLeFKULqrfZoWKFaiHP0xp29vWvYgufXcm3Bx6JRsmiNjXSc
qWmC0y8nBFPjl5/pvg5owy6Ru32bhjfq4pLipIuNMLfmf88PWGJ9BKYeJKuqam4C
sp97lDllf7vUbt5YtiPRcrAOrfaSRvN6U/BR9uLKJ5kei7sGkfL1Bjbfj76ZskB6
XiopJvtdjo0JscOK/qXbSOiXbz3FibcmBCTQCIpYq9HCFP+bMazJGai2MQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFGg+8hRrLD3v4Mfm6ie+CxljkZmzMB8GA1UdIwQY
MBaAFARcXzu4EZFyDA3fizzzTZHatOHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkZ4Zk83Z1JrWElNRGQtTFBQTk5rZHEwNGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82ZWFiY2QtYThmYy00M2VhLThiN2Mt
ZmJiODA4NTNjMWJlLzEvYUQ3eUZHc3NQZV9neC1icUo3NExHV09SbWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82ZWFiY2QtYThmYy00M2VhLThiN2MtZmJiODA4NTNjMWJl
LzEvQkZ4Zk83Z1JrWElNRGQtTFBQTk5rZHEwNGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQEHw5wAwQF
Hy8gAwQELmaAAwQETm3AAwQGT6+AAwQEUEsAAwQEUVqQAwQEVmggAwQEXXHgAwQC
uQN8AwQE2QsQMA0EAgACMAcDBQMqA0aAMA0GCSqGSIb3DQEBCwUAA4IBAQCjHsC2
YOK6wscOAKzS9FqXx191sg8YsfVu9kPqf7B+MmG8q6/WGNOuQ/GZ/o1RjbfZlfVy
6fjMQp3i2qtDEpxwxR/Vv7LKIxReksliAtVf/+kudE9V/lsnULUslnzTjUP44BNv
U5IQn51KBJXs3+1djsn8Z2SDNZ1ipwXKtS5EcAeezBXiRFtAtWihLd3JdCI1zQv4
K8bXo/iPml6QKYicg5k93os455YiMLJar95/9PVgYWQcj2L5sfZWwBbSnxirQa0H
xVhdjn8XNlkrdKeKoeaThyTkPhR1/f12YvFzMwbnira53VL60waLP/It3r6geVM8
dzKOANiyM6v+PhcK
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:35 2024 by rpki-client on console-ams.rpki-client.org