Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa
File: 4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa (raw, json)
Hash identifier: k0XtqN/ruPPqRbhHgE3/8bygapCbH1gvvyF6Bpg1d4c=
Subject key identifier: E1:DC:31:91:DC:93:25:36:D3:BE:CD:2B:2F:8A:5D:10:34:84:62:3E
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01898C01AB0A2BDC6267630CF37079543EE8
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa
Signing time: Tue 25 Jul 2023 07:44:26 +0000
ROA not before: Tue 25 Jul 2023 07:44:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 209.35.99.0/24 maxlen: 24
193.36.76.0/24 maxlen: 24
194.29.67.0/24 maxlen: 24
194.29.70.0/24 maxlen: 24
194.29.80.0/24 maxlen: 24
193.200.96.0/23 maxlen: 23
89.32.204.0/24 maxlen: 24
89.47.34.0/24 maxlen: 24
86.104.215.0/24 maxlen: 24
89.33.83.0/24 maxlen: 24
194.26.149.0/24 maxlen: 24
86.104.227.0/24 maxlen: 24
162.218.158.0/24 maxlen: 24
162.218.157.0/24 maxlen: 24
212.102.116.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:01:ab:0a:2b:dc:62:67:63:0c:f3:70:79:54:3e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jul 25 07:44:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1dc3191dc932536d3becd2b2f8a5d103484623e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:60:d3:9c:1c:b1:aa:99:2e:43:e0:cd:d3:28:
6f:93:de:6b:85:b7:f8:f4:ee:89:ac:14:1f:af:0a:
0e:9d:4d:2c:34:61:9d:15:17:bb:ca:b1:ec:aa:b7:
a8:cc:31:22:f2:6f:74:d0:21:0d:34:94:ab:3b:32:
ef:0e:c3:e4:f8:bc:e7:69:de:7a:05:2d:1e:e8:22:
92:3f:5c:f5:e0:30:73:ce:d3:d9:d0:fb:7d:81:37:
2d:48:80:a0:e6:16:cb:55:7a:41:d1:66:1e:3f:87:
1d:fe:3a:be:3c:2e:cd:57:ee:92:64:35:4b:61:84:
23:a9:01:c5:60:3e:70:65:02:4e:20:66:00:50:a0:
04:f8:eb:94:76:33:27:13:3d:80:f0:fc:e1:e8:f0:
a7:0d:36:05:14:75:ed:83:60:ea:c2:f5:7d:2c:6c:
aa:1b:e1:96:85:ce:65:1a:af:5a:83:b5:87:d2:01:
7b:ce:97:ae:13:b4:b9:06:d1:dd:4c:00:84:05:42:
7d:0f:76:92:05:bc:63:1b:ff:be:f1:8c:8a:e6:32:
a3:35:22:80:dc:91:e3:a1:48:b1:33:a3:83:15:ca:
2b:09:c9:4b:b8:b7:0c:be:a8:20:d9:ab:c1:13:fd:
a5:3d:97:58:c1:a8:dd:57:d7:d3:b0:61:14:e9:20:
89:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:DC:31:91:DC:93:25:36:D3:BE:CD:2B:2F:8A:5D:10:34:84:62:3E
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/4dwxkdyTJTbTvs0rL4pdEDSEYj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.215.0/24
86.104.227.0/24
89.32.204.0/24
89.33.83.0/24
89.47.34.0/24
162.218.157.0-162.218.158.255
193.36.76.0/24
193.200.96.0/23
194.26.149.0/24
194.29.67.0/24
194.29.70.0/24
194.29.80.0/24
209.35.99.0/24
212.102.116.0/24
Signature Algorithm: sha256WithRSAEncryption
83:62:65:ce:eb:ae:58:31:0c:d2:be:26:c5:f5:9c:da:1a:9b:
87:96:20:6b:de:a4:fd:d7:3d:88:df:ac:e4:a9:4c:c3:c1:71:
6f:8c:51:02:56:f7:9e:4d:31:32:50:91:92:a4:22:f0:bf:15:
cd:06:cd:1a:11:64:53:6b:bd:8f:c2:65:46:83:e9:9f:3e:0c:
f4:1d:84:1d:51:f4:78:db:08:75:97:db:ac:d1:ae:ea:08:ce:
de:e2:9e:ef:ab:a9:b6:25:af:76:64:b8:96:49:11:81:62:92:
9a:4e:a3:ba:49:38:f2:f2:8e:2e:ff:ff:ab:29:05:37:e6:15:
89:21:29:3e:b2:9c:7b:54:1a:e6:9f:e5:ab:a1:dc:21:40:92:
37:b8:f4:65:29:92:00:68:4c:4a:77:17:82:2b:49:f6:28:aa:
f6:40:be:52:11:69:23:51:5c:83:a6:7e:40:15:b8:b8:e1:2a:
fe:e7:ec:ea:bf:22:18:2e:8e:95:43:46:a8:a9:e9:5b:ce:6a:
51:bb:b9:58:4d:04:13:a8:a1:90:25:c3:3d:0b:03:05:5a:18:
b9:a4:36:f1:56:cf:db:3c:22:75:97:06:d7:4b:55:df:0d:77:
6b:ce:6b:02:25:84:5d:72:e1:83:dc:09:f8:fd:c2:81:18:8a:
19:b7:2d:b5
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYmMAasKK9xiZ2MM83B5VD7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwNzI1MDc0NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWRjMzE5MWRjOTMyNTM2ZDNiZWNkMmIyZjhhNWQxMDM0ODQ2MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWDTnByxqpkuQ+DN0yhvk95rhbf4
9O6JrBQfrwoOnU0sNGGdFRe7yrHsqreozDEi8m900CENNJSrOzLvDsPk+Lznad56
BS0e6CKSP1z14DBzztPZ0Pt9gTctSICg5hbLVXpB0WYeP4cd/jq+PC7NV+6SZDVL
YYQjqQHFYD5wZQJOIGYAUKAE+OuUdjMnEz2A8Pzh6PCnDTYFFHXtg2DqwvV9LGyq
G+GWhc5lGq9ag7WH0gF7zpeuE7S5BtHdTACEBUJ9D3aSBbxjG/++8YyK5jKjNSKA
3JHjoUixM6ODFcorCclLuLcMvqgg2avBE/2lPZdYwajdV9fTsGEU6SCJMwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOHcMZHckyU2077NKy+KXRA0hGI+MB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvNGR3eGtkeVRKVGJUdnMwckw0cGRFRFNFWWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAVmjXAwQA
VmjjAwQAWSDMAwQAWSFTAwQAWS8iMAwDBACi2p0DBACi2p4DBADBJEwDBAHByGAD
BADCGpUDBADCHUMDBADCHUYDBADCHVADBADRI2MDBADUZnQwDQYJKoZIhvcNAQEL
BQADggEBAINiZc7rrlgxDNK+JsX1nNoam4eWIGvepP3XPYjfrOSpTMPBcW+MUQJW
955NMTJQkZKkIvC/Fc0GzRoRZFNrvY/CZUaD6Z8+DPQdhB1R9HjbCHWX26zRruoI
zt7inu+rqbYlr3ZkuJZJEYFikppOo7pJOPLyji7//6spBTfmFYkhKT6ynHtUGuaf
5auh3CFAkje49GUpkgBoTEp3F4IrSfYoqvZAvlIRaSNRXIOmfkAVuLjhKv7n7Oq/
IhgujpVDRqip6VvOalG7uVhNBBOooZAlwz0LAwVaGLmkNvFWz9s8InWXBtdLVd8N
d2vOawIlhF1y4YPcCfj9woEYihm3LbU=
-----END CERTIFICATE-----
Generated at Tue Jul 25 09:39:06 2023 by rpki-client on console-ams.rpki-client.org