Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/dWrofzzwFTm8Cx_TC_nlvOX41Iw.roa
File: dWrofzzwFTm8Cx_TC_nlvOX41Iw.roa (raw, json)
Hash identifier: tyQ1eFnM3z2eYzTZz8qyNCCESqg60TaeDztF/I8FC8A=
Subject key identifier: 75:6A:E8:7F:3C:F0:15:39:BC:0B:1F:D3:0B:F9:E5:BC:E5:F8:D4:8C
Certificate issuer: /CN=02930f8c688c04d17433a2b9c7249bc625bce316
Certificate serial: 01856C6EF713F1447C5AF4F729AFDE629289
Authority key identifier: 02:93:0F:8C:68:8C:04:D1:74:33:A2:B9:C7:24:9B:C6:25:BC:E3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/dWrofzzwFTm8Cx_TC_nlvOX41Iw.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49800
IP address blocks: 46.19.96.0/21 maxlen: 21
195.250.64.0/19 maxlen: 19
37.186.64.0/18 maxlen: 18
130.193.120.0/21 maxlen: 21
93.185.32.0/20 maxlen: 20
185.8.0.0/22 maxlen: 22
185.8.2.0/24 maxlen: 24
5.63.160.0/21 maxlen: 21
5.63.160.0/24 maxlen: 24
62.89.0.0/19 maxlen: 19
31.47.192.0/21 maxlen: 21
78.109.64.0/20 maxlen: 20
2a02:2a50::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f7:13:f1:44:7c:5a:f4:f7:29:af:de:62:92:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02930f8c688c04d17433a2b9c7249bc625bce316
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=756ae87f3cf01539bc0b1fd30bf9e5bce5f8d48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:80:52:91:f1:d9:a0:d1:bc:ec:af:45:07:17:
d3:4d:00:66:3f:42:da:94:f3:37:fe:b4:18:27:80:
e6:00:d9:bc:40:9b:77:7e:86:cc:fe:66:50:cf:c8:
68:35:c6:9b:50:3e:42:ae:98:be:fb:f0:66:e3:53:
59:04:1a:05:39:9c:0f:7c:01:6a:00:ba:c6:56:db:
ee:a8:ca:e9:93:ff:2c:4d:86:b9:ba:01:a9:d6:93:
6e:1f:46:b4:89:40:de:91:a0:14:62:61:9d:26:38:
e0:08:77:00:89:f5:14:96:97:53:5c:d2:33:23:dd:
08:a2:2b:6a:d4:a6:6a:67:ca:0d:53:93:35:07:4f:
ed:35:7b:b2:69:0d:f9:e1:c5:38:e2:af:b4:55:65:
14:25:c9:fb:2c:b5:2e:8f:f2:35:d6:72:1a:31:98:
e4:e8:1a:e6:79:38:a3:9c:d1:98:8a:80:7f:9f:e7:
08:e9:3c:be:b0:97:33:1d:d2:c5:04:b4:76:c0:1f:
0c:97:e9:45:2f:c2:cd:ef:e6:ee:bf:60:3d:bf:22:
d6:55:40:00:cc:e0:4b:42:4d:33:bd:18:77:d4:77:
86:3c:69:c4:21:0f:3c:a0:3b:ab:dc:76:6f:68:8b:
42:70:35:da:d0:f5:c7:b8:b2:59:22:d3:e4:17:0e:
e9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6A:E8:7F:3C:F0:15:39:BC:0B:1F:D3:0B:F9:E5:BC:E5:F8:D4:8C
X509v3 Authority Key Identifier:
keyid:02:93:0F:8C:68:8C:04:D1:74:33:A2:B9:C7:24:9B:C6:25:BC:E3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/dWrofzzwFTm8Cx_TC_nlvOX41Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.160.0/21
31.47.192.0/21
37.186.64.0/18
46.19.96.0/21
62.89.0.0/19
78.109.64.0/20
93.185.32.0/20
130.193.120.0/21
185.8.0.0/22
195.250.64.0/19
IPv6:
2a02:2a50::/29
Signature Algorithm: sha256WithRSAEncryption
17:cd:94:41:52:3f:d8:a6:51:9a:88:85:f6:fe:72:7a:ff:08:
82:44:54:12:db:b7:f1:60:dc:f0:02:18:9d:6f:1d:48:f8:49:
c0:9f:39:18:98:b6:db:0a:db:3d:07:99:99:81:ec:6c:33:60:
b3:a1:8c:11:d1:f8:85:9f:1c:c2:32:cb:08:55:5f:d7:3a:31:
5a:34:1b:3f:b0:23:a4:24:a0:04:bc:f0:aa:e4:46:b2:67:68:
2c:3c:79:01:25:ad:a2:5e:06:c5:41:fa:42:2d:76:30:16:4f:
5f:06:4b:25:96:59:00:5c:2e:46:d1:47:90:59:5b:af:b0:cf:
8d:58:46:6e:6b:af:2f:d5:0b:48:cf:08:72:65:d7:03:65:bb:
e4:03:db:84:38:e6:4c:b3:dc:6c:17:ff:e6:ae:cf:12:00:2b:
f4:c8:b2:15:66:dc:30:6d:a1:fe:ce:e5:b0:a2:b6:83:62:50:
2a:70:d1:a2:ab:0b:6e:36:53:c1:73:f4:27:44:2e:4d:d5:9f:
71:cb:3b:d0:ef:af:4d:a3:4c:2a:a4:36:15:29:6a:cc:44:b6:
ac:34:44:2b:57:b5:d4:43:5f:88:5b:cd:f0:75:f7:a5:cb:78:
8e:cd:ee:90:42:49:69:77:b9:0d:74:6c:c2:86:ed:dd:6f:70:
66:81:2f:a9
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVsbvcT8UR8WvT3Ka/eYpKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTMwZjhjNjg4YzA0ZDE3NDMzYTJiOWM3MjQ5YmM2MjVi
Y2UzMTYwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZhZTg3ZjNjZjAxNTM5YmMwYjFmZDMwYmY5ZTViY2U1ZjhkNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoBSkfHZoNG87K9FBxfTTQBmP0La
lPM3/rQYJ4DmANm8QJt3fobM/mZQz8hoNcabUD5Crpi++/Bm41NZBBoFOZwPfAFq
ALrGVtvuqMrpk/8sTYa5ugGp1pNuH0a0iUDekaAUYmGdJjjgCHcAifUUlpdTXNIz
I90Ioitq1KZqZ8oNU5M1B0/tNXuyaQ354cU44q+0VWUUJcn7LLUuj/I11nIaMZjk
6BrmeTijnNGYioB/n+cI6Ty+sJczHdLFBLR2wB8Ml+lFL8LN7+buv2A9vyLWVUAA
zOBLQk0zvRh31HeGPGnEIQ88oDur3HZvaItCcDXa0PXHuLJZItPkFw7pZwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFHVq6H888BU5vAsf0wv55bzl+NSMMB8GA1UdIwQY
MBaAFAKTD4xojATRdDOiucckm8YlvOMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBNUGpHaU1CTkYwTTZLNXh5U2J4aVc4NHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iMjA2NGItYmUwOS00M2Q5LWIwODct
YTRlOTkxYjBmMTQ0LzEvZFdyb2Z6endGVG04Q3hfVENfbmx2T1g0MUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iMjA2NGItYmUwOS00M2Q5LWIwODctYTRlOTkxYjBmMTQ0
LzEvQXBNUGpHaU1CTkYwTTZLNXh5U2J4aVc4NHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBT+gAwQD
Hy/AAwQGJbpAAwQDLhNgAwQFPlkAAwQETm1AAwQEXbkgAwQDgsF4AwQCuQgAAwQF
w/pAMA0EAgACMAcDBQMqAipQMA0GCSqGSIb3DQEBCwUAA4IBAQAXzZRBUj/YplGa
iIX2/nJ6/wiCRFQS27fxYNzwAhidbx1I+EnAnzkYmLbbCts9B5mZgexsM2CzoYwR
0fiFnxzCMssIVV/XOjFaNBs/sCOkJKAEvPCq5EayZ2gsPHkBJa2iXgbFQfpCLXYw
Fk9fBkslllkAXC5G0UeQWVuvsM+NWEZua68v1QtIzwhyZdcDZbvkA9uEOOZMs9xs
F//mrs8SACv0yLIVZtwwbaH+zuWworaDYlAqcNGiqwtuNlPBc/QnRC5N1Z9xyzvQ
769No0wqpDYVKWrMRLasNEQrV7XUQ1+IW83wdfely3iOze6QQklpd7kNdGzChu3d
b3BmgS+p
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:29 2024 by rpki-client on console-fra.rpki-client.org