Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/u4QE1dGMTjmyo6g0CC0hkKDEcHs.roa
File: u4QE1dGMTjmyo6g0CC0hkKDEcHs.roa (raw, json)
Hash identifier: kgeNOI8Ydx4YBi//Zwoa1mQfH0VWvLxoBVb6tJLuiDU=
Subject key identifier: BB:84:04:D5:D1:8C:4E:39:B2:A3:A8:34:08:2D:21:90:A0:C4:70:7B
Certificate issuer: /CN=c1098a1905bbd3381533828f6b7fd227170431ef
Certificate serial: 018C8B76A70EC3A6CF3E6FF2E582C8D40BEB
Authority key identifier: C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/u4QE1dGMTjmyo6g0CC0hkKDEcHs.roa
Signing time: Thu 21 Dec 2023 08:20:58 +0000
ROA not before: Thu 21 Dec 2023 08:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57324
IP address blocks: 109.230.112.0/24 maxlen: 24
202.164.192.0/24 maxlen: 24
202.164.195.0/24 maxlen: 24
202.164.194.0/24 maxlen: 24
109.230.113.0/24 maxlen: 24
109.230.115.0/24 maxlen: 24
79.132.195.0/24 maxlen: 24
79.132.196.0/24 maxlen: 24
109.230.114.0/24 maxlen: 24
202.164.193.0/24 maxlen: 24
79.132.198.0/24 maxlen: 24
79.132.199.0/24 maxlen: 24
79.132.197.0/24 maxlen: 24
202.164.198.0/24 maxlen: 24
202.164.196.0/24 maxlen: 24
202.164.197.0/24 maxlen: 24
202.164.199.0/24 maxlen: 24
122.102.117.0/24 maxlen: 24
122.102.118.0/24 maxlen: 24
122.102.116.0/24 maxlen: 24
109.230.117.0/24 maxlen: 24
109.230.116.0/24 maxlen: 24
109.230.118.0/24 maxlen: 24
202.164.205.0/24 maxlen: 24
109.230.124.0/24 maxlen: 24
109.230.125.0/24 maxlen: 24
202.164.203.0/24 maxlen: 24
109.230.122.0/24 maxlen: 24
109.230.121.0/24 maxlen: 24
122.102.119.0/24 maxlen: 24
109.230.123.0/24 maxlen: 24
202.164.204.0/24 maxlen: 24
202.164.201.0/24 maxlen: 24
202.164.200.0/24 maxlen: 24
202.164.202.0/24 maxlen: 24
109.230.120.0/24 maxlen: 24
109.230.119.0/24 maxlen: 24
109.230.127.0/24 maxlen: 24
109.230.126.0/24 maxlen: 24
202.164.207.0/24 maxlen: 24
86.111.144.0/24 maxlen: 24
86.111.145.0/24 maxlen: 24
86.111.146.0/24 maxlen: 24
86.111.147.0/24 maxlen: 24
185.113.105.0/24 maxlen: 24
185.113.107.0/24 maxlen: 24
2a03:c340::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:76:a7:0e:c3:a6:cf:3e:6f:f2:e5:82:c8:d4:0b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1098a1905bbd3381533828f6b7fd227170431ef
Validity
Not Before: Dec 21 08:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb8404d5d18c4e39b2a3a834082d2190a0c4707b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:bb:4d:4c:0f:ee:76:fa:13:fc:d9:e5:cd:
2e:55:e7:8f:40:36:69:23:15:35:a4:28:5d:14:c1:
db:fb:31:b5:b8:0f:e7:4e:67:58:93:85:5d:6b:04:
e2:d0:d3:e4:a2:55:d3:c7:30:85:9e:40:ac:cf:09:
a8:9f:b4:cd:ac:f9:2d:67:8d:ce:08:9a:0a:72:6a:
b5:e8:cc:f2:a5:e8:12:f7:72:31:d9:1b:d3:bd:f6:
02:fc:0d:db:e3:9a:a5:11:e8:78:6b:80:69:16:b2:
a1:f1:5a:ca:94:95:8e:36:bd:8d:14:fa:aa:b5:d5:
b6:f7:3e:e0:33:ff:08:d9:86:2a:0f:8f:0a:29:8a:
e6:30:78:bb:16:0a:dc:cb:32:ba:46:2c:7a:a1:67:
98:6e:87:65:75:46:3d:9a:a5:f7:e4:45:74:90:c1:
81:f3:3c:e9:3c:80:50:cd:e4:f4:ed:4b:d1:be:1c:
7b:da:65:75:a2:96:7d:cf:0d:24:da:85:d2:90:a4:
54:80:ef:42:8a:50:3c:a0:f0:af:5d:35:d8:8e:ef:
86:bf:0a:9c:cc:3e:67:9e:57:e9:d4:9e:10:40:a4:
d9:88:13:29:57:2d:b7:20:40:31:ea:6a:96:b9:72:
18:fb:d9:de:01:2f:8b:f3:55:2c:ff:e6:36:0c:02:
4f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:84:04:D5:D1:8C:4E:39:B2:A3:A8:34:08:2D:21:90:A0:C4:70:7B
X509v3 Authority Key Identifier:
keyid:C1:09:8A:19:05:BB:D3:38:15:33:82:8F:6B:7F:D2:27:17:04:31:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQmKGQW70zgVM4KPa3_SJxcEMe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/u4QE1dGMTjmyo6g0CC0hkKDEcHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/2eed71-4665-4948-a3c5-b2a713d2eab2/1/wQmKGQW70zgVM4KPa3_SJxcEMe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.195.0-79.132.199.255
86.111.144.0/22
109.230.112.0/20
122.102.116.0/22
185.113.105.0/24
185.113.107.0/24
202.164.192.0-202.164.205.255
202.164.207.0/24
IPv6:
2a03:c340::/32
Signature Algorithm: sha256WithRSAEncryption
98:d5:34:13:07:5e:52:58:fa:32:1f:f3:db:66:94:51:a2:61:
f6:8f:25:41:74:73:4c:7d:ce:7d:2e:64:cc:47:ee:78:3c:4a:
77:06:9e:cd:d7:c9:36:a8:e6:ef:86:dd:1d:d1:4a:fd:c7:f8:
e1:73:d2:03:41:2e:80:a0:a1:07:74:a0:76:06:0d:06:f7:03:
1c:68:3a:f5:6a:56:c3:7c:49:64:2b:d8:07:cf:e1:67:d0:2a:
05:07:ac:d7:98:e3:6c:be:29:ee:9a:aa:c4:57:0a:4b:69:64:
78:1f:5e:31:bf:68:61:4b:14:fd:5f:c8:79:88:6b:0c:cd:7c:
9c:e6:61:40:52:b1:fb:ea:44:b2:15:2d:8c:23:3a:76:b7:ed:
3d:ac:10:bb:d2:56:31:7d:94:75:96:25:e0:18:06:d1:ed:3b:
d0:c0:65:bc:ef:2a:69:e3:0d:7a:75:7e:ab:7b:6c:02:2a:a5:
93:20:87:4b:fc:95:39:48:e6:70:bb:40:52:ff:ae:d1:b6:ab:
86:f0:b6:68:47:14:55:c0:36:ba:52:a0:2e:21:30:78:a5:3f:
f1:cd:14:65:7f:f8:69:fe:89:d3:ae:b6:74:b7:35:7e:25:83:
65:05:bc:54:b2:11:08:55:bb:86:9a:ff:2a:e1:2f:2d:e7:82:
5e:75:44:57
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYyLdqcOw6bPPm/y5YLI1AvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDk4YTE5MDViYmQzMzgxNTMzODI4ZjZiN2ZkMjI3MTcw
NDMxZWYwHhcNMjMxMjIxMDgyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjg0MDRkNWQxOGM0ZTM5YjJhM2E4MzQwODJkMjE5MGEwYzQ3MDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusG7TUwP7nb6E/zZ5c0uVeePQDZp
IxU1pChdFMHb+zG1uA/nTmdYk4VdawTi0NPkolXTxzCFnkCszwmon7TNrPktZ43O
CJoKcmq16MzypegS93Ix2RvTvfYC/A3b45qlEeh4a4BpFrKh8VrKlJWONr2NFPqq
tdW29z7gM/8I2YYqD48KKYrmMHi7FgrcyzK6Rix6oWeYbodldUY9mqX35EV0kMGB
8zzpPIBQzeT07UvRvhx72mV1opZ9zw0k2oXSkKRUgO9CilA8oPCvXTXYju+Gvwqc
zD5nnlfp1J4QQKTZiBMpVy23IEAx6mqWuXIY+9neAS+L81Us/+Y2DAJP5wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFLuEBNXRjE45sqOoNAgtIZCgxHB7MB8GA1UdIwQY
MBaAFMEJihkFu9M4FTOCj2t/0icXBDHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUt
YjJhNzEzZDJlYWIyLzEvdTRRRTFkR01Uam15bzZnMENDMGhrS0RFY0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yZWVkNzEtNDY2NS00OTQ4LWEzYzUtYjJhNzEzZDJlYWIy
LzEvd1FtS0dRVzcwemdWTTRLUGEzX1NKeGNFTWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBABPhMMD
BANPhMADBAJWb5ADBARt5nADBAJ6ZnQDBAC5cWkDBAC5cWswDAMEBsqkwAMEAcqk
zAMEAMqkzzANBAIAAjAHAwUAKgPDQDANBgkqhkiG9w0BAQsFAAOCAQEAmNU0Ewde
Ulj6Mh/z22aUUaJh9o8lQXRzTH3OfS5kzEfueDxKdwaezdfJNqjm74bdHdFK/cf4
4XPSA0EugKChB3SgdgYNBvcDHGg69WpWw3xJZCvYB8/hZ9AqBQes15jjbL4p7pqq
xFcKS2lkeB9eMb9oYUsU/V/IeYhrDM18nOZhQFKx++pEshUtjCM6drftPawQu9JW
MX2UdZYl4BgG0e070MBlvO8qaeMNenV+q3tsAiqlkyCHS/yVOUjmcLtAUv+u0bar
hvC2aEcUVcA2ulKgLiEweKU/8c0UZX/4af6J0662dLc1fiWDZQW8VLIRCFW7hpr/
KuEvLeeCXnVEVw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:08 2024 by rpki-client on console-ams.rpki-client.org