Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/vnAukyF7pPDXitg8D8MwsDmp09w.roa
File: vnAukyF7pPDXitg8D8MwsDmp09w.roa (raw, json)
Hash identifier: oud9fcYA+jABcT9gMkz2ByY669vCd8kRrA9gfdysf0E=
Subject key identifier: BE:70:2E:93:21:7B:A4:F0:D7:8A:D8:3C:0F:C3:30:B0:39:A9:D3:DC
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0186CABA4FD68030AF6C97A2A389FFBBD000
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/vnAukyF7pPDXitg8D8MwsDmp09w.roa
Signing time: Fri 10 Mar 2023 08:54:13 +0000
ROA not before: Fri 10 Mar 2023 08:54:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.223.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
45.147.48.0/24 maxlen: 24
45.147.51.0/24 maxlen: 24
45.147.49.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
194.36.27.0/24 maxlen: 24
45.143.232.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
213.232.112.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ca:ba:4f:d6:80:30:af:6c:97:a2:a3:89:ff:bb:d0:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Mar 10 08:54:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be702e93217ba4f0d78ad83c0fc330b039a9d3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e1:f3:b7:80:c0:17:30:b1:5a:15:42:e8:32:
c1:8f:36:69:fd:b1:c2:c8:ab:f7:0e:fc:8c:8b:cc:
ab:a9:30:b4:4e:d8:95:09:38:99:f4:57:c8:36:b0:
1b:52:3d:09:8d:41:46:56:a5:64:1f:4a:33:25:e8:
0f:3c:e6:b7:52:30:d5:37:84:82:54:0b:56:38:3e:
0e:02:23:a2:b2:3b:70:5e:e5:db:ae:41:42:00:4e:
89:3d:8e:05:c5:4c:80:0d:8b:93:9f:aa:2c:37:41:
78:e5:29:51:0f:d7:fe:f8:91:16:4d:a9:89:5e:47:
de:81:c7:91:4a:cb:99:c7:0d:d8:57:66:d6:96:6a:
20:9e:b7:63:d0:6d:7d:05:32:f2:58:8a:8e:45:ee:
f4:39:59:54:52:78:f6:ad:43:0f:ce:95:11:80:a5:
46:39:53:bf:4a:71:b2:5d:0f:24:c2:2b:7a:4c:95:
e1:6e:6a:e1:4f:5c:3f:20:ab:90:58:84:30:f3:08:
1e:88:53:6c:61:6c:94:a3:ee:47:55:88:93:91:37:
1c:d9:c1:d2:5c:e3:3d:35:b8:c8:dd:f7:19:01:5c:
d2:d9:b4:cd:b4:75:5a:86:52:03:c9:1a:d2:ac:a1:
df:97:04:0f:71:3c:ac:82:a7:56:93:e6:5b:d8:a4:
de:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:70:2E:93:21:7B:A4:F0:D7:8A:D8:3C:0F:C3:30:B0:39:A9:D3:DC
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/vnAukyF7pPDXitg8D8MwsDmp09w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.232.0/22
45.147.48.0/23
45.147.51.0/24
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
79.143.140.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.184.223.0/24
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.36.27.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
213.232.112.0/22
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
83:cd:fe:71:fa:92:39:3c:d3:fa:a9:63:3a:92:5d:6d:ef:ac:
37:cb:9f:d9:b2:4d:2f:75:5a:54:9a:52:1e:5a:03:be:09:63:
61:11:51:17:82:61:d6:81:00:b8:7c:fc:ca:8f:7d:47:da:25:
45:3c:b3:38:98:5a:a7:0a:f5:3e:49:82:3e:b4:88:97:15:81:
47:47:a1:78:4d:e7:da:a5:10:fe:ff:37:53:97:a3:6a:0e:74:
54:7f:e8:21:68:9c:86:c9:86:ff:14:43:84:6f:1a:eb:e9:88:
1c:26:96:e1:3b:31:96:5e:3f:bf:99:70:29:6f:d8:ec:f2:58:
db:3d:bb:b8:d0:32:76:25:44:f9:e7:b1:7e:87:42:0c:47:a7:
6d:2b:78:5b:4e:6c:04:cc:37:c9:b4:b3:0f:da:a7:7c:af:8d:
9e:03:db:2a:0f:e9:56:63:ea:18:90:da:8c:b3:2f:a7:f3:7f:
2b:c9:1a:f3:3c:41:83:db:5f:45:d0:52:71:d4:62:0d:b5:83:
76:ec:78:3e:5b:c9:0f:5b:49:fe:fb:b0:72:a6:27:57:e4:7e:
5e:8c:88:b4:f1:3a:e6:eb:08:0d:54:4f:19:05:67:76:ea:b1:
3d:1f:f8:a3:0b:16:87:c9:5d:13:80:4b:7b:ba:e4:8f:1d:2a:
4f:87:4f:93
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAYbKuk/WgDCvbJeio4n/u9AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMzEwMDg1NDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTcwMmU5MzIxN2JhNGYwZDc4YWQ4M2MwZmMzMzBiMDM5YTlkM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Hzt4DAFzCxWhVC6DLBjzZp/bHC
yKv3DvyMi8yrqTC0TtiVCTiZ9FfINrAbUj0JjUFGVqVkH0ozJegPPOa3UjDVN4SC
VAtWOD4OAiOisjtwXuXbrkFCAE6JPY4FxUyADYuTn6osN0F45SlRD9f++JEWTamJ
XkfegceRSsuZxw3YV2bWlmognrdj0G19BTLyWIqORe70OVlUUnj2rUMPzpURgKVG
OVO/SnGyXQ8kwit6TJXhbmrhT1w/IKuQWIQw8wgeiFNsYWyUo+5HVYiTkTcc2cHS
XOM9NbjI3fcZAVzS2bTNtHVahlIDyRrSrKHflwQPcTysgqdWk+Zb2KTe7wIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFL5wLpMhe6Tw14rYPA/DMLA5qdPcMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdm5BdWt5RjdwUERYaXRnOEQ4TXdzRG1wMDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCCARIEAgABMIIB
CgMEAi0OQAMEAC0ORgMEAC0OaQMEAC0OawMEAi1CgAMEAi1C2AMEAC2CFTAMAwQA
LY59AwQHLY4AAwQCLY/oAwQBLZMwAwQALZMzAwQCLZWcAwQCLZ8wAwQCTo7kAwQC
T4+MAwQCWNYUAwQAW8jwAwQBW8jyAwQAXDwrAwQAXnx3AwQBX9akMAwDBAKNYsQD
BACNYsYDBAOTTvADBACVPiwDBAGVPi4DBAKwd5QDBAC5uN8DBAC5wjYDBAC5yEAD
BAC5yEIDBALBIJQDBAHBbx4DBADCJBgDBADCJBswDAMEAMJomQMEAsJomAMEAMKp
NgMEAMP12zAMAwQAw/XxAwQAw/XyAwQC1ehwMBUEAgACMA8DBgQqCQAHAAMFACoN
x8EwDQYJKoZIhvcNAQELBQADggEBAIPN/nH6kjk80/qpYzqSXW3vrDfLn9myTS91
WlSaUh5aA74JY2ERUReCYdaBALh8/MqPfUfaJUU8sziYWqcK9T5Jgj60iJcVgUdH
oXhN59qlEP7/N1OXo2oOdFR/6CFonIbJhv8UQ4RvGuvpiBwmluE7MZZeP7+ZcClv
2OzyWNs9u7jQMnYlRPnnsX6HQgxHp20reFtObATMN8m0sw/ap3yvjZ4D2yoP6VZj
6hiQ2oyzL6fzfyvJGvM8QYPbX0XQUnHUYg21g3bseD5byQ9bSf77sHKmJ1fkfl6M
iLTxOubrCA1UTxkFZ3bqsT0f+KMLFofJXROAS3u65I8dKk+HT5M=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org