Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CLFqf_z7mLcD2rsoo97ALZu7YRE.roa
File: CLFqf_z7mLcD2rsoo97ALZu7YRE.roa (raw, json)
Hash identifier: j3f4MDI1aXUisXqsPJ1pNtK3TnDcXqiSUXa+DtkQDSI=
Subject key identifier: 08:B1:6A:7F:FC:FB:98:B7:03:DA:BB:28:A3:DE:C0:2D:9B:BB:61:11
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01888A979CB342779AF029BABFFB72C8F640
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CLFqf_z7mLcD2rsoo97ALZu7YRE.roa
Signing time: Mon 05 Jun 2023 08:06:11 +0000
ROA not before: Mon 05 Jun 2023 08:06:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 82.153.132.0/24 maxlen: 24
82.153.69.0/24 maxlen: 24
82.153.68.0/24 maxlen: 24
82.153.71.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.120.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.153.79.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.248.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:97:9c:b3:42:77:9a:f0:29:ba:bf:fb:72:c8:f6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 5 08:06:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08b16a7ffcfb98b703dabb28a3dec02d9bbb6111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fe:45:70:2c:3c:18:52:12:65:6a:82:63:e5:
d3:85:4c:ff:43:50:d3:9d:43:b8:2c:ff:66:e4:27:
46:3c:99:a2:19:af:6f:f2:97:45:87:46:b3:e9:b9:
49:72:22:37:88:a6:c7:2f:e8:38:25:32:58:f2:f0:
ae:3e:2d:78:1d:7d:cb:d7:b4:f5:89:3a:7c:57:10:
3d:b7:4a:00:80:47:a6:22:53:0c:09:4f:0d:b6:30:
48:41:e6:96:72:ad:c0:78:52:eb:15:7f:05:8a:68:
50:7b:4e:59:25:d7:9e:b7:35:ee:c4:04:17:54:39:
56:4a:02:3d:d7:57:a9:54:d5:fb:7a:31:c2:6f:f6:
ca:66:d4:bf:82:31:db:cc:00:74:cd:4c:55:00:8c:
af:65:71:44:c2:c3:fd:2e:d6:53:1e:8f:c3:24:75:
30:70:93:0f:cb:bb:a7:e5:bf:a4:c5:19:b6:b1:81:
de:0d:06:da:e6:58:a3:11:1e:37:57:12:fa:1e:ff:
d7:3b:4a:77:34:70:09:f4:79:5f:68:ac:11:49:28:
8b:af:01:6d:73:d6:0c:f2:d9:5b:01:de:80:5d:0b:
39:f5:ae:08:4a:35:20:c6:87:01:76:09:14:c6:20:
e7:a7:64:a5:cf:93:f9:6d:82:7e:80:b4:7a:84:60:
98:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B1:6A:7F:FC:FB:98:B7:03:DA:BB:28:A3:DE:C0:2D:9B:BB:61:11
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CLFqf_z7mLcD2rsoo97ALZu7YRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
81.168.35.0/24
81.168.119.0-81.168.120.255
81.168.123.0/24
81.168.126.0/24
82.152.248.0/24
82.152.251.0/24
82.152.253.0-82.152.255.255
82.153.1.0/24
82.153.68.0/23
82.153.71.0-82.153.72.255
82.153.78.0/23
82.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d4:d3:64:fe:89:2d:66:ba:2e:c1:bb:0b:0e:a3:3d:e9:dc:
64:84:4e:16:72:35:f3:95:00:97:67:b7:48:93:1c:25:e9:d3:
a2:d1:ff:41:15:25:44:24:fb:4b:4d:60:f8:90:0c:d0:1f:67:
a2:eb:b5:94:6c:06:e7:75:b2:4a:b5:e7:72:cc:7b:07:ef:73:
13:d2:6a:50:8f:1e:b4:d4:d9:ad:80:85:1c:76:05:4c:44:3a:
39:e1:92:55:00:17:44:79:ed:85:d3:7e:4a:8b:d4:9a:0b:43:
5e:a0:cc:3c:87:66:b6:38:b9:5a:9c:99:31:90:b9:f5:fd:7d:
87:e6:7c:8a:16:17:b7:4f:da:86:f2:95:6f:f3:e3:81:a6:c6:
a9:34:4e:74:3c:85:91:6b:21:21:3b:2b:e2:da:c7:5b:83:ac:
bb:d5:31:df:b4:ed:e4:3b:52:c9:b3:1d:c0:ff:cc:74:00:aa:
02:1b:91:5b:e9:3f:b4:5a:a7:2e:f5:9e:9c:51:58:e2:44:5f:
6b:fd:e8:cc:8b:ce:5c:14:e5:6b:5d:69:2d:7e:14:1f:6f:29:
fc:27:8e:80:25:43:7a:be:66:22:20:98:be:eb:d9:b8:2e:9f:
82:b4:9c:09:fa:1a:35:03:15:ef:19:39:49:92:72:3d:f3:08:
07:5e:b8:f6
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYiKl5yzQnea8Cm6v/tyyPZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjA1MDgwNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIxNmE3ZmZjZmI5OGI3MDNkYWJiMjhhM2RlYzAyZDliYmI2MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf5FcCw8GFISZWqCY+XThUz/Q1DT
nUO4LP9m5CdGPJmiGa9v8pdFh0az6blJciI3iKbHL+g4JTJY8vCuPi14HX3L17T1
iTp8VxA9t0oAgEemIlMMCU8NtjBIQeaWcq3AeFLrFX8FimhQe05ZJdeetzXuxAQX
VDlWSgI911epVNX7ejHCb/bKZtS/gjHbzAB0zUxVAIyvZXFEwsP9LtZTHo/DJHUw
cJMPy7un5b+kxRm2sYHeDQba5lijER43VxL6Hv/XO0p3NHAJ9HlfaKwRSSiLrwFt
c9YM8tlbAd6AXQs59a4ISjUgxocBdgkUxiDnp2Slz5P5bYJ+gLR6hGCYYQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFAixan/8+5i3A9q7KKPewC2bu2ERMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ0xGcWZfejdtTGNEMnJzb285N0FMWnU3WVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBrBAIAATBlAwQAUQW9AwQA
UagjMAwDBABRqHcDBABRqHgDBABRqHsDBABRqH4DBABSmPgDBABSmPswCwMEAFKY
/QMDAFKYAwQAUpkBAwQBUplEMAwDBABSmUcDBABSmUgDBAFSmU4DBABSmYQwDQYJ
KoZIhvcNAQELBQADggEBAGrU02T+iS1mui7BuwsOoz3p3GSEThZyNfOVAJdnt0iT
HCXp06LR/0EVJUQk+0tNYPiQDNAfZ6LrtZRsBud1skq153LMewfvcxPSalCPHrTU
2a2AhRx2BUxEOjnhklUAF0R57YXTfkqL1JoLQ16gzDyHZrY4uVqcmTGQufX9fYfm
fIoWF7dP2obylW/z44Gmxqk0TnQ8hZFrISE7K+Lax1uDrLvVMd+07eQ7UsmzHcD/
zHQAqgIbkVvpP7Rapy71npxRWOJEX2v96MyLzlwU5WtdaS1+FB9vKfwnjoAlQ3q+
ZiIgmL7r2bgun4K0nAn6GjUDFe8ZOUmScj3zCAdeuPY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:47 2023 by rpki-client on console-ams.rpki-client.org