Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/DymsvGDL4pPc4rSz2NWreoy1hqc.roa
File: DymsvGDL4pPc4rSz2NWreoy1hqc.roa (raw, json)
Hash identifier: Pd4njJSBLAfSgN3NdSi2MnplP8v85ERIw3qnTGLgYUw=
Subject key identifier: 0F:29:AC:BC:60:CB:E2:93:DC:E2:B4:B3:D8:D5:AB:7A:8C:B5:86:A7
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 01856EB90835ADC13DBC41E0EF058735DD7E
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/DymsvGDL4pPc4rSz2NWreoy1hqc.roa
Signing time: Sun 01 Jan 2023 19:04:57 +0000
ROA not before: Sun 01 Jan 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44684
IP address blocks: 176.126.240.0/21 maxlen: 24
185.101.96.0/24 maxlen: 24
195.10.223.0/24 maxlen: 24
45.139.80.0/22 maxlen: 22
45.139.80.0/24 maxlen: 24
93.93.128.0/21 maxlen: 24
185.47.60.0/22 maxlen: 22
46.235.224.0/21 maxlen: 24
2a04:ad80::/47 maxlen: 48
2a00:1098::/32 maxlen: 48
2a06:1c80::/29 maxlen: 29
2a04:ad80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:08:35:ad:c1:3d:bc:41:e0:ef:05:87:35:dd:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 1 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f29acbc60cbe293dce2b4b3d8d5ab7a8cb586a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:13:8b:55:4e:73:bc:b7:8d:88:27:9d:3a:16:
c7:fb:dc:4d:a1:5b:4f:8e:50:ff:f4:ec:80:8f:80:
57:be:84:9e:ae:3e:c3:67:a4:c4:61:45:a7:04:f0:
5d:d1:c4:71:7e:d1:a1:05:bc:40:81:07:2f:9a:19:
0d:6b:62:d8:96:81:c6:ee:db:6e:3a:ba:2b:0e:4a:
c1:9a:d6:12:f8:fb:e2:b8:ad:73:1f:8d:b1:e5:29:
24:ed:d4:2e:6a:70:56:13:63:c3:c5:88:63:06:27:
13:56:cc:3c:cd:a8:b0:35:18:0b:81:cc:76:71:a5:
26:fd:6b:fd:aa:ee:43:65:8d:ba:3a:c6:7c:e8:90:
a2:96:b2:cd:71:58:d9:8d:a8:f8:e2:82:71:3d:d3:
48:64:c6:9c:8f:d7:7e:ce:a8:5e:1a:0a:35:56:ea:
87:d5:7b:b5:8f:8a:16:e8:28:89:d8:3d:f1:32:52:
4b:91:31:a7:33:9e:3f:1c:70:48:9f:9b:6b:d9:7a:
c1:4b:0c:95:e6:88:9f:ef:29:1b:3d:27:ac:f0:73:
52:08:d5:10:7c:4d:79:98:41:3c:21:cf:27:0c:47:
ca:b3:5b:a1:36:18:56:0a:36:c3:3e:c1:c4:8f:bd:
63:4c:0b:ff:78:19:ff:ea:82:a7:64:1b:78:84:dd:
d7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:29:AC:BC:60:CB:E2:93:DC:E2:B4:B3:D8:D5:AB:7A:8C:B5:86:A7
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/DymsvGDL4pPc4rSz2NWreoy1hqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.80.0/22
46.235.224.0/21
93.93.128.0/21
176.126.240.0/21
185.47.60.0/22
185.101.96.0/24
195.10.223.0/24
IPv6:
2a00:1098::/32
2a04:ad80::/29
2a06:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
60:f1:e7:7b:f2:83:94:ab:1b:21:98:5b:53:8b:44:55:d4:47:
4e:d1:a8:1b:6a:98:c5:8e:86:97:58:21:5d:14:b6:7c:f2:49:
4b:d2:f6:f3:ce:68:e6:2a:69:8c:c5:c9:4e:cf:85:26:75:8d:
e2:c5:2f:32:d0:a7:c5:1c:90:5e:2d:ee:70:d2:02:fd:06:d8:
04:5c:d0:08:90:a7:1b:c2:9a:df:e1:44:80:ae:f3:78:cb:21:
91:86:cc:ca:07:23:11:46:0e:91:a2:9f:fa:e3:4c:3a:12:ee:
93:f1:0a:fa:de:b3:65:94:8d:cd:d5:d6:0a:c9:2a:d8:02:62:
60:c5:79:63:0c:40:65:76:5b:43:d5:a3:96:4f:30:ac:8e:75:
1d:46:f8:12:f7:f9:12:67:ec:f3:53:44:41:9c:f5:bf:95:73:
b9:1f:53:78:34:42:49:7b:b8:70:82:fa:e6:d6:07:fa:38:11:
b3:df:14:51:bc:28:25:ed:cb:3a:ac:aa:14:c0:55:c7:04:47:
24:32:ed:56:66:c6:67:77:83:52:cb:36:8e:da:9c:06:16:43:
f5:1b:90:3f:65:c2:78:93:7c:20:08:6f:8c:28:ab:cd:d5:46:
cf:85:fc:b5:55:32:8e:dc:bc:d2:86:4e:4e:e6:76:81:05:ef:
87:5b:91:b5
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVuuQg1rcE9vEHg7wWHNd1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWZjOGM4Mjk4NjMxMGM1ZjZhOWI1NmZiNzZiNmJkOTg3
N2ZjYzAwHhcNMjMwMTAxMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI5YWNiYzYwY2JlMjkzZGNlMmI0YjNkOGQ1YWI3YThjYjU4NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBOLVU5zvLeNiCedOhbH+9xNoVtP
jlD/9OyAj4BXvoSerj7DZ6TEYUWnBPBd0cRxftGhBbxAgQcvmhkNa2LYloHG7ttu
OrorDkrBmtYS+PviuK1zH42x5Skk7dQuanBWE2PDxYhjBicTVsw8zaiwNRgLgcx2
caUm/Wv9qu5DZY26OsZ86JCilrLNcVjZjaj44oJxPdNIZMacj9d+zqheGgo1VuqH
1Xu1j4oW6CiJ2D3xMlJLkTGnM54/HHBIn5tr2XrBSwyV5oif7ykbPSes8HNSCNUQ
fE15mEE8Ic8nDEfKs1uhNhhWCjbDPsHEj71jTAv/eBn/6oKnZBt4hN3XZwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFA8prLxgy+KT3OK0s9jVq3qMtYanMB8GA1UdIwQY
MBaAFPgfyMgphjEMX2qbVvt2tr2Yd/zAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CX0l5Q21HTVF4ZmFwdFctM2EydlpoM19NQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFk
LTUxM2NhOGU2Y2VjZS8xL0R5bXN2R0RMNHBQYzRyU3oyTldyZW95MWhxYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFkLTUxM2NhOGU2Y2Vj
ZS8xLzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwYAYIKwYBBQUHAQcBAf8EUTBPMDAEAgABMCoDBAIti1AD
BAMu6+ADBANdXYADBAOwfvADBAK5LzwDBAC5ZWADBADDCt8wGwQCAAIwFQMFACoA
EJgDBQMqBK2AAwUDKgYcgDANBgkqhkiG9w0BAQsFAAOCAQEAYPHne/KDlKsbIZhb
U4tEVdRHTtGoG2qYxY6Gl1ghXRS2fPJJS9L2885o5ippjMXJTs+FJnWN4sUvMtCn
xRyQXi3ucNIC/QbYBFzQCJCnG8Ka3+FEgK7zeMshkYbMygcjEUYOkaKf+uNMOhLu
k/EK+t6zZZSNzdXWCskq2AJiYMV5YwxAZXZbQ9Wjlk8wrI51HUb4Evf5Emfs81NE
QZz1v5VzuR9TeDRCSXu4cIL65tYH+jgRs98UUbwoJe3LOqyqFMBVxwRHJDLtVmbG
Z3eDUss2jtqcBhZD9RuQP2XCeJN8IAhvjCirzdVGz4X8tVUyjty80oZOTuZ2gQXv
h1uRtQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:41 2024 by rpki-client on console-fra.rpki-client.org