Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/8X1tbzFwYzhFn0lUkSsOxa0Evnw.roa
File: 8X1tbzFwYzhFn0lUkSsOxa0Evnw.roa (raw, json)
Hash identifier: 5ssXpQW/wMZ5yUdFss3P7DPGZdZ6+QoUar9jqfjQCvI=
Subject key identifier: F1:7D:6D:6F:31:70:63:38:45:9F:49:54:91:2B:0E:C5:AD:04:BE:7C
Certificate issuer: /CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Certificate serial: 018ACCBB3BB63BF14075CC9D8DF4D09A9754
Authority key identifier: 22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/8X1tbzFwYzhFn0lUkSsOxa0Evnw.roa
Signing time: Mon 25 Sep 2023 14:25:37 +0000
ROA not before: Mon 25 Sep 2023 14:25:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 137.174.192.0/19 maxlen: 22
155.204.64.0/20 maxlen: 20
137.174.0.0/17 maxlen: 22
155.204.80.0/21 maxlen: 21
155.204.96.0/21 maxlen: 21
147.123.36.0/22 maxlen: 24
137.174.128.0/18 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:bb:3b:b6:3b:f1:40:75:cc:9d:8d:f4:d0:9a:97:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a5d84053e2b0c313af1e3ba5102466a5f79678
Validity
Not Before: Sep 25 14:25:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f17d6d6f31706338459f4954912b0ec5ad04be7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d0:2d:41:16:cc:54:5e:53:fb:ec:eb:9b:c8:
fc:63:b9:9f:3a:e9:32:a4:93:5f:12:87:83:8b:08:
42:d1:8c:62:a8:33:3b:3f:58:76:f9:42:c8:c1:a1:
bb:48:07:77:d1:d6:ef:64:76:5f:d5:c7:72:a3:9a:
28:ba:da:e2:08:11:60:34:65:f6:e8:a8:de:f6:e0:
2d:32:41:a9:4b:31:55:c1:fc:ab:2e:5c:00:d3:0b:
89:ce:6b:6a:a7:83:9b:50:47:55:fa:7c:81:c1:71:
6c:33:80:d5:7f:ee:1d:24:04:40:29:07:d1:cf:54:
16:e2:59:22:05:19:8e:1d:9b:a6:88:87:0c:4f:77:
e5:46:fd:1b:ec:cb:15:a2:d1:73:59:7c:c7:20:33:
8d:1e:b6:15:f4:00:64:86:18:f9:d0:4f:7b:17:ed:
bf:e2:5b:df:af:38:ee:77:c3:a7:85:cf:01:78:f4:
96:73:99:b1:94:26:32:bf:a6:46:a7:cf:05:9e:d0:
53:6d:2a:cd:83:33:85:94:b3:44:8b:f0:a8:9f:7b:
d9:5d:d5:b4:ad:dc:cd:9c:e1:60:57:95:d4:b8:58:
eb:90:e7:af:3f:a2:cd:bd:d9:40:e5:b7:b3:54:82:
05:a6:73:82:ee:c9:cd:8d:b9:37:79:7d:81:6b:c3:
ef:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7D:6D:6F:31:70:63:38:45:9F:49:54:91:2B:0E:C5:AD:04:BE:7C
X509v3 Authority Key Identifier:
keyid:22:A5:D8:40:53:E2:B0:C3:13:AF:1E:3B:A5:10:24:66:A5:F7:96:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqXYQFPisMMTrx47pRAkZqX3lng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/8X1tbzFwYzhFn0lUkSsOxa0Evnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/e3fb7d-dd4b-4d85-b08e-591caf536ecc/1/IqXYQFPisMMTrx47pRAkZqX3lng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.174.0.0-137.174.223.255
147.123.36.0/22
155.204.64.0-155.204.87.255
155.204.96.0/21
Signature Algorithm: sha256WithRSAEncryption
64:36:9a:f4:cf:f2:55:7e:e5:84:47:27:22:ed:2a:48:50:e2:
8c:a5:ac:49:44:75:f8:2d:b1:ee:f9:3c:5d:da:5d:8c:2f:61:
6e:5a:20:15:bc:f6:7e:0a:4d:b1:6f:61:bd:66:7b:a7:cb:3d:
3b:4e:37:b7:cb:c3:bb:e5:ca:bb:c2:07:d7:98:7a:0b:1b:a3:
0a:5c:c2:6c:bc:8b:18:4f:1f:c2:e9:f9:67:fb:92:20:06:db:
7d:b4:5b:27:25:0f:c9:3b:f1:a8:4a:f7:82:0c:37:4d:ae:07:
0f:e1:d5:16:b1:94:63:3c:b2:7e:1d:32:42:08:bb:25:6f:40:
a6:50:34:37:d0:06:46:24:80:3d:86:9a:41:9d:a8:60:1b:54:
52:d3:03:6c:38:93:26:c5:1a:ad:d0:3e:93:76:36:ac:29:35:
cb:41:f3:7b:e2:57:63:a8:a2:f4:89:91:f2:38:ce:34:d0:68:
b2:15:22:2c:af:68:bd:49:7e:ef:d6:97:27:09:61:fd:55:08:
9b:67:b6:86:07:6d:1b:96:97:56:4b:7b:69:be:02:ea:44:a5:
38:fa:ad:c4:ed:d9:0e:be:20:ac:21:98:e8:03:2c:58:0e:e1:
bb:08:53:48:03:20:4e:04:35:14:5e:3f:38:2e:6d:39:fc:cb:
af:55:4c:c2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYrMuzu2O/FAdcydjfTQmpdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTVkODQwNTNlMmIwYzMxM2FmMWUzYmE1MTAyNDY2YTVm
Nzk2NzgwHhcNMjMwOTI1MTQyNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdkNmQ2ZjMxNzA2MzM4NDU5ZjQ5NTQ5MTJiMGVjNWFkMDRiZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdAtQRbMVF5T++zrm8j8Y7mfOuky
pJNfEoeDiwhC0YxiqDM7P1h2+ULIwaG7SAd30dbvZHZf1cdyo5ooutriCBFgNGX2
6Kje9uAtMkGpSzFVwfyrLlwA0wuJzmtqp4ObUEdV+nyBwXFsM4DVf+4dJARAKQfR
z1QW4lkiBRmOHZumiIcMT3flRv0b7MsVotFzWXzHIDONHrYV9ABkhhj50E97F+2/
4lvfrzjud8Onhc8BePSWc5mxlCYyv6ZGp88FntBTbSrNgzOFlLNEi/Con3vZXdW0
rdzNnOFgV5XUuFjrkOevP6LNvdlA5bezVIIFpnOC7snNjbk3eX2Ba8PvRwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPF9bW8xcGM4RZ9JVJErDsWtBL58MB8GA1UdIwQY
MBaAFCKl2EBT4rDDE68eO6UQJGal95Z4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUt
NTkxY2FmNTM2ZWNjLzEvOFgxdGJ6RndZemhGbjBsVWtTc094YTBFdm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9lM2ZiN2QtZGQ0Yi00ZDg1LWIwOGUtNTkxY2FmNTM2ZWNj
LzEvSXFYWVFGUGlzTU1Ucng0N3BSQWtacVgzbG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnMAsDAwGJrgME
BYmuwAMEApN7JDAMAwQGm8xAAwQDm8xQAwQDm8xgMA0GCSqGSIb3DQEBCwUAA4IB
AQBkNpr0z/JVfuWERyci7SpIUOKMpaxJRHX4LbHu+Txd2l2ML2FuWiAVvPZ+Ck2x
b2G9Znunyz07Tje3y8O75cq7wgfXmHoLG6MKXMJsvIsYTx/C6fln+5IgBtt9tFsn
JQ/JO/GoSveCDDdNrgcP4dUWsZRjPLJ+HTJCCLslb0CmUDQ30AZGJIA9hppBnahg
G1RS0wNsOJMmxRqt0D6TdjasKTXLQfN74ldjqKL0iZHyOM400GiyFSIsr2i9SX7v
1pcnCWH9VQibZ7aGB20blpdWS3tpvgLqRKU4+q3E7dkOviCsIZjoAyxYDuG7CFNI
AyBOBDUUXj84Lm05/MuvVUzC
-----END CERTIFICATE-----
Generated at Wed Nov 1 16:52:32 2023 by rpki-client on console-ams.rpki-client.org