Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/xuKofuHTVt-WRC8x_YMLtQhSFNs.roa
File: xuKofuHTVt-WRC8x_YMLtQhSFNs.roa (raw, json)
Hash identifier: D05D1F3iWGpP+gE8gc2Qia5BeYYiU8mVzgHgJ5Hzt9Y=
Subject key identifier: C6:E2:A8:7E:E1:D3:56:DF:96:44:2F:31:FD:83:0B:B5:08:52:14:DB
Certificate issuer: /CN=f563da6eb3b7a07fdc4525883004970d640b036b
Certificate serial: 01856C6EEF2B2AEE5B270ED8CDED68D8D6F9
Authority key identifier: F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/xuKofuHTVt-WRC8x_YMLtQhSFNs.roa
Signing time: Sun 01 Jan 2023 08:24:47 +0000
ROA not before: Sun 01 Jan 2023 08:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6661
IP address blocks: 213.166.32.0/19 maxlen: 24
107.183.0.0/17 maxlen: 24
213.135.224.0/19 maxlen: 24
88.207.128.0/17 maxlen: 24
146.0.216.0/21 maxlen: 24
78.141.128.0/18 maxlen: 24
185.32.236.0/22 maxlen: 24
37.157.152.0/21 maxlen: 24
194.154.192.0/19 maxlen: 24
87.240.192.0/18 maxlen: 24
178.254.64.0/18 maxlen: 24
146.0.212.0/22 maxlen: 24
188.115.0.0/18 maxlen: 24
83.99.0.0/17 maxlen: 24
146.0.128.0/18 maxlen: 24
195.46.224.0/19 maxlen: 24
2a00:ca60::/32 maxlen: 48
2001:7e8::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:ef:2b:2a:ee:5b:27:0e:d8:cd:ed:68:d8:d6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f563da6eb3b7a07fdc4525883004970d640b036b
Validity
Not Before: Jan 1 08:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6e2a87ee1d356df96442f31fd830bb5085214db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5c:54:33:7c:a6:d5:39:e4:e7:bc:98:84:a5:
67:f5:0d:fe:12:04:d5:2e:e5:33:4a:b9:0f:6f:b6:
3d:59:e7:42:b9:69:d6:df:56:c5:41:fd:3f:a2:bf:
c3:36:78:7f:58:b6:cf:9b:b6:53:07:9f:ef:0f:26:
b0:70:ec:7e:55:d4:34:cc:a3:0e:11:af:30:9a:29:
44:bc:a2:90:7c:24:f2:56:dd:e8:c9:f1:45:20:95:
8d:4c:f9:f4:1e:da:e1:fb:11:e4:d0:c5:60:d0:f6:
65:00:1f:51:5e:f6:67:ff:38:5e:e3:47:e4:70:e4:
1b:12:da:5d:5a:be:cd:b7:bb:c4:a2:37:6f:51:b3:
28:57:c7:f0:76:c5:85:44:77:ab:6e:6c:f4:1e:f5:
68:c4:f2:ba:1c:bb:8a:53:73:80:0e:e3:ba:b9:9b:
19:2d:9a:e4:92:0a:f4:cc:44:30:20:0e:0b:97:df:
7b:a0:26:14:33:5b:a8:31:6f:2a:bf:bc:7c:97:c0:
e6:65:57:31:01:8d:ce:71:0a:13:b9:62:6a:48:53:
5b:1d:ae:6b:95:1d:a6:a7:1d:75:a5:a2:cd:42:87:
cc:e8:7d:9d:2c:b4:75:8d:3a:89:dd:6b:64:37:ba:
ff:3c:4a:61:91:fb:f9:25:59:7a:f2:dc:4e:b6:89:
4f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E2:A8:7E:E1:D3:56:DF:96:44:2F:31:FD:83:0B:B5:08:52:14:DB
X509v3 Authority Key Identifier:
keyid:F5:63:DA:6E:B3:B7:A0:7F:DC:45:25:88:30:04:97:0D:64:0B:03:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WPabrO3oH_cRSWIMASXDWQLA2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/xuKofuHTVt-WRC8x_YMLtQhSFNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/63564f-aca1-463d-be1e-e5520aa7ba37/1/9WPabrO3oH_cRSWIMASXDWQLA2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.152.0/21
78.141.128.0/18
83.99.0.0/17
87.240.192.0/18
88.207.128.0/17
107.183.0.0/17
146.0.128.0/18
146.0.212.0-146.0.223.255
178.254.64.0/18
185.32.236.0/22
188.115.0.0/18
194.154.192.0/19
195.46.224.0/19
213.135.224.0/19
213.166.32.0/19
IPv6:
2001:7e8::/32
2a00:ca60::/32
Signature Algorithm: sha256WithRSAEncryption
b0:c6:9e:d3:f6:b1:68:0b:2e:fa:b3:9c:6d:49:99:d7:fe:61:
65:52:fe:05:6f:05:71:5d:70:12:13:ba:52:10:e7:b4:a9:1e:
46:75:f0:80:94:6f:68:33:23:d9:11:f3:78:ec:a6:d5:89:3c:
c4:a1:fc:2f:6e:82:7a:ba:54:71:56:9b:d1:0f:3e:f4:fb:8d:
37:6f:f2:07:c2:4c:0e:63:f2:5f:cb:20:ce:63:b0:27:10:e6:
7b:ae:a4:69:ab:8c:63:92:3d:92:5f:8f:9c:95:f8:cb:2c:d1:
98:73:f9:d9:55:f1:8f:58:a7:cb:db:00:18:d6:28:3d:91:58:
19:a9:2a:7a:ed:3d:3d:e2:fc:21:aa:96:a5:c1:87:38:ee:56:
17:4c:b9:5d:3b:49:98:29:ea:7b:6d:05:74:50:b8:cf:9d:68:
c0:f8:05:cb:d6:f0:94:5a:ab:f8:b9:0c:22:34:e4:a1:c3:c1:
bb:61:1f:cf:89:8e:08:86:52:c9:d4:2c:09:44:1e:d2:31:c8:
ff:00:0a:a9:0f:9c:b5:d5:cf:ec:6a:b4:cf:a0:fd:ef:55:19:
5a:b0:4d:fb:b1:91:07:7c:68:82:48:99:d8:78:26:b9:41:d5:
8a:97:fb:53:8f:df:a3:aa:cf:88:26:15:1f:4e:9f:9a:71:f2:
a1:79:9e:84
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYVsbu8rKu5bJw7Yze1o2Nb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NjNkYTZlYjNiN2EwN2ZkYzQ1MjU4ODMwMDQ5NzBkNjQw
YjAzNmIwHhcNMjMwMTAxMDgyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmUyYTg3ZWUxZDM1NmRmOTY0NDJmMzFmZDgzMGJiNTA4NTIxNGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFxUM3ym1Tnk57yYhKVn9Q3+EgTV
LuUzSrkPb7Y9WedCuWnW31bFQf0/or/DNnh/WLbPm7ZTB5/vDyawcOx+VdQ0zKMO
Ea8wmilEvKKQfCTyVt3oyfFFIJWNTPn0Htrh+xHk0MVg0PZlAB9RXvZn/zhe40fk
cOQbEtpdWr7Nt7vEojdvUbMoV8fwdsWFRHerbmz0HvVoxPK6HLuKU3OADuO6uZsZ
LZrkkgr0zEQwIA4Ll997oCYUM1uoMW8qv7x8l8DmZVcxAY3OcQoTuWJqSFNbHa5r
lR2mpx11paLNQofM6H2dLLR1jTqJ3WtkN7r/PEphkfv5JVl68txOtolP0QIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFMbiqH7h01bflkQvMf2DC7UIUhTbMB8GA1UdIwQY
MBaAFPVj2m6zt6B/3EUliDAElw1kCwNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUt
ZTU1MjBhYTdiYTM3LzEveHVLb2Z1SFRWdC1XUkM4eF9ZTUx0UWhTRk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy82MzU2NGYtYWNhMS00NjNkLWJlMWUtZTU1MjBhYTdiYTM3
LzEvOVdQYWJyTzNvSF9jUlNXSU1BU1hEV1FMQTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBoBAIAATBiAwQDJZ2Y
AwQGTo2AAwQHU2MAAwQGV/DAAwQHWM+AAwQHa7cAAwQGkgCAMAwDBAKSANQDBAWS
AMADBAay/kADBAK5IOwDBAa8cwADBAXCmsADBAXDLuADBAXVh+ADBAXVpiAwFAQC
AAIwDgMFACABB+gDBQAqAMpgMA0GCSqGSIb3DQEBCwUAA4IBAQCwxp7T9rFoCy76
s5xtSZnX/mFlUv4FbwVxXXASE7pSEOe0qR5GdfCAlG9oMyPZEfN47KbViTzEofwv
boJ6ulRxVpvRDz70+403b/IHwkwOY/JfyyDOY7AnEOZ7rqRpq4xjkj2SX4+clfjL
LNGYc/nZVfGPWKfL2wAY1ig9kVgZqSp67T094vwhqpalwYc47lYXTLldO0mYKep7
bQV0ULjPnWjA+AXL1vCUWqv4uQwiNOShw8G7YR/PiY4IhlLJ1CwJRB7SMcj/AAqp
D5y11c/sarTPoP3vVRlasE37sZEHfGiCSJnYeCa5QdWKl/tTj9+jqs+IJhUfTp+a
cfKheZ6E
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:46 2024 by rpki-client on console-ams.rpki-client.org