Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1PKd4ZPnDEwS9bh4vQmQcXZvhaE.roa
File: 1PKd4ZPnDEwS9bh4vQmQcXZvhaE.roa (raw, json)
Hash identifier: hVNSOHbTU+CKrGPKl9OeszdDsxQu0umDgXSONv/YvxU=
Subject key identifier: D4:F2:9D:E1:93:E7:0C:4C:12:F5:B8:78:BD:09:90:71:76:6F:85:A1
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018595CF7F3AD0A0A59E2435FAFF6B017B1F
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1PKd4ZPnDEwS9bh4vQmQcXZvhaE.roa
Signing time: Mon 09 Jan 2023 09:14:41 +0000
ROA not before: Mon 09 Jan 2023 09:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 176.223.114.0/24 maxlen: 24
93.174.162.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.248.139.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
89.39.7.0/24 maxlen: 24
89.39.6.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
89.42.133.0/24 maxlen: 24
188.241.73.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
31.14.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:cf:7f:3a:d0:a0:a5:9e:24:35:fa:ff:6b:01:7b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 9 09:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4f29de193e70c4c12f5b878bd099071766f85a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:16:2d:80:e9:d9:a9:d2:08:d0:34:40:d7:19:
57:86:18:20:9e:a0:a8:5f:0a:d8:94:d8:c7:c4:27:
04:14:4b:a2:27:4d:71:26:8a:c5:9b:20:b7:30:a5:
82:34:37:48:77:c8:cb:9a:0d:41:44:31:16:70:b8:
b2:eb:1a:ce:cc:c0:d4:c1:29:e1:e7:02:3a:f6:66:
a8:16:72:80:b3:17:25:78:d6:6e:7d:ca:6a:d0:b4:
12:46:96:52:e5:a2:88:4b:47:60:aa:3e:46:7e:bb:
0b:b5:85:ff:72:4d:3f:92:b3:16:6d:bf:6c:14:d3:
fa:75:4b:fb:42:82:ca:17:ff:a8:66:be:bd:43:20:
e1:6e:1f:8b:32:1a:75:33:e2:20:0f:ca:54:6e:a2:
55:5e:5f:a2:b2:2c:e1:6c:fc:2e:27:a8:0e:af:64:
3c:f4:e9:dd:09:d4:84:8a:84:3a:68:be:55:c9:81:
ef:c1:84:57:28:20:c3:bb:ed:c5:76:14:93:9f:bd:
7e:52:5f:d6:87:3c:63:43:70:cc:b7:f2:95:75:28:
bc:69:fd:60:eb:ed:3b:b9:6d:38:68:e9:ba:f6:41:
13:7b:74:21:f7:5d:83:f7:56:39:c7:a5:4d:22:a2:
5a:fb:66:15:db:8e:dc:24:83:4f:d6:d6:6c:29:1f:
f1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F2:9D:E1:93:E7:0C:4C:12:F5:B8:78:BD:09:90:71:76:6F:85:A1
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/1PKd4ZPnDEwS9bh4vQmQcXZvhaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.39.6.0/23
89.42.133.0/24
92.114.2.0/23
93.174.160.0/24
93.174.162.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
185.248.139.0/24
188.240.0.0/24
188.241.73.0-188.241.75.255
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:85:f3:03:c0:fe:e5:b8:83:e5:f1:f4:57:19:12:9a:8b:e6:
05:34:96:b2:45:27:91:9c:11:6b:bf:dc:b9:61:13:1b:07:c3:
d5:0f:35:3a:8b:9f:4e:56:9c:87:61:08:78:de:8e:28:d8:53:
ab:81:21:e1:35:cb:28:09:c7:2a:e0:f4:90:93:5c:44:fb:83:
de:8a:57:d8:8c:45:2b:3c:63:8a:95:a8:a0:15:8d:6f:95:cd:
48:6a:2d:d4:97:d6:23:ba:4a:f1:57:c9:21:b5:cc:74:6b:6d:
b9:07:14:8a:2f:c0:9f:8c:2b:74:82:84:ac:49:79:11:56:6a:
65:ce:bc:b3:17:3f:4f:75:de:07:f5:73:d8:58:61:ce:f0:e9:
d6:a6:36:25:0e:69:01:d3:2b:96:57:e9:ae:d5:ec:47:80:e1:
69:1a:10:99:a7:d0:9d:a4:97:bb:61:8f:8d:88:1e:5c:d5:7d:
9b:15:1e:08:24:d5:ac:03:2b:8c:c6:cb:4f:c7:ee:81:53:6f:
be:f9:82:2c:5c:7a:83:6b:00:34:7b:07:69:eb:80:dd:e9:ce:
43:ac:b6:0d:8f:73:8d:5e:d8:ec:a2:97:54:a0:a2:2d:93:cf:
c5:a0:74:7a:56:f7:3b:52:62:c0:e6:f8:7e:69:46:e0:e6:de:
d5:75:ed:f2
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYWVz3860KClniQ1+v9rAXsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTA5MDkxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGYyOWRlMTkzZTcwYzRjMTJmNWI4NzhiZDA5OTA3MTc2NmY4NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBYtgOnZqdII0DRA1xlXhhggnqCo
XwrYlNjHxCcEFEuiJ01xJorFmyC3MKWCNDdId8jLmg1BRDEWcLiy6xrOzMDUwSnh
5wI69maoFnKAsxcleNZufcpq0LQSRpZS5aKIS0dgqj5GfrsLtYX/ck0/krMWbb9s
FNP6dUv7QoLKF/+oZr69QyDhbh+LMhp1M+IgD8pUbqJVXl+isizhbPwuJ6gOr2Q8
9OndCdSEioQ6aL5VyYHvwYRXKCDDu+3FdhSTn71+Ul/WhzxjQ3DMt/KVdSi8af1g
6+07uW04aOm69kETe3Qh912D91Y5x6VNIqJa+2YV247cJINP1tZsKR/xIwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNTyneGT5wxMEvW4eL0JkHF2b4WhMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvMVBLZDRaUG5ERXdTOWJoNHZRbVFjWFp2aGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAf
DhUDBAAtDu4DBAAtQyQDBAEtQyYDBAEtUhwDBABU9xcDBAFZJwYDBABZKoUDBAFc
cgIDBABdrqADBABdrqIDBABdrqcDBACw33IwDAMEA7ncuAMEALncugMEALn4iwME
ALzwADAMAwQAvPFJAwQCvPFIAwQAwRCQAwQBwcg+MA0GCSqGSIb3DQEBCwUAA4IB
AQC6hfMDwP7luIPl8fRXGRKai+YFNJayRSeRnBFrv9y5YRMbB8PVDzU6i59OVpyH
YQh43o4o2FOrgSHhNcsoCccq4PSQk1xE+4PeilfYjEUrPGOKlaigFY1vlc1Iai3U
l9YjukrxV8khtcx0a225BxSKL8CfjCt0goSsSXkRVmplzryzFz9Pdd4H9XPYWGHO
8OnWpjYlDmkB0yuWV+mu1exHgOFpGhCZp9CdpJe7YY+NiB5c1X2bFR4IJNWsAyuM
xstPx+6BU2+++YIsXHqDawA0ewdp64Dd6c5DrLYNj3ONXtjsopdUoKItk8/FoHR6
Vvc7UmLA5vh+aUbg5t7Vde3y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-fra.rpki-client.org