Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/cexRAPKPr8mB52kVKsnAmjyjkDQ.roa
File: cexRAPKPr8mB52kVKsnAmjyjkDQ.roa (raw, json)
Hash identifier: BZkyk3e4ARWlUU8TKiql22i5ydaGpLSwFY8F3Bx/oBE=
Subject key identifier: 71:EC:51:00:F2:8F:AF:C9:81:E7:69:15:2A:C9:C0:9A:3C:A3:90:34
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018585E1BCB95CA9B5897D2B0139CD081E16
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/cexRAPKPr8mB52kVKsnAmjyjkDQ.roa
Signing time: Fri 06 Jan 2023 07:00:41 +0000
ROA not before: Fri 06 Jan 2023 07:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 176.223.114.0/24 maxlen: 24
93.174.162.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.248.139.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
89.39.7.0/24 maxlen: 24
89.39.6.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
188.241.73.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
31.14.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:85:e1:bc:b9:5c:a9:b5:89:7d:2b:01:39:cd:08:1e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 6 07:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71ec5100f28fafc981e769152ac9c09a3ca39034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a7:92:3e:f1:bd:17:8e:28:77:93:a6:d5:76:
a3:75:3e:1c:c5:d4:71:45:a8:db:39:78:92:da:5a:
e9:ba:54:c0:4c:f8:64:20:a3:11:99:80:53:34:02:
6d:72:05:74:b8:1d:c3:27:c2:b6:39:1c:95:c3:d4:
15:53:dc:c6:ab:54:43:6a:45:12:0e:d5:ae:2f:da:
d3:3d:8c:32:5c:f7:42:93:11:f7:c4:db:17:d0:61:
b8:2c:c3:31:8b:a1:d5:1d:6d:8d:62:1c:ea:17:dc:
e1:3b:3d:63:35:9b:ca:a0:4a:9c:92:f0:57:03:fc:
78:f8:af:2e:a4:5e:a6:f8:12:8b:0d:46:37:89:3f:
88:0b:6f:8b:93:a2:d0:04:26:67:9a:45:86:e8:af:
96:1f:da:0b:b3:a8:61:0a:fa:32:89:28:39:76:54:
36:4e:89:be:3b:8b:f6:fc:84:91:71:bb:75:90:32:
9c:41:1f:64:5b:a1:fe:bc:37:5d:ad:de:cb:2e:91:
75:c6:59:fe:19:a6:64:63:2a:88:b0:72:4e:5f:22:
22:cf:3e:fe:0c:da:b2:6b:f5:55:2d:08:89:5b:d2:
b1:1e:7f:8b:2d:c7:e6:73:94:e4:d8:41:e9:5c:fc:
5a:bb:52:bf:d6:dd:1f:84:af:fb:2a:66:cc:90:c9:
15:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EC:51:00:F2:8F:AF:C9:81:E7:69:15:2A:C9:C0:9A:3C:A3:90:34
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/cexRAPKPr8mB52kVKsnAmjyjkDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.39.6.0/23
92.114.2.0/23
93.174.160.0/24
93.174.162.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
185.248.139.0/24
188.240.0.0/24
188.241.73.0-188.241.75.255
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
98:e3:54:c1:6f:86:6e:ab:f6:21:5f:ec:61:ff:6e:a2:11:f6:
28:2c:4f:62:f4:31:d0:5e:5d:29:a5:33:0c:0e:ee:85:86:7e:
04:1d:3e:64:d1:72:df:11:ed:00:44:40:68:1f:31:63:6b:9d:
74:43:b1:ae:99:00:5b:87:f9:2f:5d:0b:a5:b1:0c:40:4a:9a:
b5:ed:29:0a:f5:fc:12:14:3d:32:fc:16:a9:4e:ab:89:15:fd:
20:06:78:d2:b4:5f:eb:0d:f4:50:59:08:86:e6:29:5b:1d:a8:
0b:e7:51:74:f7:fc:46:12:a5:d5:a1:65:16:82:97:fa:82:d7:
6a:e0:af:c5:86:06:49:2e:14:71:09:f5:e2:a1:0b:4d:c4:c5:
f2:a0:c5:6d:1a:f9:b0:5b:97:54:19:a3:ef:67:f9:e9:05:03:
b3:4d:84:28:53:bf:e0:1c:09:7e:8a:bd:f1:37:a4:3e:ed:c3:
6c:22:27:bf:64:d1:1e:e4:68:6a:e3:ed:8f:8f:a1:59:69:15:
c1:9f:00:90:62:31:51:bc:a1:93:84:8f:62:b3:d2:ef:8b:79:
e1:74:52:be:14:43:51:13:d8:8e:6c:98:60:3a:b2:96:c1:bb:
bb:79:57:ff:36:17:40:2b:c0:5d:f3:13:6d:c6:1c:34:05:db:
ac:1a:34:6a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYWF4by5XKm1iX0rATnNCB4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTA2MDcwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWVjNTEwMGYyOGZhZmM5ODFlNzY5MTUyYWM5YzA5YTNjYTM5MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKeSPvG9F44od5Om1XajdT4cxdRx
RajbOXiS2lrpulTATPhkIKMRmYBTNAJtcgV0uB3DJ8K2ORyVw9QVU9zGq1RDakUS
DtWuL9rTPYwyXPdCkxH3xNsX0GG4LMMxi6HVHW2NYhzqF9zhOz1jNZvKoEqckvBX
A/x4+K8upF6m+BKLDUY3iT+IC2+Lk6LQBCZnmkWG6K+WH9oLs6hhCvoyiSg5dlQ2
Tom+O4v2/ISRcbt1kDKcQR9kW6H+vDddrd7LLpF1xln+GaZkYyqIsHJOXyIizz7+
DNqya/VVLQiJW9KxHn+LLcfmc5Tk2EHpXPxau1K/1t0fhK/7KmbMkMkVxwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFHHsUQDyj6/JgedpFSrJwJo8o5A0MB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvY2V4UkFQS1ByOG1CNTJrVktzbkFtanlqa0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAB8O
FQMEAC0O7gMEAC1DJAMEAS1DJgMEAS1SHAMEAFT3FwMEAVknBgMEAVxyAgMEAF2u
oAMEAF2uogMEAF2upwMEALDfcjAMAwQDudy4AwQAudy6AwQAufiLAwQAvPAAMAwD
BAC88UkDBAK88UgDBADBEJADBAHByD4wDQYJKoZIhvcNAQELBQADggEBAJjjVMFv
hm6r9iFf7GH/bqIR9igsT2L0MdBeXSmlMwwO7oWGfgQdPmTRct8R7QBEQGgfMWNr
nXRDsa6ZAFuH+S9dC6WxDEBKmrXtKQr1/BIUPTL8FqlOq4kV/SAGeNK0X+sN9FBZ
CIbmKVsdqAvnUXT3/EYSpdWhZRaCl/qC12rgr8WGBkkuFHEJ9eKhC03ExfKgxW0a
+bBbl1QZo+9n+ekFA7NNhChTv+AcCX6KvfE3pD7tw2wiJ79k0R7kaGrj7Y+PoVlp
FcGfAJBiMVG8oZOEj2Kz0u+LeeF0Ur4UQ1ET2I5smGA6spbBu7t5V/82F0ArwF3z
E23GHDQF26waNGo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-fra.rpki-client.org