Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/do_e9c9wPxvmALBrD_MOu09FtNU.roa
File: do_e9c9wPxvmALBrD_MOu09FtNU.roa (raw, json)
Hash identifier: XEnx+2/82ANlX/4qs4bhCmVqhZdoVfu9YLH/F7edln8=
Subject key identifier: 76:8F:DE:F5:CF:70:3F:1B:E6:00:B0:6B:0F:F3:0E:BB:4F:45:B4:D5
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018C3B66512909386E7622F6AFE48D2193A8
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/do_e9c9wPxvmALBrD_MOu09FtNU.roa
Signing time: Tue 05 Dec 2023 19:13:30 +0000
ROA not before: Tue 05 Dec 2023 19:13:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 176.223.114.0/24 maxlen: 24
93.174.162.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.248.139.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
45.14.236.0/24 maxlen: 24
89.39.7.0/24 maxlen: 24
89.39.6.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
89.34.101.0/24 maxlen: 24
89.42.133.0/24 maxlen: 24
188.241.73.0/24 maxlen: 24
188.241.72.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
31.14.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:66:51:29:09:38:6e:76:22:f6:af:e4:8d:21:93:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Dec 5 19:13:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=768fdef5cf703f1be600b06b0ff30ebb4f45b4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:17:66:5a:7c:1c:63:24:99:c0:8c:36:3c:32:
6f:fa:41:7f:21:86:15:22:ad:32:7b:81:0f:e9:c8:
65:6a:de:37:ae:ca:0a:e7:96:38:6d:91:0e:24:b7:
cd:fb:e1:ad:de:9c:67:e7:9b:b1:c6:1c:22:4c:ff:
4f:00:bc:74:73:80:72:ce:c7:f1:d5:ba:4c:a0:36:
f3:c2:43:2a:36:6d:06:bc:a7:99:0b:2a:7c:cb:57:
12:ea:b2:ea:c8:7e:ec:44:97:44:3a:15:f8:12:5f:
83:80:65:70:b9:c0:a7:b7:4e:33:64:ea:5e:07:91:
06:72:c1:97:a3:d6:a1:6c:be:a8:ab:e5:2b:ef:e0:
d1:90:ab:6b:38:6f:81:c5:46:52:e5:cc:62:34:3e:
d2:aa:b6:39:c1:34:10:ca:81:6a:40:ee:67:06:0e:
3c:1b:4f:ba:d7:e0:57:ee:31:b2:bd:d3:b1:de:18:
fa:96:8c:85:ba:2d:c0:e5:68:8f:33:73:74:25:11:
d3:29:57:b6:98:fc:d2:27:5f:be:5b:b8:47:93:3f:
01:d0:57:32:4a:b0:36:7a:f3:2a:25:fc:39:9e:42:
d3:b2:8e:82:16:b9:95:20:df:b0:ca:f5:2a:e2:95:
6e:b9:70:3f:2e:33:a2:f5:ad:8a:99:65:46:53:2b:
18:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8F:DE:F5:CF:70:3F:1B:E6:00:B0:6B:0F:F3:0E:BB:4F:45:B4:D5
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/do_e9c9wPxvmALBrD_MOu09FtNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.236.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.34.101.0/24
89.39.6.0/23
89.42.133.0/24
92.114.2.0/23
93.174.160.0/24
93.174.162.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
185.248.139.0/24
188.240.0.0/24
188.241.72.0/22
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:6c:b4:1e:8b:4e:f5:b7:8f:1a:5f:8d:43:cb:b5:92:dc:44:
91:4b:2b:c5:ef:86:5f:5a:bb:21:14:57:b6:ae:b4:b3:04:75:
83:db:4f:e0:08:b3:11:33:70:16:5f:ef:de:7b:7b:6c:84:c2:
77:ef:ff:e5:36:7d:83:d9:89:a5:c1:7a:96:1d:55:fb:95:5f:
92:20:b2:f1:e8:b5:73:0a:08:27:d9:7c:b6:ed:e6:c2:ec:39:
22:b3:62:f2:a5:2e:da:27:68:76:25:20:36:4c:2f:ed:fa:99:
98:c6:c6:27:b4:de:ea:39:1d:92:c1:f5:a9:1a:a5:43:26:b4:
32:d4:f6:1e:46:37:3d:1c:47:cd:1a:1f:77:ea:70:5f:44:3f:
1b:65:a9:dc:f5:e5:a9:e2:e3:16:6c:fe:36:b6:c9:2f:8e:f7:
87:94:97:52:2f:17:e0:34:74:e4:f5:f1:b0:4c:41:fb:63:69:
b2:cb:49:3e:26:de:48:66:0f:80:0b:df:87:43:f2:6f:0d:fd:
00:73:2a:91:f3:f6:cd:59:48:54:91:94:ca:f0:97:fa:86:5c:
47:05:78:d0:22:fb:6b:ab:3b:c3:1a:5a:39:fa:34:d3:04:58:
15:10:b9:1e:61:ef:76:9c:b5:ce:9a:af:29:c7:66:f9:04:5b:
ef:16:f8:e4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYw7ZlEpCThudiL2r+SNIZOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMxMjA1MTkxMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhmZGVmNWNmNzAzZjFiZTYwMGIwNmIwZmYzMGViYjRmNDViNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBdmWnwcYySZwIw2PDJv+kF/IYYV
Iq0ye4EP6chlat43rsoK55Y4bZEOJLfN++Gt3pxn55uxxhwiTP9PALx0c4Byzsfx
1bpMoDbzwkMqNm0GvKeZCyp8y1cS6rLqyH7sRJdEOhX4El+DgGVwucCnt04zZOpe
B5EGcsGXo9ahbL6oq+Ur7+DRkKtrOG+BxUZS5cxiND7SqrY5wTQQyoFqQO5nBg48
G0+61+BX7jGyvdOx3hj6loyFui3A5WiPM3N0JRHTKVe2mPzSJ1++W7hHkz8B0Fcy
SrA2evMqJfw5nkLTso6CFrmVIN+wyvUq4pVuuXA/LjOi9a2KmWVGUysYCwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFHaP3vXPcD8b5gCwaw/zDrtPRbTVMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvZG9fZTljOXdQeHZtQUxCckRfTU91MDlGdE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAf
DhUDBAAtDuwDBAAtDu4DBAAtQyQDBAEtQyYDBAEtUhwDBABU9xcDBABZImUDBAFZ
JwYDBABZKoUDBAFccgIDBABdrqADBABdrqIDBABdrqcDBACw33IwDAMEA7ncuAME
ALncugMEALn4iwMEALzwAAMEArzxSAMEAMEQkAMEAcHIPjANBgkqhkiG9w0BAQsF
AAOCAQEATmy0HotO9bePGl+NQ8u1ktxEkUsrxe+GX1q7IRRXtq60swR1g9tP4Aiz
ETNwFl/v3nt7bITCd+//5TZ9g9mJpcF6lh1V+5VfkiCy8ei1cwoIJ9l8tu3mwuw5
IrNi8qUu2idodiUgNkwv7fqZmMbGJ7Te6jkdksH1qRqlQya0MtT2HkY3PRxHzRof
d+pwX0Q/G2Wp3PXlqeLjFmz+NrbJL473h5SXUi8X4DR05PXxsExB+2NpsstJPibe
SGYPgAvfh0Pybw39AHMqkfP2zVlIVJGUyvCX+oZcRwV40CL7a6s7wxpaOfo00wRY
FRC5HmHvdpy1zpqvKcdm+QRb7xb45A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:28 2024 by rpki-client on console-fra.rpki-client.org