Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/yWr63hoZc8RvXpk70yPqV9R9VL0.roa
File: yWr63hoZc8RvXpk70yPqV9R9VL0.roa (raw, json)
Hash identifier: ub28QI+4IAnknftr6IYzn1WC0XTYXRR73n2fCYk6E9Q=
Subject key identifier: C9:6A:FA:DE:1A:19:73:C4:6F:5E:99:3B:D3:23:EA:57:D4:7D:54:BD
Certificate issuer: /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial: 018721DBD1D85AB894FD29ADD031B6CD588B
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/yWr63hoZc8RvXpk70yPqV9R9VL0.roa
Signing time: Mon 27 Mar 2023 06:57:46 +0000
ROA not before: Mon 27 Mar 2023 06:57:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15547
IP address blocks: 81.88.176.0/21 maxlen: 21
81.88.176.0/20 maxlen: 20
213.230.56.0/21 maxlen: 21
213.230.52.0/22 maxlen: 22
92.240.96.0/19 maxlen: 19
185.17.176.0/22 maxlen: 22
31.31.48.0/20 maxlen: 20
213.221.128.0/19 maxlen: 19
195.162.160.0/22 maxlen: 22
195.162.164.0/23 maxlen: 23
185.44.196.0/22 maxlen: 22
195.162.167.0/24 maxlen: 24
195.162.168.0/21 maxlen: 21
195.162.176.0/20 maxlen: 20
178.237.80.0/20 maxlen: 20
95.215.60.0/22 maxlen: 22
185.55.216.0/22 maxlen: 22
194.12.16.0/20 maxlen: 20
86.111.128.0/20 maxlen: 20
185.50.220.0/22 maxlen: 22
92.62.176.0/20 maxlen: 20
192.162.24.0/22 maxlen: 22
81.13.128.0/17 maxlen: 17
78.155.0.0/19 maxlen: 19
77.242.160.0/20 maxlen: 20
178.157.84.0/22 maxlen: 22
188.239.160.0/20 maxlen: 20
213.238.0.0/19 maxlen: 19
185.17.108.0/22 maxlen: 22
217.79.192.0/20 maxlen: 20
2a03:4380::/32 maxlen: 32
2a02:26a0::/29 maxlen: 29
2001:14a8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:db:d1:d8:5a:b8:94:fd:29:ad:d0:31:b6:cd:58:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Validity
Not Before: Mar 27 06:57:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c96afade1a1973c46f5e993bd323ea57d47d54bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b8:5e:cf:89:2e:11:d4:c5:9d:f2:66:a0:a4:
75:f4:1d:b2:87:22:35:14:b2:b2:16:bf:02:41:97:
56:4c:bf:0c:08:d3:38:2b:6c:e3:8f:f4:99:32:84:
c9:ed:31:33:57:72:a9:0e:95:2d:49:8d:b4:72:18:
38:b5:08:3f:0d:59:d7:b5:ef:1f:fa:f5:fa:3d:eb:
72:bd:50:da:15:99:c9:21:1e:bd:1c:94:b4:21:6d:
3e:74:c5:fd:87:bc:e3:ef:d4:e0:de:ed:da:75:c6:
08:28:45:63:64:7e:f2:bb:39:dd:ec:78:f8:77:2a:
cb:a1:98:1b:fb:6f:0b:13:6f:0a:33:21:d4:58:95:
9e:70:c2:77:bc:ef:0e:96:e7:be:32:d3:f7:ec:1f:
20:8a:1f:e8:a0:a8:28:14:4a:e8:3d:84:56:e5:0f:
65:d3:59:ec:b5:f3:f8:d3:15:df:35:81:da:a7:e7:
79:64:46:5f:2a:ae:fd:0f:27:96:2e:07:56:cb:eb:
92:30:8d:f5:6c:a3:8e:36:fb:0e:9f:25:38:4a:c3:
9e:48:b3:c4:44:bd:2d:36:9b:9d:60:a1:b0:f0:cb:
92:56:40:57:49:74:d4:fb:09:54:99:53:7b:d1:55:
07:4f:70:3a:00:ae:e0:fb:ca:dd:73:fe:1e:cd:3b:
c8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:6A:FA:DE:1A:19:73:C4:6F:5E:99:3B:D3:23:EA:57:D4:7D:54:BD
X509v3 Authority Key Identifier:
keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/yWr63hoZc8RvXpk70yPqV9R9VL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.48.0/20
77.242.160.0/20
78.155.0.0/19
81.13.128.0/17
81.88.176.0/20
86.111.128.0/20
92.62.176.0/20
92.240.96.0/19
95.215.60.0/22
178.157.84.0/22
178.237.80.0/20
185.17.108.0/22
185.17.176.0/22
185.44.196.0/22
185.50.220.0/22
185.55.216.0/22
188.239.160.0/20
192.162.24.0/22
194.12.16.0/20
195.162.160.0-195.162.165.255
195.162.167.0-195.162.191.255
213.221.128.0/19
213.230.52.0-213.230.63.255
213.238.0.0/19
217.79.192.0/20
IPv6:
2001:14a8::/32
2a02:26a0::/29
2a03:4380::/32
Signature Algorithm: sha256WithRSAEncryption
37:2f:9b:08:bb:97:73:08:0f:61:2c:ea:61:20:83:ef:0a:a4:
9b:cc:1b:83:71:82:ce:ce:43:07:c7:34:66:ee:a8:50:db:18:
2b:2a:4b:9d:64:8d:a2:b2:cc:29:88:4a:ea:1a:4e:bf:0b:ad:
47:f8:1f:25:10:1f:32:b0:06:75:73:92:70:05:32:14:52:5c:
e0:ff:5e:a2:f4:b3:bb:c8:a2:83:3e:f6:49:07:6b:b8:d7:2e:
0a:ab:dc:41:5d:25:cf:39:41:4a:18:06:3d:1c:e6:10:49:3f:
c8:80:8a:a4:d8:ec:49:7f:6b:06:20:7e:48:3c:60:18:e2:7c:
d3:9a:36:dc:23:d9:6b:a6:c2:32:24:59:e8:ec:89:ae:b8:f9:
21:28:a8:1b:8f:ac:da:d7:42:4a:9d:dd:aa:22:4d:fb:2a:27:
0d:77:a9:b8:a4:8c:a5:19:a0:39:1f:75:dd:62:17:ca:1e:09:
47:e5:c5:07:26:1e:55:e8:b3:65:5d:3b:c5:0b:74:eb:44:53:
95:47:26:da:d9:c8:ac:8c:ce:5e:ae:b6:8d:f3:7c:c7:a7:a2:
5f:93:ea:7e:2f:10:8f:c1:49:32:81:6b:9e:8d:2e:9f:56:c6:
c7:59:41:7c:91:af:95:2b:cb:7e:34:f4:f5:d3:43:37:90:82:
ef:6c:92:67
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYch29HYWriU/Smt0DG2zViLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjMwMzI3MDY1NzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTZhZmFkZTFhMTk3M2M0NmY1ZTk5M2JkMzIzZWE1N2Q0N2Q1NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrhez4kuEdTFnfJmoKR19B2yhyI1
FLKyFr8CQZdWTL8MCNM4K2zjj/SZMoTJ7TEzV3KpDpUtSY20chg4tQg/DVnXte8f
+vX6PetyvVDaFZnJIR69HJS0IW0+dMX9h7zj79Tg3u3adcYIKEVjZH7yuznd7Hj4
dyrLoZgb+28LE28KMyHUWJWecMJ3vO8Olue+MtP37B8gih/ooKgoFEroPYRW5Q9l
01nstfP40xXfNYHap+d5ZEZfKq79DyeWLgdWy+uSMI31bKOONvsOnyU4SsOeSLPE
RL0tNpudYKGw8MuSVkBXSXTU+wlUmVN70VUHT3A6AK7g+8rdc/4ezTvIbwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFMlq+t4aGXPEb16ZO9Mj6lfUfVS9MB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEveVdyNjNob1pjOFJ2WHBrNzB5UHFWOVI5VkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBtQQCAAEwga4DBAQf
HzADBARN8qADBAVOmwADBAdRDYADBARRWLADBARWb4ADBARcPrADBAVc8GADBAJf
1zwDBAKynVQDBASy7VADBAK5EWwDBAK5EbADBAK5LMQDBAK5MtwDBAK5N9gDBAS8
76ADBALAohgDBATCDBAwDAMEBcOioAMEAcOipDAMAwQAw6KnAwQGw6KAAwQF1d2A
MAwDBALV5jQDBAbV5gADBAXV7gADBATZT8AwGwQCAAIwFQMFACABFKgDBQMqAiag
AwUAKgNDgDANBgkqhkiG9w0BAQsFAAOCAQEANy+bCLuXcwgPYSzqYSCD7wqkm8wb
g3GCzs5DB8c0Zu6oUNsYKypLnWSNorLMKYhK6hpOvwutR/gfJRAfMrAGdXOScAUy
FFJc4P9eovSzu8iigz72SQdruNcuCqvcQV0lzzlBShgGPRzmEEk/yICKpNjsSX9r
BiB+SDxgGOJ805o23CPZa6bCMiRZ6OyJrrj5ISioG4+s2tdCSp3dqiJN+yonDXep
uKSMpRmgOR913WIXyh4JR+XFByYeVeizZV07xQt060RTlUcm2tnIrIzOXq62jfN8
x6eiX5Pqfi8Qj8FJMoFrno0un1bGx1lBfJGvlSvLfjT09dNDN5CC72ySZw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:37 2024 by rpki-client on console-ams.rpki-client.org