Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/lWz1ixz331Hb8levKlny3PputEg.roa
File: lWz1ixz331Hb8levKlny3PputEg.roa (raw, json)
Hash identifier: 24NuMMwgjxTcXLZLsXbHZ+hsDQRVQb7uPn0NozWa5Ys=
Subject key identifier: 95:6C:F5:8B:1C:F7:DF:51:DB:F2:57:AF:2A:59:F2:DC:FA:6E:B4:48
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018C021E9B958C6EC23E1AD9F8DBA6D93D26
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/lWz1ixz331Hb8levKlny3PputEg.roa
Signing time: Fri 24 Nov 2023 16:16:49 +0000
ROA not before: Fri 24 Nov 2023 16:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.27.0/24 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.26.0/24 maxlen: 24
178.253.44.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:1e:9b:95:8c:6e:c2:3e:1a:d9:f8:db:a6:d9:3d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 24 16:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956cf58b1cf7df51dbf257af2a59f2dcfa6eb448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:44:d7:65:51:34:98:c6:54:4e:e1:bc:eb:
33:75:6d:ad:8c:86:4e:ae:e7:ae:c4:ce:91:0b:04:
a7:3a:0a:32:41:e2:bc:65:97:ed:be:59:43:19:30:
79:89:78:35:4f:64:61:1b:16:83:19:ff:60:5d:72:
0c:9a:48:41:7f:49:7f:28:fa:3e:7e:af:ea:21:c9:
8b:04:78:80:56:7f:4e:46:0a:77:74:6c:ce:fe:65:
74:73:e0:af:6b:3c:11:58:e2:99:56:17:51:9c:c5:
7d:69:59:c5:47:4a:d8:de:b5:2e:57:b5:f3:3a:90:
5f:67:a0:f7:d6:73:ed:bf:e5:8a:c0:69:57:e8:01:
8e:53:e8:14:76:2c:ab:49:4e:e7:e6:ae:81:b4:d3:
65:fc:3a:19:4a:c3:4d:c5:20:48:b0:c0:e1:e6:ff:
d1:76:7e:03:93:07:ac:40:8d:dc:65:9e:a8:de:e4:
28:30:51:8e:b4:ba:39:99:38:b0:65:70:e4:1d:f7:
d3:0a:76:5d:60:1a:65:d0:ae:69:12:de:e8:2b:91:
d7:52:ca:02:0a:ba:26:c0:5c:ab:c9:ee:68:5c:5f:
60:e1:dd:00:36:37:7c:76:2f:fc:cc:24:fe:47:41:
a9:c8:8b:ce:8d:11:b1:d0:db:f9:c7:a9:c8:a5:00:
7b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6C:F5:8B:1C:F7:DF:51:DB:F2:57:AF:2A:59:F2:DC:FA:6E:B4:48
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/lWz1ixz331Hb8levKlny3PputEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.160.0-94.241.165.255
178.253.26.0/23
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:de:55:56:86:ea:56:84:42:8b:2b:95:be:26:69:7d:0b:ab:
ed:6a:c7:bc:48:d2:d6:bd:9e:bb:11:ba:9b:72:3a:c2:5e:7e:
d2:9b:ca:dc:20:cc:f9:bf:4d:de:ba:fb:6d:2d:83:6b:2f:64:
cb:29:5a:b8:28:50:0d:ef:37:52:e1:32:fe:ec:e0:d1:06:fd:
13:4f:bd:52:79:d3:26:66:14:27:e1:6c:49:95:87:71:c7:6f:
ef:ee:17:5a:de:8f:73:2d:32:26:c3:88:4e:db:0b:7e:74:80:
d2:78:30:2b:e3:43:61:52:25:46:d0:26:d8:ec:83:66:1c:23:
6d:95:02:9c:9e:b3:54:ed:e4:2f:18:33:ba:f6:fa:6f:4d:84:
fc:5f:57:79:70:91:f8:0c:78:bc:bf:23:d4:54:6b:ce:85:76:
41:80:fc:eb:93:bb:8e:d0:eb:df:9e:a4:59:ae:c5:a3:4e:c7:
a2:b7:d3:24:cd:3f:9c:54:f3:e1:a9:b8:d5:89:a4:dd:5b:d8:
41:11:f2:02:0c:44:45:83:70:f4:50:5a:9e:6e:42:e8:9c:fa:
b1:f0:06:ca:bb:f3:87:68:c9:87:2d:0a:6c:44:8c:b4:60:b4:
e2:d3:8b:f9:38:b8:fb:bc:97:a9:c4:d6:5b:b9:38:99:61:73:
97:59:f7:08
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYwCHpuVjG7CPhrZ+Num2T0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTI0MTYxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZjZjU4YjFjZjdkZjUxZGJmMjU3YWYyYTU5ZjJkY2ZhNmViNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL9E12VRNJjGVE7hvOszdW2tjIZO
rueuxM6RCwSnOgoyQeK8ZZftvllDGTB5iXg1T2RhGxaDGf9gXXIMmkhBf0l/KPo+
fq/qIcmLBHiAVn9ORgp3dGzO/mV0c+CvazwRWOKZVhdRnMV9aVnFR0rY3rUuV7Xz
OpBfZ6D31nPtv+WKwGlX6AGOU+gUdiyrSU7n5q6BtNNl/DoZSsNNxSBIsMDh5v/R
dn4DkwesQI3cZZ6o3uQoMFGOtLo5mTiwZXDkHffTCnZdYBpl0K5pEt7oK5HXUsoC
CromwFyrye5oXF9g4d0ANjd8di/8zCT+R0GpyIvOjRGx0Nv5x6nIpQB7SwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJVs9Ysc999R2/JXrypZ8tz6brRIMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbFd6MWl4ejMzMUhiOGxldktsbnkzUHB1dEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCU5PoAwQC
U5P8AwQCW7rMAwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/RoDBAGy/SwwDQYJKoZI
hvcNAQELBQADggEBAI/eVVaG6laEQosrlb4maX0Lq+1qx7xI0ta9nrsRuptyOsJe
ftKbytwgzPm/Td66+20tg2svZMspWrgoUA3vN1LhMv7s4NEG/RNPvVJ50yZmFCfh
bEmVh3HHb+/uF1rej3MtMibDiE7bC350gNJ4MCvjQ2FSJUbQJtjsg2YcI22VApye
s1Tt5C8YM7r2+m9NhPxfV3lwkfgMeLy/I9RUa86FdkGA/OuTu47Q69+epFmuxaNO
x6K30yTNP5xU8+GpuNWJpN1b2EER8gIMREWDcPRQWp5uQuic+rHwBsq784doyYct
CmxEjLRgtOLTi/k4uPu8l6nE1lu5OJlhc5dZ9wg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:28 2024 by rpki-client on console-fra.rpki-client.org