Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/A0yncqikeY4_FfLEmRG9mHLLZ3k.roa
File: A0yncqikeY4_FfLEmRG9mHLLZ3k.roa (raw, json)
Hash identifier: lYTuAq5hqzPYw3/fxjH3rmsMszFTASBSR+rl4vwCxDo=
Subject key identifier: 03:4C:A7:72:A8:A4:79:8E:3F:15:F2:C4:99:11:BD:98:72:CB:67:79
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018573F191359B0FF962D9B26B227168309C
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/A0yncqikeY4_FfLEmRG9mHLLZ3k.roa
Signing time: Mon 02 Jan 2023 19:24:49 +0000
ROA not before: Mon 02 Jan 2023 19:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12578
IP address blocks: 185.38.56.0/22 maxlen: 22
46.109.0.0/16 maxlen: 16
195.122.28.0/24 maxlen: 24
195.122.29.0/24 maxlen: 24
81.198.0.0/16 maxlen: 16
78.84.0.0/16 maxlen: 16
195.114.32.0/19 maxlen: 19
81.198.95.0/24 maxlen: 24
194.8.16.0/21 maxlen: 21
194.8.24.0/22 maxlen: 22
195.13.201.0/24 maxlen: 24
80.232.150.13/32 maxlen: 32
80.232.195.0/24 maxlen: 24
84.237.128.0/17 maxlen: 17
195.13.128.0/17 maxlen: 17
80.232.128.0/17 maxlen: 17
80.232.150.0/24 maxlen: 24
80.232.147.0/24 maxlen: 24
95.68.0.0/17 maxlen: 17
87.246.144.0/20 maxlen: 20
195.2.96.0/19 maxlen: 19
195.122.0.0/19 maxlen: 19
87.246.160.0/19 maxlen: 19
62.85.0.0/17 maxlen: 17
195.13.228.0/24 maxlen: 24
195.13.253.0/24 maxlen: 24
195.13.249.0/24 maxlen: 24
87.110.0.0/16 maxlen: 16
91.105.0.0/17 maxlen: 17
2a02:2330::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:f1:91:35:9b:0f:f9:62:d9:b2:6b:22:71:68:30:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Jan 2 19:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=034ca772a8a4798e3f15f2c49911bd9872cb6779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7e:87:3f:13:09:16:c0:de:b0:d8:c7:ac:9c:
03:ca:c7:28:0d:bf:91:35:24:1e:84:12:75:48:4b:
96:e7:ff:2c:28:41:11:a2:24:19:d2:b4:bd:1b:ba:
3d:6b:ea:df:e9:7c:c1:52:bb:81:d8:a8:e8:40:f8:
d2:5e:80:f9:34:9a:82:8a:5e:59:b4:8e:eb:19:52:
87:97:2a:6b:9e:4d:4f:d4:c5:91:c7:b7:74:04:d6:
79:3d:a4:c0:0d:9c:b0:c1:57:3c:b2:e7:c9:11:b7:
83:e7:f8:df:c8:04:aa:f1:38:fd:93:94:6b:66:27:
b3:d1:9f:fb:d8:ba:52:ff:54:cd:65:a6:d7:16:be:
30:8d:74:24:40:54:58:9a:21:63:2e:49:21:df:72:
cc:b3:45:4d:44:dd:03:fd:69:b2:84:2c:24:88:33:
bf:7c:58:d0:34:ad:94:a6:5a:69:ce:f5:1f:98:2a:
4a:1e:85:26:90:a1:18:6e:44:e2:49:a4:a5:43:be:
0f:12:24:5c:68:0f:a4:e7:16:3c:81:24:02:7e:10:
6f:c8:b6:02:6a:ae:11:a3:9e:b5:03:e8:3a:07:0d:
5d:c5:07:09:29:75:4b:5f:3e:47:2e:30:2c:b3:57:
a0:b5:5d:a1:a9:8c:ab:ac:c4:a4:bf:ed:00:20:72:
b8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4C:A7:72:A8:A4:79:8E:3F:15:F2:C4:99:11:BD:98:72:CB:67:79
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/A0yncqikeY4_FfLEmRG9mHLLZ3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.109.0.0/16
62.85.0.0/17
78.84.0.0/16
80.232.128.0/17
81.198.0.0/16
84.237.128.0/17
87.110.0.0/16
87.246.144.0-87.246.191.255
91.105.0.0/17
95.68.0.0/17
185.38.56.0/22
194.8.16.0-194.8.27.255
195.2.96.0/19
195.13.128.0/17
195.114.32.0/19
195.122.0.0/19
IPv6:
2a02:2330::/29
Signature Algorithm: sha256WithRSAEncryption
05:fb:42:8a:48:d7:c8:e3:70:2e:63:be:73:f0:36:2d:dc:6f:
66:79:39:95:6d:b1:f2:33:b7:f8:8d:be:ef:6f:50:8a:7e:cf:
81:82:f8:c5:4a:c8:c4:2c:a3:ca:49:0d:6c:b7:26:ea:13:d2:
ff:b6:96:83:2d:6f:0d:ee:8f:f6:27:f3:19:db:7a:5a:c4:68:
92:11:1b:3d:24:c1:f5:c0:9b:68:3f:73:87:ee:ac:33:bf:50:
07:df:23:84:55:b8:24:44:f1:51:46:86:16:47:95:a9:30:b7:
fc:38:d4:ba:05:ec:22:ed:e4:f8:23:cb:ce:91:f2:48:5e:e3:
fc:bb:6a:49:fb:03:7b:7a:b3:01:0d:a8:d6:3e:a4:5f:f0:20:
76:84:ea:d8:b8:97:b0:be:b0:66:8f:65:3f:a8:0a:fc:be:21:
12:90:39:3e:39:5b:7d:3c:6d:6f:44:2d:0a:2e:95:ee:d3:3e:
4a:bc:f6:2f:2e:9d:ea:33:a0:ca:61:ef:ae:3c:03:9e:6b:cd:
fc:db:e9:8e:91:4e:1a:dd:b8:8b:87:2f:8c:cd:fb:63:2c:2c:
04:ce:d2:48:e9:f9:ef:1e:9c:19:ec:af:95:bf:3a:a4:40:2f:
54:6d:40:da:81:99:d5:b1:76:09:02:03:c0:77:4d:46:fb:1b:
de:d9:e2:e6
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYVz8ZE1mw/5YtmyayJxaDCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMwMTAyMTkyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRjYTc3MmE4YTQ3OThlM2YxNWYyYzQ5OTExYmQ5ODcyY2I2Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnn6HPxMJFsDesNjHrJwDyscoDb+R
NSQehBJ1SEuW5/8sKEERoiQZ0rS9G7o9a+rf6XzBUruB2KjoQPjSXoD5NJqCil5Z
tI7rGVKHlyprnk1P1MWRx7d0BNZ5PaTADZywwVc8sufJEbeD5/jfyASq8Tj9k5Rr
Ziez0Z/72LpS/1TNZabXFr4wjXQkQFRYmiFjLkkh33LMs0VNRN0D/WmyhCwkiDO/
fFjQNK2UplppzvUfmCpKHoUmkKEYbkTiSaSlQ74PEiRcaA+k5xY8gSQCfhBvyLYC
aq4Ro561A+g6Bw1dxQcJKXVLXz5HLjAss1egtV2hqYyrrMSkv+0AIHK4ywIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFANMp3KopHmOPxXyxJkRvZhyy2d5MB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvQTB5bmNxaWtlWTRfRmZMRW1SRzltSExMWjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwMALm0D
BAc+VQADAwBOVAMEB1DogAMDAFHGAwQHVO2AAwMAV24wDAMEBFf2kAMEBlf2gAME
B1tpAAMEB19EAAMEArkmODAMAwQEwggQAwQCwggYAwQFwwJgAwQHww2AAwQFw3Ig
AwQFw3oAMA0EAgACMAcDBQMqAiMwMA0GCSqGSIb3DQEBCwUAA4IBAQAF+0KKSNfI
43AuY75z8DYt3G9meTmVbbHyM7f4jb7vb1CKfs+BgvjFSsjELKPKSQ1stybqE9L/
tpaDLW8N7o/2J/MZ23paxGiSERs9JMH1wJtoP3OH7qwzv1AH3yOEVbgkRPFRRoYW
R5WpMLf8ONS6Bewi7eT4I8vOkfJIXuP8u2pJ+wN7erMBDajWPqRf8CB2hOrYuJew
vrBmj2U/qAr8viESkDk+OVt9PG1vRC0KLpXu0z5KvPYvLp3qM6DKYe+uPAOea838
2+mOkU4a3biLhy+MzftjLCwEztJI6fnvHpwZ7K+VvzqkQC9UbUDagZnVsXYJAgPA
d01G+xve2eLm
-----END CERTIFICATE-----
Generated at Wed Aug 30 08:51:39 2023 by rpki-client on console-ams.rpki-client.org