Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/lWgBjofo4ZX1tZ_1etWbETxJyiY.roa
File: lWgBjofo4ZX1tZ_1etWbETxJyiY.roa (raw, json)
Hash identifier: xRoJ+NHh1FmHZgXBeWp2VqbCtheHR1kcq8Rk7Rb3rB0=
Subject key identifier: 95:68:01:8E:87:E8:E1:95:F5:B5:9F:F5:7A:D5:9B:11:3C:49:CA:26
Certificate issuer: /CN=19b800c39126db3ca4e0d56910f0ad379257e4a0
Certificate serial: 01856FF96FA1CF12B2524EC3611B4352D8EA
Authority key identifier: 19:B8:00:C3:91:26:DB:3C:A4:E0:D5:69:10:F0:AD:37:92:57:E4:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbgAw5Em2zyk4NVpEPCtN5JX5KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/lWgBjofo4ZX1tZ_1etWbETxJyiY.roa
Signing time: Mon 02 Jan 2023 00:54:56 +0000
ROA not before: Mon 02 Jan 2023 00:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 185.117.68.0/22 maxlen: 24
195.80.52.0/22 maxlen: 24
94.16.64.0/19 maxlen: 24
92.119.8.0/22 maxlen: 24
185.189.140.0/22 maxlen: 24
5.182.236.0/22 maxlen: 24
185.238.252.0/22 maxlen: 24
212.232.80.0/20 maxlen: 24
45.14.188.0/22 maxlen: 24
85.132.192.0/19 maxlen: 24
213.188.96.0/19 maxlen: 24
45.131.36.0/22 maxlen: 24
149.249.128.0/19 maxlen: 24
45.136.168.0/22 maxlen: 24
213.157.0.0/19 maxlen: 24
95.131.96.0/21 maxlen: 24
134.101.16.0/20 maxlen: 24
45.10.60.0/22 maxlen: 24
45.143.76.0/22 maxlen: 24
185.9.28.0/22 maxlen: 24
45.128.180.0/22 maxlen: 24
94.46.64.0/19 maxlen: 24
46.243.80.0/21 maxlen: 24
45.93.108.0/22 maxlen: 24
185.194.64.0/22 maxlen: 24
2a02:b98::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:6f:a1:cf:12:b2:52:4e:c3:61:1b:43:52:d8:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19b800c39126db3ca4e0d56910f0ad379257e4a0
Validity
Not Before: Jan 2 00:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9568018e87e8e195f5b59ff57ad59b113c49ca26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:51:fb:11:5c:12:8d:86:b0:ef:c5:4c:c3:98:
3e:cb:c0:85:53:58:7b:72:33:7c:6f:7e:be:1c:37:
34:09:a2:ce:24:17:fc:70:1b:b4:50:56:59:3c:48:
02:52:a8:4e:95:16:b9:61:26:5e:82:3f:11:e4:e5:
bd:ee:06:29:c2:b4:75:a6:e4:5a:44:51:78:9c:43:
30:ed:35:98:74:7f:5d:df:2e:83:10:5c:59:68:11:
46:2a:a0:b6:ef:d2:f7:48:e8:f7:51:66:8d:b4:9e:
d9:9c:c4:32:c6:a0:22:64:1c:13:2a:22:1f:d5:d8:
11:01:45:1e:53:eb:07:fc:9b:66:f5:9f:9c:27:69:
d1:e4:c6:05:36:da:9b:0d:e9:27:1d:60:51:ab:fb:
e3:36:c8:e8:ac:bd:5d:fb:72:e0:cd:fc:a2:1e:bd:
6a:dd:77:ac:39:eb:e7:c9:38:dc:d5:dd:f5:0b:e9:
40:5c:4e:9d:b2:cc:59:57:23:3d:72:59:7f:1d:5f:
74:be:80:74:c8:e4:b1:0b:e7:ed:82:fe:a6:68:8f:
f7:b4:cb:d4:9c:dd:58:29:86:fa:35:8c:ea:44:5c:
ec:c1:46:00:1d:47:f8:20:7b:00:03:42:0f:a0:06:
78:d2:25:d4:2e:3f:52:95:e9:e5:b6:cf:02:dd:a5:
a8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:68:01:8E:87:E8:E1:95:F5:B5:9F:F5:7A:D5:9B:11:3C:49:CA:26
X509v3 Authority Key Identifier:
keyid:19:B8:00:C3:91:26:DB:3C:A4:E0:D5:69:10:F0:AD:37:92:57:E4:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbgAw5Em2zyk4NVpEPCtN5JX5KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/lWgBjofo4ZX1tZ_1etWbETxJyiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/84b489-8b6f-459d-9a31-f18ad9f4cc34/1/GbgAw5Em2zyk4NVpEPCtN5JX5KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.236.0/22
45.10.60.0/22
45.14.188.0/22
45.93.108.0/22
45.128.180.0/22
45.131.36.0/22
45.136.168.0/22
45.143.76.0/22
46.243.80.0/21
85.132.192.0/19
92.119.8.0/22
94.16.64.0/19
94.46.64.0/19
95.131.96.0/21
134.101.16.0/20
149.249.128.0/19
185.9.28.0/22
185.117.68.0/22
185.189.140.0/22
185.194.64.0/22
185.238.252.0/22
195.80.52.0/22
212.232.80.0/20
213.157.0.0/19
213.188.96.0/19
IPv6:
2a02:b98::/32
Signature Algorithm: sha256WithRSAEncryption
51:72:a4:d1:87:a1:01:75:32:62:eb:57:f4:ab:53:02:83:16:
35:cd:12:28:44:08:38:e6:04:bb:76:29:1a:6a:48:be:67:08:
23:d5:b5:b0:21:d2:ca:65:06:32:51:0b:22:99:3d:5f:fa:84:
48:2d:85:5f:2d:d7:20:5d:0e:04:c3:8e:41:92:01:7f:7a:7b:
0a:5d:08:80:94:e1:5d:f6:0e:79:33:c1:e2:e5:f9:9c:f7:96:
92:a3:15:be:84:74:70:38:fa:47:d8:12:dd:e9:fe:f3:5c:6e:
89:c1:f6:cb:50:b9:c3:ee:9b:d8:1b:22:99:f1:9a:5e:de:1f:
7f:08:a7:09:a9:f0:e6:cd:54:39:bd:4b:4a:9d:21:9e:2d:4a:
c0:2c:75:d6:9f:8c:a7:7d:9c:86:e0:4c:15:7e:88:46:05:73:
45:b1:5f:0e:af:8c:46:f1:9f:2c:9e:c3:7e:78:b3:28:91:b3:
dd:38:43:e5:c8:62:21:a1:8d:9a:67:5e:81:0f:1b:de:51:d3:
b1:7c:40:ce:a2:31:6b:a3:8f:5f:fe:f6:13:ed:69:85:02:b7:
62:60:72:12:15:33:dd:04:f2:85:c9:c1:c3:9d:df:be:a0:fa:
b4:a0:83:c0:59:85:1e:bb:fa:b6:cb:75:c9:dd:9e:4f:b5:b5:
55:e9:b9:e3
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYVv+W+hzxKyUk7DYRtDUtjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjgwMGMzOTEyNmRiM2NhNGUwZDU2OTEwZjBhZDM3OTI1
N2U0YTAwHhcNMjMwMTAyMDA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY4MDE4ZTg3ZThlMTk1ZjViNTlmZjU3YWQ1OWIxMTNjNDljYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFH7EVwSjYaw78VMw5g+y8CFU1h7
cjN8b36+HDc0CaLOJBf8cBu0UFZZPEgCUqhOlRa5YSZegj8R5OW97gYpwrR1puRa
RFF4nEMw7TWYdH9d3y6DEFxZaBFGKqC279L3SOj3UWaNtJ7ZnMQyxqAiZBwTKiIf
1dgRAUUeU+sH/Jtm9Z+cJ2nR5MYFNtqbDeknHWBRq/vjNsjorL1d+3LgzfyiHr1q
3XesOevnyTjc1d31C+lAXE6dssxZVyM9cll/HV90voB0yOSxC+ftgv6maI/3tMvU
nN1YKYb6NYzqRFzswUYAHUf4IHsAA0IPoAZ40iXULj9Slenlts8C3aWoDQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFJVoAY6H6OGV9bWf9XrVmxE8ScomMB8GA1UdIwQY
MBaAFBm4AMORJts8pODVaRDwrTeSV+SgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JnQXc1RW0yenlrNE5WcEVQQ3RONUpYNUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS84NGI0ODktOGI2Zi00NTlkLTlhMzEt
ZjE4YWQ5ZjRjYzM0LzEvbFdnQmpvZm80WlgxdFpfMWV0V2JFVHhKeWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS84NGI0ODktOGI2Zi00NTlkLTlhMzEtZjE4YWQ5ZjRjYzM0
LzEvR2JnQXc1RW0yenlrNE5WcEVQQ3RONUpYNUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAIF
tuwDBAItCjwDBAItDrwDBAItXWwDBAItgLQDBAItgyQDBAItiKgDBAItj0wDBAMu
81ADBAVVhMADBAJcdwgDBAVeEEADBAVeLkADBANfg2ADBASGZRADBAWV+YADBAK5
CRwDBAK5dUQDBAK5vYwDBAK5wkADBAK57vwDBALDUDQDBATU6FADBAXVnQADBAXV
vGAwDQQCAAIwBwMFACoCC5gwDQYJKoZIhvcNAQELBQADggEBAFFypNGHoQF1MmLr
V/SrUwKDFjXNEihECDjmBLt2KRpqSL5nCCPVtbAh0splBjJRCyKZPV/6hEgthV8t
1yBdDgTDjkGSAX96ewpdCICU4V32DnkzweLl+Zz3lpKjFb6EdHA4+kfYEt3p/vNc
bonB9stQucPum9gbIpnxml7eH38Ipwmp8ObNVDm9S0qdIZ4tSsAsddafjKd9nIbg
TBV+iEYFc0WxXw6vjEbxnyyew354syiRs904Q+XIYiGhjZpnXoEPG95R07F8QM6i
MWujj1/+9hPtaYUCt2JgchIVM90E8oXJwcOd376g+rSgg8BZhR67+rbLdcndnk+1
tVXpueM=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:55 2024 by rpki-client on console-ams.rpki-client.org