Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/efbb05-8940-43cf-ad1d-28acc7f3193a/1/rHSobjkWHvLmSPJSAuxiq_3yp3A.roa
File: rHSobjkWHvLmSPJSAuxiq_3yp3A.roa (raw, json)
Hash identifier: Mk3Ld39IftnnYj+jCLyX+zlSKKL625K6w4FAxonuPMM=
Subject key identifier: AC:74:A8:6E:39:16:1E:F2:E6:48:F2:52:02:EC:62:AB:FD:F2:A7:70
Certificate issuer: /CN=178825286beec912d1988d08d2e277f518f3e4aa
Certificate serial: 018573F197D0E9B60152A34B3C6B0DA3D029
Authority key identifier: 17:88:25:28:6B:EE:C9:12:D1:98:8D:08:D2:E2:77:F5:18:F3:E4:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F4glKGvuyRLRmI0I0uJ39Rjz5Ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/efbb05-8940-43cf-ad1d-28acc7f3193a/1/rHSobjkWHvLmSPJSAuxiq_3yp3A.roa
Signing time: Mon 02 Jan 2023 19:24:50 +0000
ROA not before: Mon 02 Jan 2023 19:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8632
IP address blocks: 94.103.208.0/21 maxlen: 22
94.103.208.0/20 maxlen: 20
83.222.32.0/19 maxlen: 20
94.103.216.0/21 maxlen: 22
195.218.0.0/21 maxlen: 22
195.218.8.0/21 maxlen: 22
31.172.144.0/21 maxlen: 22
195.218.16.0/20 maxlen: 22
195.218.16.0/21 maxlen: 22
195.218.24.0/21 maxlen: 22
185.6.232.0/22 maxlen: 23
2a02:678::/32 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:f1:97:d0:e9:b6:01:52:a3:4b:3c:6b:0d:a3:d0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=178825286beec912d1988d08d2e277f518f3e4aa
Validity
Not Before: Jan 2 19:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac74a86e39161ef2e648f25202ec62abfdf2a770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fb:48:37:b0:09:94:82:e2:bf:90:b4:a2:53:
2a:8b:ff:c0:b6:3a:d9:15:d1:5e:5b:49:03:a5:47:
53:41:5b:11:a9:33:58:12:76:6b:70:06:8e:47:7a:
db:a3:47:01:49:77:7d:28:1b:67:ef:15:97:e0:f2:
26:91:40:43:4b:13:f8:dd:e0:e2:09:6a:1d:87:31:
39:cb:34:48:b8:95:6c:b6:d9:3a:19:b7:24:a1:e5:
1c:90:73:97:d9:69:e3:cb:15:27:33:3a:2e:1e:a1:
05:44:5f:93:2f:30:0c:22:70:29:33:6d:1b:25:81:
f1:a4:e5:ee:89:c5:9e:93:65:62:32:8a:21:f9:4e:
92:bd:fa:7f:55:e0:73:9d:d1:ad:a9:73:b4:2e:7d:
79:97:9f:b6:75:d9:bb:a3:03:b8:af:1b:e7:b3:8d:
a4:6f:7a:25:a9:38:30:d0:45:d5:19:ff:f3:a3:04:
49:f5:0f:bd:58:4e:05:92:4b:23:f4:21:7d:42:2e:
82:d1:cc:1f:ce:c4:31:ec:c4:da:5c:35:57:48:04:
c8:45:d6:73:df:b5:a5:9a:70:8c:e4:36:94:c3:d2:
8f:a0:32:3c:3d:31:e1:1c:43:2f:bf:00:8f:b7:aa:
3d:21:a3:24:f0:2a:89:3d:a5:09:6b:88:76:64:5a:
0f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:74:A8:6E:39:16:1E:F2:E6:48:F2:52:02:EC:62:AB:FD:F2:A7:70
X509v3 Authority Key Identifier:
keyid:17:88:25:28:6B:EE:C9:12:D1:98:8D:08:D2:E2:77:F5:18:F3:E4:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F4glKGvuyRLRmI0I0uJ39Rjz5Ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/efbb05-8940-43cf-ad1d-28acc7f3193a/1/rHSobjkWHvLmSPJSAuxiq_3yp3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/efbb05-8940-43cf-ad1d-28acc7f3193a/1/F4glKGvuyRLRmI0I0uJ39Rjz5Ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.144.0/21
83.222.32.0/19
94.103.208.0/20
185.6.232.0/22
195.218.0.0/19
IPv6:
2a02:678::/32
Signature Algorithm: sha256WithRSAEncryption
1c:8a:34:7d:82:66:9d:3c:28:d8:9d:30:33:dc:81:42:78:33:
35:cc:b0:05:8e:b8:a8:6c:37:35:91:5e:1a:29:c2:7c:51:cb:
23:e7:41:37:77:12:56:8c:21:0d:03:87:53:81:c5:3f:8d:d5:
d4:6b:4d:b1:ff:2c:dc:e6:36:de:84:a4:4e:50:e5:94:65:02:
e5:07:b5:42:7c:b3:3b:0d:73:11:dd:e2:a0:10:b2:45:4a:e9:
ce:20:66:a2:c1:a7:06:f2:24:8d:d2:fd:0b:30:19:3c:8d:64:
c0:e1:de:22:54:41:c5:19:cb:81:27:04:9d:01:dc:e8:7f:01:
ea:65:6e:ee:02:bc:00:ea:af:fd:3d:f2:59:4c:6f:c5:09:3e:
09:4e:c0:8f:6e:61:79:6d:b1:d4:f0:ce:49:f2:3f:a3:81:71:
8f:a3:bd:ce:6b:93:fb:1a:60:f8:53:0e:17:a3:53:1b:d3:21:
69:65:27:36:6a:e1:ba:22:0a:c4:84:78:7e:48:db:b6:13:cf:
b4:c4:5f:ba:27:cc:c0:a3:18:03:ce:80:10:53:14:98:1a:4f:
45:2e:5e:73:9f:73:e1:34:47:71:ca:ea:d5:2a:cf:1f:62:87:
79:a6:ae:4b:59:34:fd:73:52:b5:53:f1:77:94:5a:dc:2b:bb:
ea:fe:38:22
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVz8ZfQ6bYBUqNLPGsNo9ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ODgyNTI4NmJlZWM5MTJkMTk4OGQwOGQyZTI3N2Y1MThm
M2U0YWEwHhcNMjMwMTAyMTkyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc0YTg2ZTM5MTYxZWYyZTY0OGYyNTIwMmVjNjJhYmZkZjJhNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvtIN7AJlILiv5C0olMqi//AtjrZ
FdFeW0kDpUdTQVsRqTNYEnZrcAaOR3rbo0cBSXd9KBtn7xWX4PImkUBDSxP43eDi
CWodhzE5yzRIuJVsttk6GbckoeUckHOX2WnjyxUnMzouHqEFRF+TLzAMInApM20b
JYHxpOXuicWek2ViMooh+U6Svfp/VeBzndGtqXO0Ln15l5+2ddm7owO4rxvns42k
b3olqTgw0EXVGf/zowRJ9Q+9WE4Fkksj9CF9Qi6C0cwfzsQx7MTaXDVXSATIRdZz
37WlmnCM5DaUw9KPoDI8PTHhHEMvvwCPt6o9IaMk8CqJPaUJa4h2ZFoPMQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKx0qG45Fh7y5kjyUgLsYqv98qdwMB8GA1UdIwQY
MBaAFBeIJShr7skS0ZiNCNLid/UY8+SqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjRnbEtHdnV5UkxSbUkwSTB1SjM5Ump6NUtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lZmJiMDUtODk0MC00M2NmLWFkMWQt
MjhhY2M3ZjMxOTNhLzEvckhTb2Jqa1dIdkxtU1BKU0F1eGlxXzN5cDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lZmJiMDUtODk0MC00M2NmLWFkMWQtMjhhY2M3ZjMxOTNh
LzEvRjRnbEtHdnV5UkxSbUkwSTB1SjM5Ump6NUtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDH6yQAwQF
U94gAwQEXmfQAwQCuQboAwQFw9oAMA0EAgACMAcDBQAqAgZ4MA0GCSqGSIb3DQEB
CwUAA4IBAQAcijR9gmadPCjYnTAz3IFCeDM1zLAFjriobDc1kV4aKcJ8Ucsj50E3
dxJWjCENA4dTgcU/jdXUa02x/yzc5jbehKROUOWUZQLlB7VCfLM7DXMR3eKgELJF
SunOIGaiwacG8iSN0v0LMBk8jWTA4d4iVEHFGcuBJwSdAdzofwHqZW7uArwA6q/9
PfJZTG/FCT4JTsCPbmF5bbHU8M5J8j+jgXGPo73Oa5P7GmD4Uw4Xo1Mb0yFpZSc2
auG6IgrEhHh+SNu2E8+0xF+6J8zAoxgDzoAQUxSYGk9FLl5zn3PhNEdxyurVKs8f
Yod5pq5LWTT9c1K1U/F3lFrcK7vq/jgi
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:47 2024 by rpki-client on console-ams.rpki-client.org