Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/vAlHJUok_oKQojZtDB1rwhPKzCU.roa
File: vAlHJUok_oKQojZtDB1rwhPKzCU.roa (raw, json)
Hash identifier: WPv4XtV/YFG1xS7pbo3bM9dLrvnSZBBVwksYiSruoDI=
Subject key identifier: BC:09:47:25:4A:24:FE:82:90:A2:36:6D:0C:1D:6B:C2:13:CA:CC:25
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018988CA9AC82FD51E47DB04E58551C706C5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/vAlHJUok_oKQojZtDB1rwhPKzCU.roa
Signing time: Mon 24 Jul 2023 16:45:26 +0000
ROA not before: Mon 24 Jul 2023 16:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200740
IP address blocks: 94.142.136.0/23 maxlen: 23
94.142.137.0/24 maxlen: 24
94.142.136.0/24 maxlen: 24
185.103.252.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.103.253.0/24 maxlen: 24
185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
185.233.80.0/23 maxlen: 23
185.233.82.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.40.7.0/24 maxlen: 24
194.36.178.0/23 maxlen: 23
185.233.202.0/23 maxlen: 23
185.232.170.0/23 maxlen: 23
185.94.164.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.94.164.0/23 maxlen: 23
185.94.165.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.10.0/23 maxlen: 23
95.214.10.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a0d:2cc4::/31 maxlen: 31
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
2a04:5201:4::/48 maxlen: 48
2a0d:2cc2::/31 maxlen: 31
2a04:5201:6::/48 maxlen: 48
2a0d:2cc0::/31 maxlen: 31
2a0d:2cc6::/31 maxlen: 31
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:ca:9a:c8:2f:d5:1e:47:db:04:e5:85:51:c7:06:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 24 16:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc0947254a24fe8290a2366d0c1d6bc213cacc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:58:48:41:4e:80:cb:a8:8d:85:da:49:2b:f5:
29:08:d0:aa:b2:68:56:08:e9:fd:23:53:a4:68:b1:
8c:87:d9:f6:06:b7:06:e4:a6:d7:af:97:94:a5:ca:
5e:61:96:82:78:93:07:d1:1d:33:5d:66:ee:63:ed:
6e:ae:92:7a:27:8a:95:1a:3f:4d:e7:7e:b2:81:11:
5d:30:de:df:73:1c:27:b0:b9:98:f3:fb:36:e4:bc:
2e:e7:5c:e1:ba:67:be:9c:92:c4:af:a7:9e:39:29:
5f:e7:ef:99:08:b1:17:eb:22:5d:19:6c:21:ab:09:
d4:57:43:79:fe:94:c0:29:5b:7a:bd:51:f4:43:c4:
fb:f4:0e:f3:4f:6d:0b:44:5f:58:ae:22:d3:e9:5e:
18:fe:98:e7:33:7f:bf:b0:43:1a:e8:01:23:3d:80:
56:20:00:9e:27:5c:ba:39:8b:77:ab:87:d7:99:2e:
d2:77:44:52:4c:01:a0:cd:d3:6f:f8:2d:95:8b:b3:
a6:13:27:48:46:51:e0:7d:2c:1e:b9:35:4c:76:43:
08:33:2b:fc:6a:53:74:03:b8:88:4b:e2:f1:8d:88:
83:ea:b0:f5:d2:2e:36:06:d9:71:78:64:6b:9a:a1:
f5:fc:c9:e0:f9:ca:44:9b:39:91:4e:8e:d7:0e:14:
5f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:09:47:25:4A:24:FE:82:90:A2:36:6D:0C:1D:6B:C2:13:CA:CC:25
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/vAlHJUok_oKQojZtDB1rwhPKzCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
94.142.136.0/23
95.214.9.0-95.214.11.255
185.40.7.0/24
185.94.164.0/23
185.102.136.0/24
185.103.252.0/22
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.232.170.0/23
185.233.80.0-185.233.82.255
185.233.202.0/23
185.252.144.0/24
194.36.178.0/23
194.67.201.0/24
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
2a0d:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
2e:73:99:9f:ac:9e:aa:3d:01:5d:fd:2b:61:f8:1d:62:19:11:
50:32:b4:e0:b8:0f:c8:03:43:d3:35:0e:96:ec:8a:26:16:da:
64:2f:08:72:a2:ee:09:80:08:81:e7:57:e3:88:44:3f:f1:25:
f4:6f:94:7a:64:e0:70:e3:4e:0f:bb:53:c1:f9:29:13:e4:c8:
d8:50:7b:b3:b5:d7:68:b8:5a:b8:f5:a2:00:be:fc:76:5c:6b:
ff:92:75:14:e0:61:7a:4a:fe:d3:6d:cc:69:99:1e:84:45:0e:
78:b9:d8:c1:aa:53:84:15:f4:ef:64:04:58:c7:a1:c5:2b:3d:
e5:2d:82:ce:17:3f:f4:fb:a4:e2:5e:de:35:89:36:88:c6:d2:
70:d8:c3:1a:5f:fb:17:1e:2b:fe:79:30:04:12:f7:da:8e:dd:
f0:f3:89:95:25:24:8a:b9:92:26:0a:dc:4f:d9:36:a2:c0:73:
03:4e:f4:e9:ce:0b:b9:03:c0:75:14:ab:20:74:6b:b4:35:5c:
cb:b5:0b:27:a3:2f:4b:68:39:66:75:1e:82:a2:38:28:bd:f4:
c2:ee:fd:43:12:96:66:89:bd:a3:8f:62:b6:07:e5:48:bb:5c:
b6:0a:57:38:ed:86:2e:b1:32:47:33:de:55:cf:c8:61:38:a1:
f8:ae:d0:22
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYmIyprIL9UeR9sE5YVRxwbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNzI0MTY0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA5NDcyNTRhMjRmZTgyOTBhMjM2NmQwYzFkNmJjMjEzY2FjYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFhIQU6Ay6iNhdpJK/UpCNCqsmhW
COn9I1OkaLGMh9n2BrcG5KbXr5eUpcpeYZaCeJMH0R0zXWbuY+1urpJ6J4qVGj9N
536ygRFdMN7fcxwnsLmY8/s25Lwu51zhume+nJLEr6eeOSlf5++ZCLEX6yJdGWwh
qwnUV0N5/pTAKVt6vVH0Q8T79A7zT20LRF9YriLT6V4Y/pjnM3+/sEMa6AEjPYBW
IACeJ1y6OYt3q4fXmS7Sd0RSTAGgzdNv+C2Vi7OmEydIRlHgfSweuTVMdkMIMyv8
alN0A7iIS+LxjYiD6rD10i42BtlxeGRrmqH1/Mng+cpEmzmRTo7XDhRfLwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFLwJRyVKJP6CkKI2bQwda8ITyswlMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdkFsSEpVb2tfb0tRb2padERCMXJ3aFBLekNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBggQCAAEwfAMEAC0J
SAMEAC4RaQMEAFvZTAMEAV6OiDAMAwQAX9YJAwQCX9YIAwQAuSgHAwQBuV6kAwQA
uWaIAwQCuWf8AwQAuXV0AwQAuXV3AwQAuci+AwQBueiqMAwDBAS56VADBAC56VID
BAG56coDBAC5/JADBAHCJLIDBADCQ8kwOgQCAAIwNAMHACoEUgAAaAMHACoEUgEA
AgMHACoEUgEABAMHASoEUgEABgMHACoEUgGAGAMFAyoNLMAwDQYJKoZIhvcNAQEL
BQADggEBAC5zmZ+snqo9AV39K2H4HWIZEVAytOC4D8gDQ9M1DpbsiiYW2mQvCHKi
7gmACIHnV+OIRD/xJfRvlHpk4HDjTg+7U8H5KRPkyNhQe7O112i4Wrj1ogC+/HZc
a/+SdRTgYXpK/tNtzGmZHoRFDni52MGqU4QV9O9kBFjHocUrPeUtgs4XP/T7pOJe
3jWJNojG0nDYwxpf+xceK/55MAQS99qO3fDziZUlJIq5kiYK3E/ZNqLAcwNO9OnO
C7kDwHUUqyB0a7Q1XMu1CyejL0toOWZ1HoKiOCi99MLu/UMSlmaJvaOPYrYH5Ui7
XLYKVzjthi6xMkcz3lXPyGE4ofiu0CI=
Generated at Wed Aug 23 20:43:22 2023 by rpki-client on console-fra.rpki-client.org