Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/IoNPu1FdKzN3ZDbFSCiHDGGqbTM.roa
File: IoNPu1FdKzN3ZDbFSCiHDGGqbTM.roa (raw, json)
Hash identifier: 6noKrufAbfjVpxcBM+GTduJNnOPrF6ZDoGWS2VBbIM4=
Subject key identifier: 22:83:4F:BB:51:5D:2B:33:77:64:36:C5:48:28:87:0C:61:AA:6D:33
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018A503F0F9E8D59AB21184014E60DB74AAD
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/IoNPu1FdKzN3ZDbFSCiHDGGqbTM.roa
Signing time: Fri 01 Sep 2023 10:17:04 +0000
ROA not before: Fri 01 Sep 2023 10:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51032
IP address blocks: 62.122.88.0/21 maxlen: 24
178.216.176.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
89.23.176.0/21 maxlen: 21
91.202.204.0/22 maxlen: 22
89.23.128.0/19 maxlen: 19
89.23.128.0/21 maxlen: 21
89.23.144.0/20 maxlen: 24
31.128.128.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:3f:0f:9e:8d:59:ab:21:18:40:14:e6:0d:b7:4a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Sep 1 10:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22834fbb515d2b33776436c54828870c61aa6d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:05:d1:83:9c:ca:89:56:7e:b6:ce:56:e2:
9e:4c:e6:71:bf:2a:e8:cc:cc:6c:27:67:7b:2e:61:
f1:4c:6e:f9:c3:c2:ba:06:77:b0:31:27:8f:6d:7e:
1e:49:af:ed:43:98:27:7b:f5:66:d0:65:48:67:54:
2d:8f:f6:a5:a0:92:5a:5c:e4:04:90:6d:f6:15:4a:
31:49:2a:4b:f6:4d:e8:d9:03:37:fa:d7:c9:b3:40:
26:7f:5b:28:ed:40:44:bd:68:7f:ab:a0:80:25:15:
cf:61:82:9c:14:6c:f7:c3:6e:86:ad:dd:43:8a:37:
66:3e:b8:e3:65:cc:4c:3b:65:b9:8b:62:c5:fd:66:
b9:9f:2e:82:f4:34:71:99:98:eb:f7:3f:eb:9b:68:
77:1b:f8:d0:65:2a:9c:2a:2e:b1:4b:da:63:08:93:
05:3d:99:e3:91:78:25:9c:40:b0:c2:1d:02:81:43:
18:42:be:fa:c0:c0:f8:93:ae:3e:40:2a:f5:37:7e:
1f:83:45:9a:b8:ce:b4:2c:fb:d2:45:4b:b3:50:ed:
b1:45:50:33:a7:f2:20:bb:23:bb:40:bc:a6:8a:e4:
2a:cf:40:4d:97:e5:79:38:d8:57:e3:8e:eb:63:ab:
49:87:d6:5e:48:08:52:06:32:9c:94:d6:89:9b:d2:
db:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:83:4F:BB:51:5D:2B:33:77:64:36:C5:48:28:87:0C:61:AA:6D:33
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/IoNPu1FdKzN3ZDbFSCiHDGGqbTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
62.122.88.0/21
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
178.216.176.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:48:28:a2:20:40:2c:fb:ff:bc:79:d5:5e:94:dd:5f:29:09:
7d:f2:3e:c7:b7:1f:14:9f:72:6b:28:9f:83:60:ce:26:e8:32:
19:3c:38:11:9a:7b:01:7c:6e:e7:b0:ab:2c:74:9f:8a:9d:84:
31:fd:e1:3b:b4:17:d3:57:b8:eb:0c:fe:09:22:04:6b:7a:0f:
11:20:a7:b2:e1:50:97:2c:44:fd:fc:7b:46:ad:1a:9c:1e:f8:
a9:3d:26:2d:54:12:fa:dc:68:ab:41:f8:7c:93:7d:f3:be:dc:
25:f6:02:0d:37:5e:56:6f:a7:0f:11:2d:1c:8f:c8:21:23:e5:
2a:d8:7f:b9:2b:61:24:82:2e:e4:6a:80:06:53:1f:e7:43:94:
d8:71:c5:92:72:46:b0:5d:e0:3f:aa:5c:9a:88:c9:41:6c:64:
52:ee:83:c7:e7:72:72:a9:b4:24:b4:7b:33:51:2d:1b:61:ef:
21:ea:90:54:b1:e3:77:b2:5b:ad:d7:2b:95:aa:72:98:e9:f2:
1a:41:ec:fc:76:30:ef:ab:6b:d8:a3:3b:71:5b:1d:e5:78:4b:
71:c7:43:fa:7b:92:c7:72:e8:d8:69:64:a0:4d:46:e0:f3:6d:
29:c8:fe:11:cf:78:5d:70:54:b7:29:26:1d:cf:9e:cf:0f:55:
32:bf:7f:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYpQPw+ejVmrIRhAFOYNt0qtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMwOTAxMTAxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgzNGZiYjUxNWQyYjMzNzc2NDM2YzU0ODI4ODcwYzYxYWE2ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAUF0YOcyolWfrbOVuKeTOZxvyro
zMxsJ2d7LmHxTG75w8K6BnewMSePbX4eSa/tQ5gne/Vm0GVIZ1Qtj/aloJJaXOQE
kG32FUoxSSpL9k3o2QM3+tfJs0Amf1so7UBEvWh/q6CAJRXPYYKcFGz3w26Grd1D
ijdmPrjjZcxMO2W5i2LF/Wa5ny6C9DRxmZjr9z/rm2h3G/jQZSqcKi6xS9pjCJMF
PZnjkXglnECwwh0CgUMYQr76wMD4k64+QCr1N34fg0WauM60LPvSRUuzUO2xRVAz
p/IguyO7QLymiuQqz0BNl+V5ONhX447rY6tJh9ZeSAhSBjKclNaJm9LbtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCKDT7tRXSszd2Q2xUgohwxhqm0zMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvSW9OUHUxRmRLek4zWkRiRlNDaUhER0dxYlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFH4CAAwQD
PnpYAwQGWReAAwQEW3tQAwQCW8rMAwQDstiwMA0GCSqGSIb3DQEBCwUAA4IBAQBv
SCiiIEAs+/+8edVelN1fKQl98j7Htx8Un3JrKJ+DYM4m6DIZPDgRmnsBfG7nsKss
dJ+KnYQx/eE7tBfTV7jrDP4JIgRreg8RIKey4VCXLET9/HtGrRqcHvipPSYtVBL6
3GirQfh8k33zvtwl9gINN15Wb6cPES0cj8ghI+Uq2H+5K2Ekgi7kaoAGUx/nQ5TY
ccWSckawXeA/qlyaiMlBbGRS7oPH53JyqbQktHszUS0bYe8h6pBUseN3slut1yuV
qnKY6fIaQez8djDvq2vYoztxWx3leEtxx0P6e5LHcujYaWSgTUbg820pyP4Rz3hd
cFS3KSYdz57PD1Uyv3+u
Generated at Fri Sep 1 11:12:16 2023 by rpki-client on console-fra.rpki-client.org