Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/VOe3MiSGpb24p3_U2fZ9c-CxJLQ.roa
File: VOe3MiSGpb24p3_U2fZ9c-CxJLQ.roa (raw, json)
Hash identifier: Yy2ZYwbsBWnLQ/E5njOUpMSo7PLfB01qZ0+POpsqtZQ=
Subject key identifier: 54:E7:B7:32:24:86:A5:BD:B8:A7:7F:D4:D9:F6:7D:73:E0:B1:24:B4
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018B2309059C5CD2FF42A15E49E507C1E051
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/VOe3MiSGpb24p3_U2fZ9c-CxJLQ.roa
Signing time: Thu 12 Oct 2023 08:37:55 +0000
ROA not before: Thu 12 Oct 2023 08:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51032
IP address blocks: 62.122.88.0/21 maxlen: 24
178.216.176.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
178.212.80.0/21 maxlen: 24
89.23.176.0/21 maxlen: 21
91.202.204.0/22 maxlen: 22
89.23.128.0/21 maxlen: 24
89.23.128.0/19 maxlen: 19
89.23.144.0/20 maxlen: 24
31.128.128.0/19 maxlen: 19
2a13:2c80::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:09:05:9c:5c:d2:ff:42:a1:5e:49:e5:07:c1:e0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Oct 12 08:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54e7b7322486a5bdb8a77fd4d9f67d73e0b124b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:15:d9:a9:ec:71:6d:fc:13:61:25:d1:84:
cd:6f:2b:a0:1f:d9:ff:44:c7:38:05:c8:bd:43:62:
a4:ed:84:d7:8c:fb:57:11:8a:a3:17:07:30:22:3c:
27:ae:b6:24:89:f5:c6:dc:0c:0d:a3:a1:66:fb:5e:
8b:3c:b2:8b:12:c9:8b:08:be:fc:ef:1a:84:db:d3:
6a:32:a4:7b:58:45:6e:ae:be:01:33:dd:e5:b7:35:
e0:28:6e:88:b6:8a:80:83:78:bc:22:39:13:ab:12:
87:4f:2e:61:2a:e4:0b:e4:bb:c9:e6:62:1b:f2:04:
22:f9:ba:39:54:58:4b:22:bf:ec:35:f8:b9:52:23:
84:29:dd:95:74:3b:ee:54:ad:2d:40:b0:f4:41:57:
e0:f9:07:0f:32:5c:1e:77:3b:75:b8:db:5f:71:25:
75:45:db:fb:58:62:e8:d5:56:be:8b:69:bb:ea:54:
6c:35:ba:98:24:6f:a7:ac:6f:35:bf:83:f0:98:4c:
1f:46:99:b7:a1:05:ea:65:8f:a3:e5:5e:db:c5:20:
4a:19:03:08:0c:8a:5f:d3:28:29:36:af:3e:67:03:
8e:89:14:37:e0:f2:7c:b8:24:90:99:92:57:cb:1d:
dc:f5:e5:d5:04:db:26:61:50:21:2e:1b:67:55:b1:
56:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E7:B7:32:24:86:A5:BD:B8:A7:7F:D4:D9:F6:7D:73:E0:B1:24:B4
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/VOe3MiSGpb24p3_U2fZ9c-CxJLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
62.122.88.0/21
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
178.212.80.0/21
178.216.176.0/21
IPv6:
2a13:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
79:bf:e7:83:8d:04:cd:32:1f:08:a5:cf:87:bb:24:ee:6f:1b:
b9:ad:66:e0:be:9b:6c:d8:1f:80:77:02:88:31:0d:cf:34:d5:
c7:c7:a8:21:22:44:2f:db:3e:eb:99:44:b3:52:0a:cb:09:62:
68:cc:05:c9:39:86:bc:30:05:5e:da:64:8a:24:fd:97:41:33:
31:81:9d:04:92:3f:b4:2d:e3:b7:91:2d:ca:1b:4d:09:88:54:
2c:f2:16:bb:8f:88:df:00:b4:40:3e:3a:9d:b2:3c:16:6f:cf:
89:ec:8b:3e:bc:d2:fe:82:08:17:af:25:bd:3f:39:14:58:a7:
bb:1d:49:f9:e8:10:27:18:32:bf:76:48:6e:a1:cc:35:78:7d:
65:5c:51:7b:1a:da:f3:30:93:95:db:64:ea:36:b0:68:f2:d9:
fa:c4:7c:f9:d7:cf:85:2d:15:a0:64:ca:c2:82:b1:bc:05:4c:
37:3f:ae:01:03:e3:db:2f:46:50:9b:8b:bd:db:3c:17:36:67:
ce:dd:82:54:0b:62:95:c2:25:59:8e:11:11:9e:67:36:5d:a9:
3a:97:a0:03:1f:38:a5:6f:51:33:bc:17:d2:de:86:14:ee:6d:
2e:1c:82:2b:fa:2d:40:5b:3a:08:a2:8f:76:fb:bb:35:9c:af:
e4:7a:a2:e1
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYsjCQWcXNL/QqFeSeUHweBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMxMDEyMDgzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGU3YjczMjI0ODZhNWJkYjhhNzdmZDRkOWY2N2Q3M2UwYjEyNGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/MV2anscW38E2El0YTNbyugH9n/
RMc4Bci9Q2Kk7YTXjPtXEYqjFwcwIjwnrrYkifXG3AwNo6Fm+16LPLKLEsmLCL78
7xqE29NqMqR7WEVurr4BM93ltzXgKG6ItoqAg3i8IjkTqxKHTy5hKuQL5LvJ5mIb
8gQi+bo5VFhLIr/sNfi5UiOEKd2VdDvuVK0tQLD0QVfg+QcPMlwedzt1uNtfcSV1
Rdv7WGLo1Va+i2m76lRsNbqYJG+nrG81v4PwmEwfRpm3oQXqZY+j5V7bxSBKGQMI
DIpf0ygpNq8+ZwOOiRQ34PJ8uCSQmZJXyx3c9eXVBNsmYVAhLhtnVbFW+QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFTntzIkhqW9uKd/1Nn2fXPgsSS0MB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvVk9lM01pU0dwYjI0cDNfVTJmWjljLUN4SkxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFH4CAAwQD
PnpYAwQGWReAAwQEW3tQAwQCW8rMAwQDstRQAwQDstiwMA0EAgACMAcDBQMqEyyA
MA0GCSqGSIb3DQEBCwUAA4IBAQB5v+eDjQTNMh8Ipc+HuyTubxu5rWbgvpts2B+A
dwKIMQ3PNNXHx6ghIkQv2z7rmUSzUgrLCWJozAXJOYa8MAVe2mSKJP2XQTMxgZ0E
kj+0LeO3kS3KG00JiFQs8ha7j4jfALRAPjqdsjwWb8+J7Is+vNL+gggXryW9PzkU
WKe7HUn56BAnGDK/dkhuocw1eH1lXFF7GtrzMJOV22TqNrBo8tn6xHz518+FLRWg
ZMrCgrG8BUw3P64BA+PbL0ZQm4u92zwXNmfO3YJUC2KVwiVZjhERnmc2Xak6l6AD
Hzilb1EzvBfS3oYU7m0uHIIr+i1AWzoIoo92+7s1nK/keqLh
-----END CERTIFICATE-----
Generated at Fri Oct 13 06:57:10 2023 by rpki-client on console-fra.rpki-client.org