Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/1JCu-CavIomcNcEaDYRwV31uodM.roa
File: 1JCu-CavIomcNcEaDYRwV31uodM.roa (raw, json)
Hash identifier: SsvsCa8tQik0i5mmwFbFPWMETh9kF8IDcwUiuwRS6ZA=
Subject key identifier: D4:90:AE:F8:26:AF:22:89:9C:35:C1:1A:0D:84:70:57:7D:6E:A1:D3
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 0185718C2CAF039BDEE2DBA8809B9E0DDD52
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/1JCu-CavIomcNcEaDYRwV31uodM.roa
Signing time: Mon 02 Jan 2023 08:14:49 +0000
ROA not before: Mon 02 Jan 2023 08:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44395
IP address blocks: 109.75.40.0/21 maxlen: 24
46.162.192.0/18 maxlen: 24
46.36.112.0/20 maxlen: 24
178.78.160.0/20 maxlen: 24
212.34.224.0/19 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.208.0/20 maxlen: 24
212.34.232.0/21 maxlen: 24
178.78.176.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
188.115.192.0/18 maxlen: 24
37.157.220.0/22 maxlen: 24
81.16.0.0/20 maxlen: 24
185.86.193.0/24 maxlen: 24
82.199.192.0/20 maxlen: 24
109.75.36.0/22 maxlen: 24
178.78.128.0/19 maxlen: 24
109.75.34.0/23 maxlen: 24
178.78.128.0/18 maxlen: 24
141.136.64.0/19 maxlen: 24
212.34.240.0/21 maxlen: 24
46.162.240.0/20 maxlen: 24
212.34.240.0/20 maxlen: 24
37.252.64.0/19 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.140.0/22 maxlen: 24
185.59.68.0/22 maxlen: 24
5.77.128.0/17 maxlen: 24
46.241.128.0/17 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2c:af:03:9b:de:e2:db:a8:80:9b:9e:0d:dd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Jan 2 08:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d490aef826af22899c35c11a0d8470577d6ea1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:be:8f:46:d3:44:74:5d:5f:e2:a1:c2:23:ec:
84:9f:87:62:22:ff:8f:c2:42:52:73:66:87:4e:0d:
e1:21:a5:72:68:b5:1b:aa:fa:96:d5:bb:6c:47:c4:
c6:b1:c6:90:2e:4c:00:be:d8:a0:b2:b5:7f:62:c7:
7b:c8:dc:30:9d:36:21:6e:a3:6b:15:14:db:39:fc:
d9:6a:c6:e1:54:28:21:1f:7f:11:41:49:bb:7e:37:
46:a6:5f:11:c6:5c:73:31:25:bf:1e:c8:cb:91:e4:
1e:2d:fd:d9:15:5c:0f:07:91:42:63:0b:c7:86:9e:
09:3a:12:ab:09:4f:ba:ca:f8:69:16:2d:b8:b6:58:
8e:3d:62:4a:c8:e6:6e:9f:be:a1:d5:28:a0:59:24:
c3:45:dc:ce:94:d6:aa:10:50:45:36:eb:8b:18:d9:
ff:53:f0:47:9f:71:c0:0a:46:a2:9f:92:b9:12:41:
13:05:89:c6:02:69:b7:e4:bc:53:1c:ab:a5:5b:03:
57:71:81:71:8e:79:bc:ed:0c:3a:bb:09:bb:56:dd:
aa:48:0d:ae:54:09:58:b0:91:b9:d8:63:a5:f9:1f:
e6:17:47:fe:a2:b1:d3:b2:57:a9:9e:fa:79:df:0f:
fe:f2:d8:30:0d:2f:89:8c:d2:90:b1:5a:f8:4e:fe:
3b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:90:AE:F8:26:AF:22:89:9C:35:C1:1A:0D:84:70:57:7D:6E:A1:D3
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/1JCu-CavIomcNcEaDYRwV31uodM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.193.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
17:40:b8:e1:1f:3a:9e:9b:37:20:56:a9:84:56:b9:3f:e1:58:
0d:0a:88:86:1e:37:b9:d7:ae:38:d9:7b:7b:7c:3e:ee:88:b6:
ea:27:1e:03:b2:a5:65:0b:b5:5b:fb:da:b8:21:5d:78:e6:e6:
9b:ad:2c:1e:bb:6b:d4:45:1b:e8:5b:67:b9:de:4b:27:58:d4:
ce:16:cb:67:fc:3f:37:0a:9c:01:31:29:5d:e4:88:6c:f7:57:
37:24:70:c6:69:27:bf:9a:bd:09:52:40:e8:67:f3:ef:6c:d9:
3b:5d:9e:40:56:b1:67:ff:2e:15:42:75:8b:0b:e0:94:1c:65:
77:30:98:96:50:45:bd:77:43:6b:7f:bc:80:72:ba:4a:9b:2c:
f9:ad:03:cd:a0:be:c1:f4:53:61:a6:04:a1:40:97:0e:a7:2d:
27:14:5d:da:35:b2:6b:96:35:29:14:a8:70:f0:c2:cc:da:57:
f6:f4:59:91:75:63:de:5e:a0:cc:d0:c4:56:89:2f:e2:7f:51:
63:f5:78:6c:9a:24:60:7a:7c:59:47:9f:15:6d:bc:f5:bc:d7:
66:36:3f:a7:e9:e9:0b:1a:7e:22:bd:50:3e:71:3f:77:a8:5e:
6e:6c:55:ec:f4:e7:71:39:c4:c5:4f:a2:79:d2:c0:82:0e:ee:
40:81:de:5c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYVxjCyvA5ve4tuogJueDd1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDkwYWVmODI2YWYyMjg5OWMzNWMxMWEwZDg0NzA1NzdkNmVhMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg76PRtNEdF1f4qHCI+yEn4diIv+P
wkJSc2aHTg3hIaVyaLUbqvqW1btsR8TGscaQLkwAvtigsrV/Ysd7yNwwnTYhbqNr
FRTbOfzZasbhVCghH38RQUm7fjdGpl8RxlxzMSW/HsjLkeQeLf3ZFVwPB5FCYwvH
hp4JOhKrCU+6yvhpFi24tliOPWJKyOZun76h1SigWSTDRdzOlNaqEFBFNuuLGNn/
U/BHn3HACkain5K5EkETBYnGAmm35LxTHKulWwNXcYFxjnm87Qw6uwm7Vt2qSA2u
VAlYsJG52GOl+R/mF0f+orHTslepnvp53w/+8tgwDS+JjNKQsVr4Tv47VwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFNSQrvgmryKJnDXBGg2EcFd9bqHTMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvMUpDdS1DYXZJb21jTmNFYURZUndWMzF1b2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTBuBAIAATBoAwQHBU2A
AwQEJZ3QAwQFJfxAAwQELiRwAwQGLqLAAwQHLvGAAwQEURAAAwQEUsfAAwQDXCuI
MAwDBAFtSyIDBARtSyADBAWNiEADBAayToADBAK5O0QDBAC5VsEDBAa8c8ADBAXU
IuAwGwQCAAIwFQMFAyoAzEADBQAqAUoAAwUAKgMQgDANBgkqhkiG9w0BAQsFAAOC
AQEAF0C44R86nps3IFaphFa5P+FYDQqIhh43udeuONl7e3w+7oi26iceA7KlZQu1
W/vauCFdeObmm60sHrtr1EUb6Ftnud5LJ1jUzhbLZ/w/NwqcATEpXeSIbPdXNyRw
xmknv5q9CVJA6Gfz72zZO12eQFaxZ/8uFUJ1iwvglBxldzCYllBFvXdDa3+8gHK6
Spss+a0DzaC+wfRTYaYEoUCXDqctJxRd2jWya5Y1KRSocPDCzNpX9vRZkXVj3l6g
zNDEVokv4n9RY/V4bJokYHp8WUefFW289bzXZjY/p+npCxp+Ir1QPnE/d6hebmxV
7PTncTnExU+iedLAgg7uQIHeXA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:44 2023 by rpki-client on console-ams.rpki-client.org