Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/13aCi3qkQnOmIqY7HtrK8_0RwmU.roa
File: 13aCi3qkQnOmIqY7HtrK8_0RwmU.roa (raw, json)
Hash identifier: r9cMRuWMHL5f/Ui753LVqKQYVgAQKa6YQ0WyBf1gHGI=
Subject key identifier: D7:76:82:8B:7A:A4:42:73:A6:22:A6:3B:1E:DA:CA:F3:FD:11:C2:65
Certificate issuer: /CN=31921b6ff1ac449ba3e7f892cf0832d1ceb7d464
Certificate serial: 01856C4A7D5B3B12D5FFCDD478EB9FCE17FF
Authority key identifier: 31:92:1B:6F:F1:AC:44:9B:A3:E7:F8:92:CF:08:32:D1:CE:B7:D4:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/13aCi3qkQnOmIqY7HtrK8_0RwmU.roa
Signing time: Sun 01 Jan 2023 07:44:59 +0000
ROA not before: Sun 01 Jan 2023 07:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57763
IP address blocks: 91.224.66.0/23 maxlen: 23
185.63.0.0/22 maxlen: 22
185.63.0.0/24 maxlen: 24
185.63.1.0/24 maxlen: 24
185.63.2.0/24 maxlen: 24
185.63.3.0/24 maxlen: 24
37.75.136.0/21 maxlen: 21
37.75.136.0/22 maxlen: 22
37.75.140.0/24 maxlen: 24
37.75.141.0/24 maxlen: 24
37.75.142.0/23 maxlen: 23
2a01:5741::/32 maxlen: 32
2a01:5741::/48 maxlen: 48
2001:67c:2074::/48 maxlen: 48
2a01:5740::/32 maxlen: 32
2a01:5740::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:7d:5b:3b:12:d5:ff:cd:d4:78:eb:9f:ce:17:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31921b6ff1ac449ba3e7f892cf0832d1ceb7d464
Validity
Not Before: Jan 1 07:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d776828b7aa44273a622a63b1edacaf3fd11c265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ad:99:8c:77:ad:be:79:00:3d:2d:1f:31:c6:
e4:81:e4:65:3c:af:50:a8:36:5c:d6:ae:5e:b2:22:
e4:5f:07:17:b9:e9:b2:b8:5a:90:50:8b:74:0d:ac:
6f:20:f9:00:d8:61:01:3c:bc:78:83:de:2a:4f:c9:
54:ec:7f:cd:38:f4:e3:4a:98:76:13:34:00:cc:0a:
40:e1:e8:6b:78:46:56:d2:36:c2:ce:0a:8b:78:c4:
3c:b8:29:47:a7:b6:06:b3:a1:97:2c:ab:3d:79:79:
da:ad:32:71:af:93:93:06:b4:00:d8:5c:b3:f9:6b:
77:88:20:ea:83:63:6f:bd:b4:c5:1a:60:4c:23:92:
ee:ee:e8:93:b6:ff:3b:f1:c5:2d:51:e5:37:08:f9:
6a:29:da:16:2b:3a:8b:38:6b:b7:fa:dc:cf:80:ca:
0a:8e:53:3c:62:80:57:0a:03:d8:ff:9d:8c:13:41:
d4:bd:80:31:3e:42:c2:8d:1f:53:e3:2b:66:16:b8:
5d:d5:94:4d:2e:95:86:fc:dc:84:32:ff:92:0d:6e:
52:5f:7d:77:3a:7f:f0:53:9f:72:01:6e:2e:09:af:
42:0f:5b:5b:a2:17:14:6a:d9:33:43:ba:32:30:0b:
d7:6a:e4:23:1b:d4:2c:f2:12:4a:34:c3:71:ed:5d:
d5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:76:82:8B:7A:A4:42:73:A6:22:A6:3B:1E:DA:CA:F3:FD:11:C2:65
X509v3 Authority Key Identifier:
keyid:31:92:1B:6F:F1:AC:44:9B:A3:E7:F8:92:CF:08:32:D1:CE:B7:D4:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZIbb_GsRJuj5_iSzwgy0c631GQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/13aCi3qkQnOmIqY7HtrK8_0RwmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ce043e-2ddb-48a7-8983-9d7a8872b454/1/MZIbb_GsRJuj5_iSzwgy0c631GQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.136.0/21
91.224.66.0/23
185.63.0.0/22
IPv6:
2001:67c:2074::/48
2a01:5740::/31
Signature Algorithm: sha256WithRSAEncryption
63:4e:5d:e9:3d:18:bc:8c:3f:48:fe:1c:c9:e9:52:b5:80:7e:
e1:8d:bb:66:fd:6a:90:6f:3f:1f:4b:30:42:e2:e4:c6:aa:99:
2d:f8:36:48:a3:5d:15:fb:7f:31:56:08:ab:ec:2e:17:d4:a9:
89:30:bc:97:ae:25:77:10:be:1e:a5:78:56:a3:60:71:ca:cb:
25:46:cc:ad:52:ca:d8:42:b6:48:24:79:4a:89:93:59:8a:54:
17:5f:81:bd:70:00:54:03:86:e2:6f:4e:e4:79:2c:20:21:8a:
e7:14:5c:7d:45:17:e0:db:32:2a:56:ee:b5:d6:84:dd:95:53:
97:72:ef:15:9a:01:d0:1e:84:b4:84:7c:0a:25:48:3d:05:71:
a7:38:20:ad:de:e1:5f:7e:a2:c8:37:cb:39:9d:46:0e:d1:61:
2e:c8:ce:ff:c1:a9:e7:6c:eb:7a:2d:a5:74:8d:17:5a:7b:63:
11:bd:fd:6e:08:b0:b4:36:3e:50:2b:b3:19:17:f9:79:60:03:
da:ce:ce:7c:43:18:2d:46:63:16:63:97:2e:f4:84:50:e5:54:
7d:e4:1d:bb:66:b5:f9:a5:a3:17:0c:2f:d3:91:55:af:30:9b:
e0:4a:3d:58:7f:d7:47:22:fb:02:4b:c9:7c:4f:88:3b:3f:0d:
0e:c8:10:ee
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVsSn1bOxLV/83UeOufzhf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOTIxYjZmZjFhYzQ0OWJhM2U3Zjg5MmNmMDgzMmQxY2Vi
N2Q0NjQwHhcNMjMwMTAxMDc0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzc2ODI4YjdhYTQ0MjczYTYyMmE2M2IxZWRhY2FmM2ZkMTFjMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi62ZjHetvnkAPS0fMcbkgeRlPK9Q
qDZc1q5esiLkXwcXuemyuFqQUIt0DaxvIPkA2GEBPLx4g94qT8lU7H/NOPTjSph2
EzQAzApA4ehreEZW0jbCzgqLeMQ8uClHp7YGs6GXLKs9eXnarTJxr5OTBrQA2Fyz
+Wt3iCDqg2NvvbTFGmBMI5Lu7uiTtv878cUtUeU3CPlqKdoWKzqLOGu3+tzPgMoK
jlM8YoBXCgPY/52ME0HUvYAxPkLCjR9T4ytmFrhd1ZRNLpWG/NyEMv+SDW5SX313
On/wU59yAW4uCa9CD1tbohcUatkzQ7oyMAvXauQjG9Qs8hJKNMNx7V3VxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNd2got6pEJzpiKmOx7ayvP9EcJlMB8GA1UdIwQY
MBaAFDGSG2/xrESbo+f4ks8IMtHOt9RkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVpJYmJfR3NSSnVqNV9pU3p3Z3kwYzYzMUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jZTA0M2UtMmRkYi00OGE3LTg5ODMt
OWQ3YTg4NzJiNDU0LzEvMTNhQ2kzcWtRbk9tSXFZN0h0cks4XzBSd21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jZTA0M2UtMmRkYi00OGE3LTg5ODMtOWQ3YTg4NzJiNDU0
LzEvTVpJYmJfR3NSSnVqNV9pU3p3Z3kwYzYzMUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQDJUuIAwQB
W+BCAwQCuT8AMBYEAgACMBADBwAgAQZ8IHQDBQEqAVdAMA0GCSqGSIb3DQEBCwUA
A4IBAQBjTl3pPRi8jD9I/hzJ6VK1gH7hjbtm/WqQbz8fSzBC4uTGqpkt+DZIo10V
+38xVgir7C4X1KmJMLyXriV3EL4epXhWo2BxysslRsytUsrYQrZIJHlKiZNZilQX
X4G9cABUA4bib07keSwgIYrnFFx9RRfg2zIqVu611oTdlVOXcu8VmgHQHoS0hHwK
JUg9BXGnOCCt3uFffqLIN8s5nUYO0WEuyM7/wannbOt6LaV0jRdae2MRvf1uCLC0
Nj5QK7MZF/l5YAPazs58QxgtRmMWY5cu9IRQ5VR95B27ZrX5paMXDC/TkVWvMJvg
Sj1Yf9dHIvsCS8l8T4g7Pw0OyBDu
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:25 2024 by rpki-client on console-ams.rpki-client.org