Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/hzUw7VlRW7U9s0NdU5DyOjJJ76w.roa
File: hzUw7VlRW7U9s0NdU5DyOjJJ76w.roa (raw, json)
Hash identifier: KJcgEDoHAUZsvadUoCXgMgjRwrNpdndTpvehxmuw4F8=
Subject key identifier: 87:35:30:ED:59:51:5B:B5:3D:B3:43:5D:53:90:F2:3A:32:49:EF:AC
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C35157EF15D8F6FF8C58F6D5DB161
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/hzUw7VlRW7U9s0NdU5DyOjJJ76w.roa
Signing time: Mon 02 Jan 2023 05:55:03 +0000
ROA not before: Mon 02 Jan 2023 05:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64200
IP address blocks: 31.132.53.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
5.182.198.0/24 maxlen: 24
5.182.199.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
79.98.181.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
92.249.28.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
94.154.168.0/23 maxlen: 23
94.154.170.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
94.154.179.0/24 maxlen: 24
94.154.176.0/24 maxlen: 24
45.67.147.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
193.148.94.0/24 maxlen: 24
45.67.142.0/24 maxlen: 24
45.67.144.0/24 maxlen: 24
45.67.143.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.157.0/24 maxlen: 24
63.246.156.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
5.182.186.0/23 maxlen: 23
192.145.68.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.128.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:35:15:7e:f1:5d:8f:6f:f8:c5:8f:6d:5d:b1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=873530ed59515bb53db3435d5390f23a3249efac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f0:6c:06:65:aa:96:97:f7:53:83:ce:51:74:
64:b6:69:8d:82:5c:42:4a:78:22:2e:26:29:94:34:
b5:3e:52:e4:ab:85:56:b9:07:20:c4:ac:ea:87:c7:
9e:ca:2f:55:2d:b9:4e:cb:80:7c:01:6a:7e:25:19:
5d:a6:ce:45:0e:2c:40:df:01:2d:bd:84:51:8e:c8:
77:8f:07:f2:cf:68:b4:98:7b:06:cd:df:31:ba:89:
9e:e2:fc:df:c0:81:26:24:a0:c8:e5:1c:62:c1:ca:
2e:1c:d1:f6:17:76:6a:cb:41:08:63:c0:da:e0:73:
ea:63:a4:1f:d7:a4:07:73:91:8d:19:38:47:24:bd:
ea:a0:b3:39:78:31:e4:bc:f5:4f:b2:c5:f1:53:8a:
8b:50:bb:8c:81:bb:e3:a2:13:db:68:d4:8a:0e:b2:
71:ff:a8:f5:8b:80:9e:41:ae:c2:76:17:5c:76:3e:
25:a8:31:6b:36:46:19:88:6b:c8:c5:fa:4b:fe:09:
6a:a4:c3:fd:50:f8:02:ca:f8:cd:b5:ba:5e:12:80:
2b:8d:17:1b:44:8e:f6:dd:db:e7:34:d2:ae:8b:f7:
8b:78:f4:93:ce:f1:1f:9d:15:ea:eb:14:38:6d:ab:
67:cc:35:67:61:f4:cb:92:04:41:6f:39:97:26:86:
60:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:35:30:ED:59:51:5B:B5:3D:B3:43:5D:53:90:F2:3A:32:49:EF:AC
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/hzUw7VlRW7U9s0NdU5DyOjJJ76w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
5.182.198.0/23
31.132.53.0-31.132.55.255
45.67.142.0-45.67.144.255
45.67.147.0/24
63.246.128.0-63.246.133.255
63.246.136.0/23
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.151.0-63.246.152.255
63.246.156.0/22
78.31.204.0/24
79.98.181.0/24
92.249.28.0/24
94.154.168.0-94.154.170.255
94.154.176.0/24
94.154.179.0/24
185.171.124.0/23
185.171.127.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
193.148.94.0/24
Signature Algorithm: sha256WithRSAEncryption
91:fd:8a:98:e0:a7:54:f3:df:ff:7e:48:90:85:1c:69:6b:99:
d2:32:87:2f:bc:73:d9:d3:79:94:ce:db:9f:95:36:da:fa:59:
25:7c:04:cc:65:05:0b:86:36:a9:6e:d2:35:94:52:a9:b0:ee:
97:0f:22:b3:02:a5:d8:38:f1:52:97:03:57:68:5b:38:8f:79:
e6:27:59:47:48:d6:11:c9:f8:83:37:86:3b:d3:1d:1e:ed:ed:
e8:2a:b3:8c:1b:9a:ad:84:09:bb:f8:4e:3b:a8:55:4f:99:82:
6d:a1:c3:54:d4:89:19:35:06:54:35:ea:88:9e:77:c2:c1:5a:
19:8f:7d:73:ff:2b:0d:41:cb:3e:12:9b:91:7f:5d:39:77:fd:
4e:f3:88:24:99:d2:1a:6d:80:f1:f1:ef:3c:8a:0a:59:fb:65:
22:0e:70:dc:48:47:5d:38:66:a5:27:59:a9:aa:d5:6d:98:bf:
4a:70:5b:c9:e9:2a:46:9c:f3:32:b1:79:6c:5c:63:35:ca:1d:
ed:c5:12:83:4e:a9:1b:c8:a4:45:b9:b2:81:c2:6b:d1:f5:39:
93:b7:19:77:ce:61:04:2e:ef:95:90:e4:ee:72:0a:a1:7d:9a:
35:c9:76:64:04:a6:a2:8c:36:64:98:3c:c8:07:22:87:da:00:
d4:f5:f2:9c
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYVxDDUVfvFdj2/4xY9tXbFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM1MzBlZDU5NTE1YmI1M2RiMzQzNWQ1MzkwZjIzYTMyNDllZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/BsBmWqlpf3U4POUXRktmmNglxC
SngiLiYplDS1PlLkq4VWuQcgxKzqh8eeyi9VLblOy4B8AWp+JRldps5FDixA3wEt
vYRRjsh3jwfyz2i0mHsGzd8xuome4vzfwIEmJKDI5RxiwcouHNH2F3Zqy0EIY8Da
4HPqY6Qf16QHc5GNGThHJL3qoLM5eDHkvPVPssXxU4qLULuMgbvjohPbaNSKDrJx
/6j1i4CeQa7Cdhdcdj4lqDFrNkYZiGvIxfpL/glqpMP9UPgCyvjNtbpeEoArjRcb
RI723dvnNNKui/eLePSTzvEfnRXq6xQ4batnzDVnYfTLkgRBbzmXJoZg0wIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFIc1MO1ZUVu1PbNDXVOQ8joySe+sMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvaHpVdzdWbFJXN1U5czBOZFU1RHlPakpKNzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBAEF
trowDAMEAAW2wQMEAgW2wAMEAQW2xjAMAwQAH4Q1AwQDH4QwMAwDBAEtQ44DBAAt
Q5ADBAAtQ5MwDAMEBz/2gAMEAT/2hAMEAT/2iAMEAD/2iwMEAD/2jjAMAwQAP/aR
AwQBP/aUMAwDBAA/9pcDBAA/9pgDBAI/9pwDBABOH8wDBABPYrUDBABc+RwwDAME
A16aqAMEAF6aqgMEAF6asAMEAF6aswMEAbmrfAMEALmrfwMEALnJKQMEALnJKwME
ALnNzgMEAMCRRAMEAMGUXjANBgkqhkiG9w0BAQsFAAOCAQEAkf2KmOCnVPPf/35I
kIUcaWuZ0jKHL7xz2dN5lM7bn5U22vpZJXwEzGUFC4Y2qW7SNZRSqbDulw8iswKl
2DjxUpcDV2hbOI955idZR0jWEcn4gzeGO9MdHu3t6CqzjBuarYQJu/hOO6hVT5mC
baHDVNSJGTUGVDXqiJ53wsFaGY99c/8rDUHLPhKbkX9dOXf9TvOIJJnSGm2A8fHv
PIoKWftlIg5w3EhHXThmpSdZqarVbZi/SnBbyekqRpzzMrF5bFxjNcod7cUSg06p
G8ikRbmygcJr0fU5k7cZd85hBC7vlZDk7nIKoX2aNcl2ZASmoow2ZJg8yAcih9oA
1PXynA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org