Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLxjGtm68tqVaDpo9-6sZgjnZvE.roa
File: tLxjGtm68tqVaDpo9-6sZgjnZvE.roa (raw, json)
Hash identifier: tkstrTknLQPB1xDbvzMciabmjd2KzqNHrtUvxeO0ZX0=
Subject key identifier: B4:BC:63:1A:D9:BA:F2:DA:95:68:3A:68:F7:EE:AC:66:08:E7:66:F1
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185A754B6300D6B902330E400C3E5B28DDA
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLxjGtm68tqVaDpo9-6sZgjnZvE.roa
Signing time: Thu 12 Jan 2023 18:53:44 +0000
ROA not before: Thu 12 Jan 2023 18:53:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64200
IP address blocks: 31.132.53.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
5.182.198.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
45.67.147.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
5.182.186.0/23 maxlen: 23
192.145.68.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a7:54:b6:30:0d:6b:90:23:30:e4:00:c3:e5:b2:8d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 12 18:53:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4bc631ad9baf2da95683a68f7eeac6608e766f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:5f:8b:7d:86:1c:c5:b1:f4:ed:be:31:b7:
cb:41:73:28:fc:f3:ea:1a:82:02:c4:75:f7:7f:9c:
46:48:f3:67:44:57:f0:2f:ac:a0:5b:b6:e6:82:3d:
36:c7:30:f4:61:ec:06:12:a8:a0:58:19:9e:bc:e6:
b1:8a:ee:53:c6:3b:f3:90:76:33:6a:e8:d7:e3:c2:
18:f6:31:6e:89:15:f2:8e:1d:fb:49:f8:e7:da:3f:
bc:c6:5e:b8:4d:cd:90:03:71:e1:c7:35:be:00:b2:
5c:ea:ae:69:e1:c5:8a:cd:35:13:bb:c1:c3:e2:8f:
69:3b:0f:e4:6b:6d:66:4e:f0:7d:f0:d7:f0:6e:32:
f5:d9:3c:06:33:cc:2f:ff:9a:1b:63:6d:1d:04:ab:
fb:3a:65:f2:91:1e:f3:f0:12:6f:1d:1d:9f:f3:a1:
3e:fd:8c:db:72:af:3b:34:de:12:f9:85:09:76:4d:
9f:15:10:75:3e:07:92:55:e1:79:79:d0:0f:67:65:
19:b2:a2:a9:f3:3f:24:a6:36:dc:88:e9:ff:86:76:
09:2b:13:5d:f6:9a:cd:f5:c9:7e:97:17:32:f2:3f:
1b:3e:9e:f3:6b:ac:58:f9:28:a8:ef:87:14:7a:ae:
82:fc:de:1e:e2:92:28:6a:e6:dc:70:c2:c4:02:05:
d5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BC:63:1A:D9:BA:F2:DA:95:68:3A:68:F7:EE:AC:66:08:E7:66:F1
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLxjGtm68tqVaDpo9-6sZgjnZvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
5.182.198.0/24
31.132.53.0-31.132.55.255
45.67.147.0/24
63.246.129.0-63.246.133.255
63.246.136.0/23
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.151.0-63.246.152.255
63.246.158.0/23
78.31.204.0/24
94.154.170.0/24
185.171.124.0/23
185.171.127.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
72:1a:63:bf:31:db:e8:bc:69:e6:94:3b:0b:ab:81:f5:22:c4:
ed:ee:ba:da:55:ff:e9:15:14:56:76:0f:7b:87:44:81:7d:b0:
87:a7:94:20:5d:9a:02:91:10:8b:c4:33:0c:4b:75:87:74:3f:
66:14:bc:cf:1b:9c:09:7f:30:7a:f5:f1:e1:67:eb:58:29:3a:
e8:ee:b7:d6:cd:fe:c8:18:29:c1:71:70:99:d8:a3:62:37:9f:
94:ae:54:97:c8:f1:f8:d6:e9:e4:3b:ed:76:1b:38:54:d2:45:
6d:2c:e8:af:cc:84:fb:9e:83:fb:05:71:15:64:ae:e2:05:be:
8c:97:be:d0:05:5e:5f:f9:bd:bb:ea:35:48:89:7f:1f:7d:3f:
91:fb:02:01:b5:66:27:d6:bb:08:7c:db:c6:3d:c6:ad:81:94:
eb:b2:54:4a:b6:6c:41:15:f7:d7:7e:76:ec:bc:52:9a:3e:f7:
44:20:7a:32:d4:d8:a5:c6:ad:67:78:70:ed:d3:a4:a7:8f:f7:
42:82:6c:ec:48:77:c9:11:46:3e:70:c6:43:78:de:df:44:e1:
f4:bb:bf:6e:fe:3f:8d:32:72:56:60:2c:57:76:e6:b6:f4:7a:
3e:33:da:3f:d1:5e:32:52:95:1b:40:3b:e7:a0:91:ea:4d:cd:
7e:38:ad:d7
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYWnVLYwDWuQIzDkAMPlso3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTEyMTg1MzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJjNjMxYWQ5YmFmMmRhOTU2ODNhNjhmN2VlYWM2NjA4ZTc2NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl61fi32GHMWx9O2+MbfLQXMo/PPq
GoICxHX3f5xGSPNnRFfwL6ygW7bmgj02xzD0YewGEqigWBmevOaxiu5TxjvzkHYz
aujX48IY9jFuiRXyjh37Sfjn2j+8xl64Tc2QA3HhxzW+ALJc6q5p4cWKzTUTu8HD
4o9pOw/ka21mTvB98NfwbjL12TwGM8wv/5obY20dBKv7OmXykR7z8BJvHR2f86E+
/Yzbcq87NN4S+YUJdk2fFRB1PgeSVeF5edAPZ2UZsqKp8z8kpjbciOn/hnYJKxNd
9prN9cl+lxcy8j8bPp7za6xY+Sio74cUeq6C/N4e4pIoaubccMLEAgXVOQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFLS8YxrZuvLalWg6aPfurGYI52bxMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvdEx4akd0bTY4dHFWYURwbzktNnNaZ2puWnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAEF
trowDAMEAAW2wQMEAgW2wAMEAAW2xjAMAwQAH4Q1AwQDH4QwAwQALUOTMAwDBAA/
9oEDBAE/9oQDBAE/9ogDBAA/9osDBAA/9o4wDAMEAD/2kQMEAT/2lDAMAwQAP/aX
AwQAP/aYAwQBP/aeAwQATh/MAwQAXpqqAwQBuat8AwQAuat/AwQAuckpAwQAuckr
AwQAuc3OAwQAwJFEMA0GCSqGSIb3DQEBCwUAA4IBAQByGmO/MdvovGnmlDsLq4H1
IsTt7rraVf/pFRRWdg97h0SBfbCHp5QgXZoCkRCLxDMMS3WHdD9mFLzPG5wJfzB6
9fHhZ+tYKTro7rfWzf7IGCnBcXCZ2KNiN5+UrlSXyPH41unkO+12GzhU0kVtLOiv
zIT7noP7BXEVZK7iBb6Ml77QBV5f+b276jVIiX8ffT+R+wIBtWYn1rsIfNvGPcat
gZTrslRKtmxBFffXfnbsvFKaPvdEIHoy1Nilxq1neHDt06Snj/dCgmzsSHfJEUY+
cMZDeN7fROH0u79u/j+NMnJWYCxXdua29Ho+M9o/0V4yUpUbQDvnoJHqTc1+OK3X
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:39 2024 by rpki-client on console-ams.rpki-client.org