Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/S1yskY8hM_QJgWwuors101gz3xg.roa
File: S1yskY8hM_QJgWwuors101gz3xg.roa (raw, json)
Hash identifier: E7u+5PYNM/SdsWTvNdUcP7x9aPAxM0Av9DTlteN9gDo=
Subject key identifier: 4B:5C:AC:91:8F:21:33:F4:09:81:6C:2E:A2:BB:35:D3:58:33:DF:18
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 018B427957C3A58522752E0F3BEEAEA55FAB
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/S1yskY8hM_QJgWwuors101gz3xg.roa
Signing time: Wed 18 Oct 2023 11:08:50 +0000
ROA not before: Wed 18 Oct 2023 11:08:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198770
IP address blocks: 141.101.228.0/24 maxlen: 24
141.101.231.0/24 maxlen: 24
85.92.116.0/24 maxlen: 24
85.92.117.0/24 maxlen: 24
85.92.118.0/24 maxlen: 24
37.230.152.0/24 maxlen: 24
37.230.153.0/24 maxlen: 24
37.230.154.0/24 maxlen: 24
37.230.155.0/24 maxlen: 24
37.18.74.0/24 maxlen: 24
37.18.75.0/24 maxlen: 24
37.18.76.0/24 maxlen: 24
37.18.77.0/24 maxlen: 24
37.230.248.0/24 maxlen: 24
128.0.66.0/24 maxlen: 24
128.0.67.0/24 maxlen: 24
62.113.62.0/24 maxlen: 24
62.113.63.0/24 maxlen: 24
62.113.60.0/24 maxlen: 24
141.101.204.0/24 maxlen: 24
178.170.225.0/24 maxlen: 24
2a0d:b1c0:abc0::/44 maxlen: 44
2a0d:b1c0:c0::/44 maxlen: 44
2a0d:b1c0:500::/44 maxlen: 48
2a0d:b1c0:ffff::/48 maxlen: 48
2a0d:b1c0:d0::/44 maxlen: 44
2a0d:b1c0:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:79:57:c3:a5:85:22:75:2e:0f:3b:ee:ae:a5:5f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Oct 18 11:08:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b5cac918f2133f409816c2ea2bb35d35833df18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1d:eb:b5:a5:d2:d9:08:47:9c:7f:a9:14:42:
fc:8b:ee:ba:d6:c7:84:cb:33:3d:10:e2:0b:6d:73:
3e:f9:ad:d4:e9:44:f9:5f:7f:17:1d:5e:dd:d2:1e:
d9:41:55:73:b4:c6:3e:f8:90:48:5e:f6:0a:61:0b:
04:d3:00:0b:c6:b4:f4:5b:19:6a:b2:9b:4a:f8:ca:
ce:d2:d8:49:60:b8:db:bf:f2:f5:28:e7:57:13:f1:
d6:a6:07:51:7c:9c:d8:f2:b9:a0:71:d3:c3:a3:d4:
62:f5:2f:69:09:15:2a:84:eb:3e:a4:b7:81:6f:a0:
8f:d3:ff:a1:2b:69:71:c2:8a:70:22:d9:df:69:be:
ae:c6:04:1a:ca:b3:b9:9b:65:ee:ab:8d:36:23:f8:
c3:2a:46:a4:cf:d9:fe:e8:ef:1a:82:02:34:fd:2a:
fd:6d:58:01:ed:0a:b0:dd:b0:67:c0:1c:48:8a:2c:
6a:83:05:89:3c:9c:be:69:9a:69:fd:fa:5d:f1:10:
15:49:b6:90:f5:c4:6d:39:73:85:a3:a7:f2:1c:66:
ce:5a:6a:96:df:37:9d:e4:be:85:8c:f8:49:6a:94:
7a:94:af:3a:eb:da:17:23:a3:80:26:d4:88:9f:a4:
d4:27:0b:db:72:b3:e4:2e:9f:ad:af:8c:75:a2:a6:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:5C:AC:91:8F:21:33:F4:09:81:6C:2E:A2:BB:35:D3:58:33:DF:18
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/S1yskY8hM_QJgWwuors101gz3xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.74.0-37.18.77.255
37.230.152.0/22
37.230.248.0/24
62.113.60.0/24
62.113.62.0/23
85.92.116.0-85.92.118.255
128.0.66.0/23
141.101.204.0/24
141.101.228.0/24
141.101.231.0/24
178.170.225.0/24
IPv6:
2a0d:b1c0:c0::/43
2a0d:b1c0:500::/44
2a0d:b1c0:aaaa::/48
2a0d:b1c0:abc0::/44
2a0d:b1c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
19:c2:78:60:3a:15:16:83:cc:aa:7f:75:99:49:bc:72:6d:45:
86:3c:0f:01:17:61:3b:6d:43:2b:3b:95:1d:61:0e:3e:91:81:
fe:12:f2:fc:c5:db:6b:50:7b:f9:71:7b:cb:85:fe:06:0f:72:
35:65:60:c8:9d:7d:22:ac:34:cf:c6:f8:8d:77:32:ac:51:de:
40:9b:66:46:83:56:dd:1e:23:f4:18:50:19:88:ae:a7:94:8a:
6b:28:0a:a7:b5:26:c9:09:4c:48:2c:a8:99:4a:ac:7a:3a:fe:
b1:93:87:10:09:49:1b:cd:c6:83:49:15:1d:70:b0:5f:a1:7b:
9f:ac:7b:93:b8:1f:85:9a:84:78:93:03:c6:f1:c2:3d:c8:73:
39:d9:8d:4c:15:de:07:0a:81:2b:80:b3:c3:91:66:20:c4:c2:
48:19:fd:96:e8:f2:2e:06:8a:4a:3b:18:76:27:20:dd:62:27:
6f:24:53:42:24:9d:99:c0:ed:27:8a:bc:6d:fe:e7:23:af:a1:
25:0e:d9:37:7b:81:2c:9e:c6:ef:ac:76:c8:bb:64:89:c3:94:
3e:11:c5:0e:1f:24:af:dd:d8:1c:5b:0f:1a:1e:26:5a:b7:49:
ab:44:22:2c:02:04:15:89:b4:22:7b:45:13:cb:f5:7c:d6:b3:
db:71:4a:00
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYtCeVfDpYUidS4PO+6upV+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjMxMDE4MTEwODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjVjYWM5MThmMjEzM2Y0MDk4MTZjMmVhMmJiMzVkMzU4MzNkZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh3rtaXS2QhHnH+pFEL8i+661seE
yzM9EOILbXM++a3U6UT5X38XHV7d0h7ZQVVztMY++JBIXvYKYQsE0wALxrT0Wxlq
sptK+MrO0thJYLjbv/L1KOdXE/HWpgdRfJzY8rmgcdPDo9Ri9S9pCRUqhOs+pLeB
b6CP0/+hK2lxwopwItnfab6uxgQayrO5m2Xuq402I/jDKkakz9n+6O8aggI0/Sr9
bVgB7Qqw3bBnwBxIiixqgwWJPJy+aZpp/fpd8RAVSbaQ9cRtOXOFo6fyHGbOWmqW
3zed5L6FjPhJapR6lK8669oXI6OAJtSIn6TUJwvbcrPkLp+tr4x1oqZ6tQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFEtcrJGPITP0CYFsLqK7NdNYM98YMB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvUzF5c2tZOGhNX1FKZ1d3dW9yczEwMWd6M3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBYBAIAATBSMAwDBAEl
EkoDBAElEkwDBAIl5pgDBAAl5vgDBAA+cTwDBAE+cT4wDAMEAlVcdAMEAFVcdgME
AYAAQgMEAI1lzAMEAI1l5AMEAI1l5wMEALKq4TAzBAIAAjAtAwcFKg2xwADAAwcE
Kg2xwAUAAwcAKg2xwKqqAwcEKg2xwKvAAwcAKg2xwP//MA0GCSqGSIb3DQEBCwUA
A4IBAQAZwnhgOhUWg8yqf3WZSbxybUWGPA8BF2E7bUMrO5UdYQ4+kYH+EvL8xdtr
UHv5cXvLhf4GD3I1ZWDInX0irDTPxviNdzKsUd5Am2ZGg1bdHiP0GFAZiK6nlIpr
KAqntSbJCUxILKiZSqx6Ov6xk4cQCUkbzcaDSRUdcLBfoXufrHuTuB+FmoR4kwPG
8cI9yHM52Y1MFd4HCoErgLPDkWYgxMJIGf2W6PIuBopKOxh2JyDdYidvJFNCJJ2Z
wO0nirxt/ucjr6ElDtk3e4EsnsbvrHbIu2SJw5Q+EcUOHySv3dgcWw8aHiZat0mr
RCIsAgQVibQie0UTy/V81rPbcUoA
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:43 2024 by rpki-client on console-ams.rpki-client.org