Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/afE0Ff4NkxqcdmyxwaE98Quuegc.roa
File: afE0Ff4NkxqcdmyxwaE98Quuegc.roa (raw, json)
Hash identifier: 1LnxLmB8n/zicJbsquTjPZqeZRyFGZBf1hybwarepXg=
Subject key identifier: 69:F1:34:15:FE:0D:93:1A:9C:76:6C:B1:C1:A1:3D:F1:0B:AE:7A:07
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018C350CB7173050AA14CEBE3E50263CDA0F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/afE0Ff4NkxqcdmyxwaE98Quuegc.roa
Signing time: Mon 04 Dec 2023 13:37:54 +0000
ROA not before: Mon 04 Dec 2023 13:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 193.181.74.0/24 maxlen: 24
193.181.72.0/24 maxlen: 24
193.181.73.0/24 maxlen: 24
194.14.155.0/24 maxlen: 24
194.68.127.0/24 maxlen: 24
194.14.156.0/24 maxlen: 24
194.14.154.0/24 maxlen: 24
193.183.22.0/24 maxlen: 24
194.103.240.0/21 maxlen: 21
194.103.240.0/20 maxlen: 20
194.103.252.0/22 maxlen: 22
194.103.249.0/24 maxlen: 24
194.103.250.0/23 maxlen: 23
192.165.229.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
192.176.33.0/24 maxlen: 24
194.132.95.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
194.14.245.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
192.165.95.0/24 maxlen: 24
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
193.234.185.0/24 maxlen: 24
193.234.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:0c:b7:17:30:50:aa:14:ce:be:3e:50:26:3c:da:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 4 13:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69f13415fe0d931a9c766cb1c1a13df10bae7a07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f5:ad:9b:2e:2b:32:db:fe:a9:47:3e:43:96:
50:69:df:0f:b6:40:2a:47:a1:41:b1:d6:a8:c2:fb:
d0:56:f5:6e:3d:41:a7:9f:58:cb:3c:ac:55:bb:5f:
ea:27:d1:5f:fa:e2:f5:3e:de:57:9b:67:14:59:04:
d1:7c:e5:6a:eb:5d:2f:f1:22:19:7c:f1:2a:4b:1a:
4e:1d:05:08:6c:e4:9e:d8:75:f7:f0:cb:07:5d:03:
e9:b4:27:0c:7c:4b:ea:96:d5:74:7e:2e:24:09:b3:
8d:94:fe:69:33:9f:fe:fb:a6:73:93:47:6a:ff:d4:
ed:7b:a5:01:90:e6:85:da:98:dc:30:86:83:f2:5b:
12:5e:cf:c8:b1:64:d6:2f:2f:ba:6d:af:91:d8:00:
7b:76:9e:d9:df:c6:bd:26:f4:38:bf:05:49:33:e9:
d6:e7:b0:1b:87:37:ca:e4:85:cd:a1:20:09:94:07:
6c:a8:28:a6:65:d2:f6:47:e5:fd:26:78:1f:1e:85:
f1:1b:35:13:5f:93:cd:d1:20:de:7e:05:ee:a5:09:
46:0c:17:16:4c:f9:27:0e:0e:e8:c4:f3:f2:65:30:
d8:29:7e:fe:6d:a6:36:59:08:76:8f:19:2d:3d:92:
92:c7:74:1e:b5:87:c9:27:84:3e:09:15:aa:2f:5a:
4b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F1:34:15:FE:0D:93:1A:9C:76:6C:B1:C1:A1:3D:F1:0B:AE:7A:07
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/afE0Ff4NkxqcdmyxwaE98Quuegc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.95.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.33.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.181.72.0-193.181.74.255
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.190.0/24
193.183.22.0/24
193.183.228.0/22
193.183.236.0/23
193.234.184.0/23
194.14.154.0-194.14.156.255
194.14.245.0/24
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.127.0/24
194.103.240.0/20
194.132.95.0/24
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:ec:28:19:6e:45:3d:33:9f:f5:1d:6f:e3:29:98:55:ba:22:
e1:6b:70:f0:99:d3:64:eb:a1:ef:27:09:69:23:70:26:77:03:
8a:33:12:83:9e:5b:02:7f:66:7d:13:0e:e0:ed:b1:61:1f:14:
ec:ee:b2:ae:75:f3:f1:94:39:8a:03:92:80:62:75:c2:77:90:
c4:ce:64:3a:66:b5:df:e0:d9:3e:d6:de:02:7a:c8:37:4b:44:
e3:ac:9b:43:c9:d4:58:14:05:7a:1c:9d:b7:ce:97:07:31:d4:
4b:fc:e6:70:52:99:10:d0:b1:2f:cc:4b:91:05:56:6a:08:0f:
d8:27:c8:16:e3:40:b4:7e:78:2e:96:f2:fa:63:86:3a:e3:76:
0a:17:81:ab:c0:70:4c:6a:ae:60:54:e2:6f:61:76:99:98:2f:
b6:00:f2:ee:ce:06:b0:46:50:7a:e3:eb:59:5f:7c:4e:ef:52:
14:3b:0d:f1:08:b9:b4:ed:b4:d2:5a:67:9a:7c:fb:18:c2:29:
3f:7d:e6:b5:c2:d9:b0:67:c2:f9:77:6c:8b:d8:cd:0d:1b:6f:
4f:97:24:6b:c1:6a:62:d1:e3:cd:68:19:3a:a1:aa:f6:94:e8:
b5:91:fc:60:69:0a:4b:ff:58:a0:5e:77:9b:1c:7b:71:cb:db:
f4:b4:6f:5a
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYw1DLcXMFCqFM6+PlAmPNoPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMjA0MTMzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWYxMzQxNWZlMGQ5MzFhOWM3NjZjYjFjMWExM2RmMTBiYWU3YTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Wtmy4rMtv+qUc+Q5ZQad8PtkAq
R6FBsdaowvvQVvVuPUGnn1jLPKxVu1/qJ9Ff+uL1Pt5Xm2cUWQTRfOVq610v8SIZ
fPEqSxpOHQUIbOSe2HX38MsHXQPptCcMfEvqltV0fi4kCbONlP5pM5/++6Zzk0dq
/9Tte6UBkOaF2pjcMIaD8lsSXs/IsWTWLy+6ba+R2AB7dp7Z38a9JvQ4vwVJM+nW
57AbhzfK5IXNoSAJlAdsqCimZdL2R+X9JngfHoXxGzUTX5PN0SDefgXupQlGDBcW
TPknDg7oxPPyZTDYKX7+baY2WQh2jxktPZKSx3QetYfJJ4Q+CRWqL1pLywIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFGnxNBX+DZManHZsscGhPfELrnoHMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvYWZFMEZmNE5reHFjZG15eHdhRTk4UXV1ZWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQA
wCRgAwQAwHkoMAwDBAHAeTIDBADAeTQDBADAeXMDBADAeeUDBADApQwDBADApR8D
BADApV8DBADApa0DBADApbQDBADApeUDBADAsCEDBADAsHwDBADBtAcwDAMEAMG0
rwMEAMG0sDAMAwQDwbVIAwQAwbVKAwQAwbZrAwQAwbZ+AwQBwbaYAwQAwba+AwQA
wbcWAwQCwbfkAwQBwbfsAwQBweq4MAwDBAHCDpoDBADCDpwDBADCDvUwDAMEA8JE
SAMEAcJETAMEAMJETwMEAMJEfwMEBMJn8AMEAMKEXwMEAsKEvDANBgkqhkiG9w0B
AQsFAAOCAQEATuwoGW5FPTOf9R1v4ymYVboi4Wtw8JnTZOuh7ycJaSNwJncDijMS
g55bAn9mfRMO4O2xYR8U7O6yrnXz8ZQ5igOSgGJ1wneQxM5kOma13+DZPtbeAnrI
N0tE46ybQ8nUWBQFehydt86XBzHUS/zmcFKZENCxL8xLkQVWaggP2CfIFuNAtH54
Lpby+mOGOuN2CheBq8BwTGquYFTib2F2mZgvtgDy7s4GsEZQeuPrWV98Tu9SFDsN
8Qi5tO200lpnmnz7GMIpP33mtcLZsGfC+Xdsi9jNDRtvT5cka8FqYtHjzWgZOqGq
9pTotZH8YGkKS/9YoF53mxx7ccvb9LRvWg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:20 2024 by rpki-client on console-ams.rpki-client.org