Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/sxWwACbYX8QDmvg_RJnuWdNhNvc.roa
File: sxWwACbYX8QDmvg_RJnuWdNhNvc.roa (raw, json)
Hash identifier: 5kvlW5mgGcwlK8h588Z8/GbB9DBgGxx42DTXB+MSu6Q=
Subject key identifier: B3:15:B0:00:26:D8:5F:C4:03:9A:F8:3F:44:99:EE:59:D3:61:36:F7
Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Certificate serial: 01893F6CF0B2325397B8C2946EEFC9077D3C
Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/sxWwACbYX8QDmvg_RJnuWdNhNvc.roa
Signing time: Mon 10 Jul 2023 10:50:51 +0000
ROA not before: Mon 10 Jul 2023 10:50:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48573
IP address blocks: 94.143.44.0/22 maxlen: 22
94.143.40.0/22 maxlen: 22
94.143.40.0/21 maxlen: 21
185.43.10.0/23 maxlen: 23
185.43.8.0/23 maxlen: 23
185.43.8.0/22 maxlen: 22
95.215.138.0/23 maxlen: 23
95.215.136.0/23 maxlen: 23
95.215.136.0/22 maxlen: 22
193.29.230.0/23 maxlen: 23
31.185.0.0/22 maxlen: 22
31.185.0.0/21 maxlen: 21
31.185.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3f:6c:f0:b2:32:53:97:b8:c2:94:6e:ef:c9:07:7d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0
Validity
Not Before: Jul 10 10:50:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b315b00026d85fc4039af83f4499ee59d36136f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:c5:70:c8:b1:b0:a1:68:e6:67:ca:37:21:
18:64:6c:10:bb:46:cd:56:90:9f:af:ba:01:03:26:
9e:06:d9:69:e9:87:c6:06:48:22:fe:cb:f2:94:01:
5d:a8:5d:b5:d6:d1:a6:ab:07:4f:da:8b:e3:58:97:
91:c7:55:0d:67:e8:20:8a:9c:f9:f8:d8:d8:87:27:
b7:79:d5:a4:02:3f:44:00:bf:55:6f:a9:2a:df:12:
b4:6b:e9:4b:25:65:af:e3:5b:06:78:c2:f4:52:2b:
52:96:2a:d9:d0:6e:f5:11:dc:c2:a5:40:56:ca:17:
95:1b:5a:0c:58:ad:23:22:45:6f:69:b3:01:40:3f:
86:15:42:92:2c:78:7a:a6:26:fb:1d:d7:d9:82:23:
f3:13:e4:4d:96:17:da:46:e1:3e:65:03:4b:fb:83:
5d:0f:fa:cc:1b:a7:44:4b:40:7b:28:9e:9b:36:c6:
24:d4:37:0e:81:79:df:dc:98:9d:25:5d:59:b0:f2:
c6:b6:de:8b:d6:50:f8:dc:ba:68:14:5a:0d:b9:10:
9b:37:e2:6e:a3:53:e8:d5:30:41:2a:e5:c3:28:c8:
5f:43:a7:bb:4e:e1:1c:6b:84:70:56:13:8f:bf:f7:
03:d0:3d:66:58:f4:1c:c2:db:2e:9f:3a:cb:92:37:
8a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:15:B0:00:26:D8:5F:C4:03:9A:F8:3F:44:99:EE:59:D3:61:36:F7
X509v3 Authority Key Identifier:
keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/sxWwACbYX8QDmvg_RJnuWdNhNvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.0.0/21
94.143.40.0/21
95.215.136.0/22
185.43.8.0/22
193.29.230.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:53:2e:06:c4:0a:b7:0f:4b:6e:c0:bf:d1:2e:94:6f:88:74:
6b:00:62:5a:40:ee:93:34:95:a1:cd:b9:1b:89:28:e7:98:38:
18:3f:f9:dd:08:e5:e2:4e:93:7f:be:7e:8b:e1:2d:bc:ab:f6:
4d:30:d4:72:ab:fb:15:3c:19:45:aa:a4:b2:bc:2d:c0:78:7b:
3d:96:d1:ba:38:6b:9e:4d:f4:db:0c:4a:55:50:c9:cf:46:cc:
e9:17:ea:8d:9b:26:51:70:e7:24:6a:34:8e:f2:af:9d:ea:ce:
81:fb:96:ca:2c:f0:49:f9:2a:f1:4d:d4:71:d0:6e:c8:7f:4a:
cf:af:75:6d:00:1e:0e:78:68:7e:9c:e0:cf:61:cf:59:8d:68:
a6:8e:f0:41:11:68:16:e4:d6:5f:b5:7f:99:8c:ba:f7:d5:75:
45:64:16:e4:94:4c:99:0a:3e:11:ce:ce:af:cb:a3:29:2f:db:
c4:52:d9:1e:5f:3d:85:e5:9a:2d:aa:dc:4e:c3:7b:a1:b2:bc:
e6:e4:64:3e:78:e3:39:a3:5e:24:9d:1e:fb:62:a0:5a:09:80:
18:a5:9e:44:00:92:21:fa:78:89:6f:f8:5b:24:83:7c:75:cd:
54:f2:71:b6:fc:f6:39:29:46:f0:6d:e7:65:a3:b9:bb:a1:6b:
9a:91:f1:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYk/bPCyMlOXuMKUbu/JB308MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy
NTU2ZjAwHhcNMjMwNzEwMTA1MDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzE1YjAwMDI2ZDg1ZmM0MDM5YWY4M2Y0NDk5ZWU1OWQzNjEzNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4zFcMixsKFo5mfKNyEYZGwQu0bN
VpCfr7oBAyaeBtlp6YfGBkgi/svylAFdqF211tGmqwdP2ovjWJeRx1UNZ+ggipz5
+NjYhye3edWkAj9EAL9Vb6kq3xK0a+lLJWWv41sGeML0UitSlirZ0G71EdzCpUBW
yheVG1oMWK0jIkVvabMBQD+GFUKSLHh6pib7HdfZgiPzE+RNlhfaRuE+ZQNL+4Nd
D/rMG6dES0B7KJ6bNsYk1DcOgXnf3JidJV1ZsPLGtt6L1lD43LpoFFoNuRCbN+Ju
o1Po1TBBKuXDKMhfQ6e7TuEca4RwVhOPv/cD0D1mWPQcwtsunzrLkjeK7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLMVsAAm2F/EA5r4P0SZ7lnTYTb3MB8GA1UdIwQY
MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt
NzY5ODI0OTNlYTFhLzEvc3hXd0FDYllYOFFEbXZnX1JKbnVXZE5oTnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh
LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH7kAAwQD
Xo8oAwQCX9eIAwQCuSsIAwQBwR3mMA0GCSqGSIb3DQEBCwUAA4IBAQBaUy4GxAq3
D0tuwL/RLpRviHRrAGJaQO6TNJWhzbkbiSjnmDgYP/ndCOXiTpN/vn6L4S28q/ZN
MNRyq/sVPBlFqqSyvC3AeHs9ltG6OGueTfTbDEpVUMnPRszpF+qNmyZRcOckajSO
8q+d6s6B+5bKLPBJ+SrxTdRx0G7If0rPr3VtAB4OeGh+nODPYc9ZjWimjvBBEWgW
5NZftX+ZjLr31XVFZBbklEyZCj4Rzs6vy6MpL9vEUtkeXz2F5ZotqtxOw3uhsrzm
5GQ+eOM5o14knR77YqBaCYAYpZ5EAJIh+niJb/hbJIN8dc1U8nG2/PY5KUbwbedl
o7m7oWuakfEk
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:48 2024 by rpki-client on console-fra.rpki-client.org