Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SohvS1Yf7-9rEAKjWeZstyCe_YM.roa
File: SohvS1Yf7-9rEAKjWeZstyCe_YM.roa (raw, json)
Hash identifier: QJo+mt7dbp9xPWClKfJyEaRxqHofKaDhVPK7x8iu3AA=
Subject key identifier: 4A:88:6F:4B:56:1F:EF:EF:6B:10:02:A3:59:E6:6C:B7:20:9E:FD:83
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018843A015BDEB7BE9A7361EA52B12AEA26B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SohvS1Yf7-9rEAKjWeZstyCe_YM.roa
Signing time: Mon 22 May 2023 13:22:24 +0000
ROA not before: Mon 22 May 2023 13:22:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
2.58.168.0/22 maxlen: 24
178.210.224.0/22 maxlen: 24
193.138.125.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.151.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:a0:15:bd:eb:7b:e9:a7:36:1e:a5:2b:12:ae:a2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 22 13:22:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a886f4b561fefef6b1002a359e66cb7209efd83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9e:8a:94:ab:e1:1e:ab:c4:35:db:e5:f0:17:
0a:0c:dc:1b:3d:ed:c8:44:53:4b:7e:a0:49:43:a9:
48:0a:c4:06:df:a6:14:70:14:25:cf:63:a4:bc:88:
be:18:a9:ec:91:26:f2:b5:51:43:d6:22:b9:57:92:
90:f7:da:42:b4:41:3d:50:fe:1b:50:a7:e6:c6:7b:
90:58:27:12:a1:22:3d:91:11:42:48:8a:e9:25:77:
ca:78:1a:68:f3:9e:e8:0b:3c:b6:0e:c2:b8:45:52:
44:dd:60:ae:7b:70:ca:cc:6c:20:00:b8:0f:4d:9b:
8f:d8:88:d6:dd:6a:73:83:6e:86:08:cf:89:41:5d:
a9:a1:10:83:e1:16:6b:5b:cd:da:47:84:11:1b:78:
e1:61:f7:87:20:03:79:91:28:59:95:85:5f:4e:50:
2f:c3:eb:4c:23:a4:a1:fd:d2:a4:9f:d0:48:84:f7:
04:97:63:2e:74:fc:df:5f:32:4f:cc:92:8e:73:a3:
e0:ca:54:f7:c7:1a:a2:95:b5:03:72:25:d1:9e:ff:
37:59:0a:d1:4f:d2:e2:0f:df:fa:e8:1e:08:2d:26:
27:f5:2f:7a:a4:4c:c2:d0:50:3a:ad:4d:96:30:4b:
9e:e3:74:69:4b:bf:07:80:c2:66:0d:7f:af:31:e5:
85:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:88:6F:4B:56:1F:EF:EF:6B:10:02:A3:59:E6:6C:B7:20:9E:FD:83
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/SohvS1Yf7-9rEAKjWeZstyCe_YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0/22
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
77.242.156.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.210.224.0/22
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
01:4e:dd:aa:60:57:78:dd:15:a3:d2:a3:e0:35:4d:64:28:e1:
e1:3b:46:70:40:ed:17:9f:8b:fa:21:a6:43:c0:8b:9d:d3:f5:
9b:7d:e5:a0:04:15:18:e7:3d:59:76:6c:cb:4a:58:76:fc:12:
a7:dc:75:79:09:03:c7:d6:5d:d3:06:48:e8:36:66:58:2b:a0:
c9:df:fd:e7:07:e9:f9:5b:75:b3:2b:a7:a9:0c:77:02:97:29:
0a:57:f2:fa:83:28:d4:e5:ae:14:1c:a1:92:5d:f6:66:3d:bd:
a5:b4:0f:d0:be:98:45:cd:d8:b0:cf:08:df:3f:93:20:a9:b9:
59:4a:e3:7d:9e:3e:6f:37:d1:84:f0:21:72:83:d3:89:45:e6:
79:a1:bc:89:9d:04:30:95:20:66:69:13:96:d1:33:70:3b:c1:
a3:8c:30:14:87:80:b7:ae:18:12:18:05:8b:bb:5b:02:d2:01:
1b:ee:85:e6:4b:3d:56:1e:d0:85:b0:66:c1:11:ed:9d:a5:38:
5e:39:7c:37:2a:aa:9e:82:3a:0c:ba:c1:db:12:d3:ec:e7:3d:
80:5d:25:2e:aa:f3:b2:23:cb:b1:f5:6f:ae:01:01:ff:5b:f3:
e7:af:af:b6:31:4d:5c:d5:a1:72:62:f8:50:4e:e8:b8:b2:03:
96:0d:62:47
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYhDoBW963vppzYepSsSrqJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNTIyMTMyMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTg4NmY0YjU2MWZlZmVmNmIxMDAyYTM1OWU2NmNiNzIwOWVmZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn56KlKvhHqvENdvl8BcKDNwbPe3I
RFNLfqBJQ6lICsQG36YUcBQlz2OkvIi+GKnskSbytVFD1iK5V5KQ99pCtEE9UP4b
UKfmxnuQWCcSoSI9kRFCSIrpJXfKeBpo857oCzy2DsK4RVJE3WCue3DKzGwgALgP
TZuP2IjW3Wpzg26GCM+JQV2poRCD4RZrW83aR4QRG3jhYfeHIAN5kShZlYVfTlAv
w+tMI6Sh/dKkn9BIhPcEl2MudPzfXzJPzJKOc6PgylT3xxqilbUDciXRnv83WQrR
T9LiD9/66B4ILSYn9S96pEzC0FA6rU2WMEue43RpS78HgMJmDX+vMeWFpQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFEqIb0tWH+/vaxACo1nmbLcgnv2DMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvU29odlMxWWY3LTlyRUFLaldlWnN0eUNlX1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAgI6
qDAMAwQALQmpAwQCLQmoAwQALQ4IAwQBLQ4KAwQALVhdMAwDBARN8pADBABN8pQD
BABN8pcDBABN8pwDBABY0cEDBABY0cQDBABY0dADBABY0dIDBAJY0dQDBANcNNAD
BABcNNsDBAKy0uADBAOy+MgDBADBin0wDQQCAAIwBwMFAyoAH0AwDQYJKoZIhvcN
AQELBQADggEBAAFO3apgV3jdFaPSo+A1TWQo4eE7RnBA7Refi/ohpkPAi53T9Zt9
5aAEFRjnPVl2bMtKWHb8EqfcdXkJA8fWXdMGSOg2ZlgroMnf/ecH6flbdbMrp6kM
dwKXKQpX8vqDKNTlrhQcoZJd9mY9vaW0D9C+mEXN2LDPCN8/kyCpuVlK432ePm83
0YTwIXKD04lF5nmhvImdBDCVIGZpE5bRM3A7waOMMBSHgLeuGBIYBYu7WwLSARvu
heZLPVYe0IWwZsER7Z2lOF45fDcqqp6COgy6wdsS0+znPYBdJS6q87Ijy7H1b64B
Af9b8+evr7YxTVzVoXJi+FBO6LiyA5YNYkc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:01 2023 by rpki-client on console-fra.rpki-client.org