Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1W5Ol-BeSqCXWiKC277szXM9AkI.roa
File: 1W5Ol-BeSqCXWiKC277szXM9AkI.roa (raw, json)
Hash identifier: +FQxI7fW2ArLejFeqrdXAoeDUjlF4DM7x49G1cvyMy8=
Subject key identifier: D5:6E:4E:97:E0:5E:4A:A0:97:5A:22:82:DB:BE:EC:CD:73:3D:02:42
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01894AEC5FF172F04B3627C895B3774D7C41
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1W5Ol-BeSqCXWiKC277szXM9AkI.roa
Signing time: Wed 12 Jul 2023 16:25:52 +0000
ROA not before: Wed 12 Jul 2023 16:25:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 78.159.131.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4a:ec:5f:f1:72:f0:4b:36:27:c8:95:b3:77:4d:7c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 12 16:25:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d56e4e97e05e4aa0975a2282dbbeeccd733d0242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2e:47:fd:21:ef:52:34:86:bf:7e:d0:17:a7:
9b:62:99:29:72:f6:6f:4c:3c:50:12:0a:67:58:bb:
83:3d:8b:1b:7e:4b:a5:e2:c1:86:29:50:bc:02:13:
d3:e7:cf:bc:03:fc:8e:41:e0:9b:de:9a:92:98:66:
b6:b7:56:5e:0d:f1:fe:71:78:c1:bf:04:57:ea:11:
df:3f:e1:52:76:b9:78:b0:26:eb:15:af:82:04:be:
20:7c:ca:5b:e2:a9:b0:d5:80:a3:06:86:3e:b3:c6:
11:86:cf:62:3f:b0:14:f8:28:eb:61:74:f5:e5:76:
35:f5:28:ff:be:b1:e7:45:db:20:b1:ed:b0:22:c8:
9b:83:8f:17:b3:c6:3c:da:0d:74:3d:df:ba:3f:9e:
0a:5d:20:e9:cf:26:35:48:f1:9a:27:48:40:e3:67:
70:6c:eb:4d:87:fe:80:09:d4:17:8f:a9:8d:9f:4b:
97:5a:b9:95:a1:7a:de:90:b4:09:a7:ff:89:7b:9f:
6d:fa:dc:92:39:65:e7:9c:1f:9f:d2:2e:94:53:4a:
03:d8:27:27:38:d9:e7:fb:da:57:2c:78:eb:f6:af:
24:80:df:3d:79:04:85:21:00:38:fb:31:fc:f3:60:
36:63:33:86:9e:95:8f:d7:93:82:98:e7:5f:cf:73:
21:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:6E:4E:97:E0:5E:4A:A0:97:5A:22:82:DB:BE:EC:CD:73:3D:02:42
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1W5Ol-BeSqCXWiKC277szXM9AkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
93.152.206.0/24
93.152.209.0/24
93.152.214.0/23
93.152.217.0/24
93.152.221.0/24
93.152.225.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:49:cf:00:8e:dc:5a:42:43:0e:a9:25:ba:7e:ba:5e:07:7d:
9b:a4:d3:4c:15:57:f1:b4:b2:ba:79:4e:88:4c:c8:d7:fc:c7:
4a:db:e4:4a:ad:4a:9a:b2:a3:b3:89:0e:7d:f6:5c:3d:9f:af:
94:4a:0f:79:d0:19:59:02:e6:65:e5:6c:99:49:47:19:0a:04:
5f:3d:bc:ed:c3:62:a5:b9:be:b1:bf:35:6e:c3:e2:c4:82:19:
b4:17:17:cf:a6:03:d7:55:a2:10:4d:50:b5:cf:3d:03:1a:e2:
4a:67:68:a9:1f:8e:b8:50:c7:fe:e5:e5:ac:a7:de:f2:64:b0:
05:b7:c5:64:c0:80:38:83:22:3f:ae:8b:a5:1c:a1:36:21:32:
55:d8:71:83:57:57:68:aa:8e:ad:87:60:c9:40:1b:cf:88:b6:
8a:ee:09:3e:41:16:ae:28:c8:a0:f1:2f:df:a0:b9:d7:ca:11:
40:7b:fb:8c:ed:59:fb:ae:f0:49:55:83:09:c4:11:ee:57:c4:
36:e8:41:a1:84:0d:9b:f0:49:b1:34:81:fa:cd:9f:6b:cf:0f:
cc:7e:e1:85:02:4d:2f:99:89:d7:77:ec:1d:4e:1e:ba:d3:ca:
0f:cd:77:f6:26:78:95:4e:e0:b2:09:0d:32:97:da:07:7c:03:
ad:52:d3:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYlK7F/xcvBLNifIlbN3TXxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzEyMTYyNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTZlNGU5N2UwNWU0YWEwOTc1YTIyODJkYmJlZWNjZDczM2QwMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi5H/SHvUjSGv37QF6ebYpkpcvZv
TDxQEgpnWLuDPYsbfkul4sGGKVC8AhPT58+8A/yOQeCb3pqSmGa2t1ZeDfH+cXjB
vwRX6hHfP+FSdrl4sCbrFa+CBL4gfMpb4qmw1YCjBoY+s8YRhs9iP7AU+CjrYXT1
5XY19Sj/vrHnRdsgse2wIsibg48Xs8Y82g10Pd+6P54KXSDpzyY1SPGaJ0hA42dw
bOtNh/6ACdQXj6mNn0uXWrmVoXrekLQJp/+Je59t+tySOWXnnB+f0i6UU0oD2Ccn
ONnn+9pXLHjr9q8kgN89eQSFIQA4+zH882A2YzOGnpWP15OCmOdfz3MhhQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNVuTpfgXkqgl1oigtu+7M1zPQJCMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMVc1T2wtQmVTcUNYV2lLQzI3N3N6WE05QWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATp+DAwQA
XZjOAwQAXZjRAwQBXZjWAwQAXZjZAwQAXZjdAwQAXZjhMA0GCSqGSIb3DQEBCwUA
A4IBAQC0Sc8AjtxaQkMOqSW6frpeB32bpNNMFVfxtLK6eU6ITMjX/MdK2+RKrUqa
sqOziQ599lw9n6+USg950BlZAuZl5WyZSUcZCgRfPbztw2Klub6xvzVuw+LEghm0
FxfPpgPXVaIQTVC1zz0DGuJKZ2ipH464UMf+5eWsp97yZLAFt8VkwIA4gyI/roul
HKE2ITJV2HGDV1doqo6th2DJQBvPiLaK7gk+QRauKMig8S/foLnXyhFAe/uM7Vn7
rvBJVYMJxBHuV8Q26EGhhA2b8EmxNIH6zZ9rzw/MfuGFAk0vmYnXd+wdTh6608oP
zXf2JniVTuCyCQ0yl9oHfAOtUtPv
-----END CERTIFICATE-----
Generated at Thu Jul 20 07:23:47 2023 by rpki-client on console-ams.rpki-client.org