Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/6XTqLjM48Dvvg9EqKvnUVtKO0Js.roa
File: 6XTqLjM48Dvvg9EqKvnUVtKO0Js.roa (raw, json)
Hash identifier: KojPXxhUAn6ZzSeNycjtL28pk/Ohxt+pAwB3mzo6ooI=
Subject key identifier: E9:74:EA:2E:33:38:F0:3B:EF:83:D1:2A:2A:F9:D4:56:D2:8E:D0:9B
Certificate issuer: /CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Certificate serial: 018AFECFAE519D6FAD2B896E872D6B63F047
Authority key identifier: 8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/6XTqLjM48Dvvg9EqKvnUVtKO0Js.roa
Signing time: Thu 05 Oct 2023 07:48:57 +0000
ROA not before: Thu 05 Oct 2023 07:48:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202038
IP address blocks: 94.199.232.0/21 maxlen: 21
94.199.232.0/23 maxlen: 23
94.199.234.0/23 maxlen: 23
94.199.236.0/23 maxlen: 23
94.199.239.0/24 maxlen: 24
94.199.238.0/24 maxlen: 24
109.234.225.0/24 maxlen: 24
109.234.224.0/21 maxlen: 21
109.234.224.0/24 maxlen: 24
109.234.226.0/23 maxlen: 23
109.234.228.0/23 maxlen: 23
185.78.216.0/23 maxlen: 23
185.78.216.0/24 maxlen: 24
185.78.217.0/24 maxlen: 24
185.108.94.0/24 maxlen: 24
185.108.93.0/24 maxlen: 24
185.108.95.0/24 maxlen: 24
185.108.92.0/24 maxlen: 24
185.108.92.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:cf:ae:51:9d:6f:ad:2b:89:6e:87:2d:6b:63:f0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Validity
Not Before: Oct 5 07:48:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e974ea2e3338f03bef83d12a2af9d456d28ed09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:0d:9e:d2:0c:ab:ed:ac:11:41:62:fd:05:
69:6d:29:7d:48:80:ac:63:c2:f8:dd:da:b7:e2:d5:
39:80:37:b7:eb:ba:3e:05:7b:c2:27:02:bc:09:78:
45:73:1c:c9:f8:2f:7d:3d:b8:83:89:26:0e:33:38:
08:b0:cb:e3:55:bb:d3:6f:1d:d6:d6:97:6b:88:b8:
22:9a:97:d9:3a:23:bc:b6:a8:54:66:35:e1:b1:13:
50:85:dd:39:98:31:da:06:bb:22:71:43:8b:c3:ec:
16:d4:50:7d:6b:95:a0:fd:86:77:c9:84:c8:91:a8:
66:8e:e1:55:7c:81:68:68:6f:ae:66:eb:6d:11:56:
d2:62:a8:c4:66:60:41:60:35:24:6e:0e:8c:d7:50:
37:fb:99:82:44:24:f7:62:94:47:3c:e1:0e:50:92:
b3:63:0c:cf:7e:1d:17:8c:89:c2:e7:5a:ab:a9:e0:
c4:d8:71:28:f5:e3:ff:f7:a9:64:14:39:b3:ab:e3:
e0:8e:2d:c9:2e:75:d8:46:0f:a8:bf:4e:1c:a0:f6:
6b:3e:b0:cd:a5:61:08:0a:85:58:3d:5c:15:87:8c:
35:47:38:b7:2c:52:45:74:57:cd:42:4a:29:ac:0e:
31:51:ad:2f:fc:29:b7:7a:ee:49:c9:d8:b8:0f:24:
29:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:74:EA:2E:33:38:F0:3B:EF:83:D1:2A:2A:F9:D4:56:D2:8E:D0:9B
X509v3 Authority Key Identifier:
keyid:8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/6XTqLjM48Dvvg9EqKvnUVtKO0Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.232.0/21
109.234.224.0/21
185.78.216.0/23
185.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
71:68:ee:b7:8c:ef:cf:fe:59:b2:e2:b9:2c:98:53:a9:04:c7:
56:21:31:21:56:be:8a:ba:a8:56:0f:5f:58:b5:b9:60:53:34:
9b:47:5c:06:40:b9:f7:3c:b5:02:dc:3f:46:4e:1f:1a:41:25:
9b:6c:4e:8a:cd:a7:5b:96:66:eb:a8:9e:ec:b6:d0:e9:a2:4d:
16:81:ba:82:64:e3:88:aa:8a:cd:f9:af:26:4a:65:37:82:7d:
da:54:5a:e0:2a:dd:a2:a4:78:27:84:b1:58:ba:3f:a8:0b:c9:
eb:42:e8:c6:44:9d:e2:b3:c1:d5:e8:fa:82:e7:81:56:97:13:
2b:16:95:16:55:14:c2:4e:04:eb:3a:67:a3:b4:76:58:06:ed:
73:82:5f:b9:f0:4d:65:26:8b:65:b3:86:fe:a8:56:12:f2:0d:
d1:fa:9e:51:b8:28:f4:5b:b7:c2:9b:10:c4:2d:6e:03:b8:c9:
cc:d9:ac:b8:8a:42:bf:a0:65:48:f6:91:4f:0a:af:55:9e:e6:
b9:34:05:21:44:2c:21:a1:dc:81:2f:0e:fe:cb:b7:dd:a3:df:
77:8c:e7:f4:78:41:4e:bd:40:3d:98:16:26:c6:fd:ce:c4:09:
92:c6:28:16:59:37:88:af:0b:2a:c2:df:a0:6a:a0:0a:79:22:
78:b4:7f:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr+z65RnW+tK4luhy1rY/BHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzQ1ODczMzVjMjkwZmY4ZjJiMzc0ZGYyNGFiZTIzMzNi
Y2VkNWUwHhcNMjMxMDA1MDc0ODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTc0ZWEyZTMzMzhmMDNiZWY4M2QxMmEyYWY5ZDQ1NmQyOGVkMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXINntIMq+2sEUFi/QVpbSl9SICs
Y8L43dq34tU5gDe367o+BXvCJwK8CXhFcxzJ+C99PbiDiSYOMzgIsMvjVbvTbx3W
1pdriLgimpfZOiO8tqhUZjXhsRNQhd05mDHaBrsicUOLw+wW1FB9a5Wg/YZ3yYTI
kahmjuFVfIFoaG+uZuttEVbSYqjEZmBBYDUkbg6M11A3+5mCRCT3YpRHPOEOUJKz
YwzPfh0XjInC51qrqeDE2HEo9eP/96lkFDmzq+Pgji3JLnXYRg+ov04coPZrPrDN
pWEICoVYPVwVh4w1Rzi3LFJFdFfNQkoprA4xUa0v/Cm3eu5Jydi4DyQp0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOl06i4zOPA774PRKir51FbSjtCbMB8GA1UdIwQY
MBaAFI3EWHM1wpD/jys3TfJKviMzvO1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYt
ZDYwNmQ5OTI1YWI3LzEvNlhUcUxqTTQ4RHZ2ZzlFcUt2blVWdEtPMEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYtZDYwNmQ5OTI1YWI3
LzEvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXsfoAwQD
bergAwQBuU7YAwQCuWxcMA0GCSqGSIb3DQEBCwUAA4IBAQBxaO63jO/P/lmy4rks
mFOpBMdWITEhVr6KuqhWD19YtblgUzSbR1wGQLn3PLUC3D9GTh8aQSWbbE6Kzadb
lmbrqJ7sttDpok0WgbqCZOOIqorN+a8mSmU3gn3aVFrgKt2ipHgnhLFYuj+oC8nr
QujGRJ3is8HV6PqC54FWlxMrFpUWVRTCTgTrOmejtHZYBu1zgl+58E1lJotls4b+
qFYS8g3R+p5RuCj0W7fCmxDELW4DuMnM2ay4ikK/oGVI9pFPCq9Vnua5NAUhRCwh
odyBLw7+y7fdo993jOf0eEFOvUA9mBYmxv3OxAmSxigWWTeIrwsqwt+gaqAKeSJ4
tH8B
-----END CERTIFICATE-----
Generated at Thu Oct 5 08:50:29 2023 by rpki-client on console-ams.rpki-client.org