Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/X2aqMcnXVzqH7bkgtUAOg_JHkaI.roa
File: X2aqMcnXVzqH7bkgtUAOg_JHkaI.roa (raw, json)
Hash identifier: 3t4KK6F9xrHys2yU/LCF8A+KGiLaaTIZCw5KPHU0Jj8=
Subject key identifier: 5F:66:AA:31:C9:D7:57:3A:87:ED:B9:20:B5:40:0E:83:F2:47:91:A2
Certificate issuer: /CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Certificate serial: 0185728C915C0D2B9EAC3F7EC0AB888157F4
Authority key identifier: 1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/X2aqMcnXVzqH7bkgtUAOg_JHkaI.roa
Signing time: Mon 02 Jan 2023 12:54:52 +0000
ROA not before: Mon 02 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 185.63.12.0/22 maxlen: 22
81.93.32.0/22 maxlen: 22
81.93.32.0/21 maxlen: 21
81.93.32.0/20 maxlen: 20
81.93.36.0/22 maxlen: 22
81.93.40.0/21 maxlen: 21
81.93.40.0/22 maxlen: 22
81.93.44.0/22 maxlen: 22
93.88.32.0/22 maxlen: 22
93.88.32.0/20 maxlen: 20
93.88.36.0/22 maxlen: 22
93.88.40.0/22 maxlen: 22
81.30.16.0/20 maxlen: 20
93.88.44.0/22 maxlen: 22
81.30.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:91:5c:0d:2b:9e:ac:3f:7e:c0:ab:88:81:57:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Validity
Not Before: Jan 2 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f66aa31c9d7573a87edb920b5400e83f24791a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:78:b3:ae:6b:a0:57:b1:d8:d2:a7:c7:8d:
fb:7a:f7:ea:e5:71:3b:8e:9c:bb:f1:16:38:c6:04:
c5:92:13:51:c6:35:f2:9d:04:31:41:07:75:db:82:
8a:cc:ab:e4:b5:19:d4:f0:d6:ba:8d:d4:a4:4a:8f:
3c:e7:e6:b3:32:3e:1f:55:e4:1b:09:d3:b5:67:f5:
5f:18:2f:44:b3:3c:7b:a9:4a:97:a4:d7:96:c8:b4:
6a:e7:ef:0c:01:e0:c4:33:b7:d1:1e:84:b6:45:d3:
ce:90:82:b6:a7:27:8e:6f:0a:58:9c:f5:3c:8a:43:
d0:3a:35:be:a1:42:4d:69:e5:98:b5:c1:f6:d9:05:
af:7d:fc:04:fb:4a:83:93:9b:5f:82:11:c1:86:08:
d8:36:9d:43:b4:d1:2b:5c:22:d5:34:4e:ac:8a:a3:
d1:e1:ee:b9:72:c4:19:09:cc:ef:f8:63:52:fb:7c:
84:8e:01:17:14:0b:de:fa:76:dc:79:2a:2c:8b:e7:
cf:94:96:3c:7c:94:fc:7b:cd:5d:c8:ac:b6:99:75:
86:8f:86:ef:09:c2:03:de:4a:ae:1b:1b:a4:46:50:
b6:b3:ae:17:a0:c8:4a:a7:24:6b:a9:dc:be:31:b9:
34:16:b6:08:b0:0b:7f:53:45:a9:11:9b:f5:ce:bd:
be:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:66:AA:31:C9:D7:57:3A:87:ED:B9:20:B5:40:0E:83:F2:47:91:A2
X509v3 Authority Key Identifier:
keyid:1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/X2aqMcnXVzqH7bkgtUAOg_JHkaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.16.0/20
81.93.32.0/20
93.88.32.0/20
185.63.12.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:c2:4a:c2:35:27:18:60:9d:7a:d9:cb:49:c1:d2:d9:22:05:
b9:8b:a0:5a:e3:82:5b:92:d8:cb:aa:d8:b1:77:54:da:85:da:
80:03:99:7c:45:50:b1:b3:c7:82:30:0c:87:1e:25:86:0f:df:
09:f1:f6:b0:8b:ce:fc:cd:c8:50:2c:5c:28:ff:13:c7:7f:54:
f7:73:b5:1d:21:7c:59:c0:fb:ca:7a:3f:f3:c1:dc:fd:c7:a5:
b9:a4:63:cf:33:30:13:8c:38:a8:51:f3:27:1c:8b:8d:ed:be:
bd:57:b2:ac:b5:a4:6b:b4:a0:e8:63:b0:2c:1d:bb:cc:c5:33:
6f:eb:06:9e:91:41:ae:18:69:bc:c1:b7:59:07:2c:2c:4f:19:
86:3e:95:6e:8c:99:a8:f0:4f:cb:45:fa:b4:08:f7:80:00:5c:
92:09:f7:86:be:6e:f9:df:aa:cd:db:a4:ee:43:8d:2d:d7:89:
8b:1e:cf:ea:34:53:d9:5d:09:0e:4a:1d:21:30:90:b7:b4:0b:
f1:1e:c1:33:59:86:2e:52:b6:32:38:10:aa:02:6e:e5:3d:48:
d4:ff:8f:80:97:19:38:2c:64:2d:d1:d3:eb:d6:87:d1:71:5f:
25:25:94:2e:f8:65:95:31:03:6c:9b:1c:63:d4:24:eb:9f:ac:
ae:da:1e:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyjJFcDSuerD9+wKuIgVf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTFjN2FhMGIzOTVlMDYxMmVjNDIzZmUwN2ZiMDM4OWFh
YTQwMDMwHhcNMjMwMTAyMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjY2YWEzMWM5ZDc1NzNhODdlZGI5MjBiNTQwMGU4M2YyNDc5MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9x4s65roFex2NKnx437evfq5XE7
jpy78RY4xgTFkhNRxjXynQQxQQd124KKzKvktRnU8Na6jdSkSo885+azMj4fVeQb
CdO1Z/VfGC9Eszx7qUqXpNeWyLRq5+8MAeDEM7fRHoS2RdPOkIK2pyeObwpYnPU8
ikPQOjW+oUJNaeWYtcH22QWvffwE+0qDk5tfghHBhgjYNp1DtNErXCLVNE6siqPR
4e65csQZCczv+GNS+3yEjgEXFAve+nbceSosi+fPlJY8fJT8e81dyKy2mXWGj4bv
CcID3kquGxukRlC2s64XoMhKpyRrqdy+Mbk0FrYIsAt/U0WpEZv1zr2+2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF9mqjHJ11c6h+25ILVADoPyR5GiMB8GA1UdIwQY
MBaAFBrhx6oLOV4GEuxCP+B/sDiaqkADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2Ut
OTRmZGM5ZmJkY2FjLzEvWDJhcU1jblhWenFIN2JrZ3RVQU9nX0pIa2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2UtOTRmZGM5ZmJkY2Fj
LzEvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR4QAwQE
UV0gAwQEXVggAwQCuT8MMA0GCSqGSIb3DQEBCwUAA4IBAQCqwkrCNScYYJ162ctJ
wdLZIgW5i6Ba44JbktjLqtixd1TahdqAA5l8RVCxs8eCMAyHHiWGD98J8fawi878
zchQLFwo/xPHf1T3c7UdIXxZwPvKej/zwdz9x6W5pGPPMzATjDioUfMnHIuN7b69
V7KstaRrtKDoY7AsHbvMxTNv6waekUGuGGm8wbdZBywsTxmGPpVujJmo8E/LRfq0
CPeAAFySCfeGvm7536rN26TuQ40t14mLHs/qNFPZXQkOSh0hMJC3tAvxHsEzWYYu
UrYyOBCqAm7lPUjU/4+Alxk4LGQt0dPr1ofRcV8lJZQu+GWVMQNsmxxj1CTrn6yu
2h4M
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-fra.rpki-client.org