Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Ir_mwG5GJeT70c4a9OgE1D6irKY.roa
File: Ir_mwG5GJeT70c4a9OgE1D6irKY.roa (raw, json)
Hash identifier: mYyP5aQQd6LSyBxnzATfw+E+OOWNUP/vNRT4nv3rLe4=
Subject key identifier: 22:BF:E6:C0:6E:46:25:E4:FB:D1:CE:1A:F4:E8:04:D4:3E:A2:AC:A6
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018A51355610B12F73840283FE61C14F15BC
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Ir_mwG5GJeT70c4a9OgE1D6irKY.roa
Signing time: Fri 01 Sep 2023 14:46:04 +0000
ROA not before: Fri 01 Sep 2023 14:46:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25255
IP address blocks: 91.141.0.0/20 maxlen: 20
91.141.0.0/17 maxlen: 17
94.245.192.0/24 maxlen: 24
178.114.96.0/20 maxlen: 20
178.114.92.0/22 maxlen: 22
94.245.192.0/18 maxlen: 18
213.94.64.0/21 maxlen: 21
178.114.112.0/20 maxlen: 20
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
178.114.128.0/21 maxlen: 21
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
77.119.224.0/19 maxlen: 19
77.116.128.0/17 maxlen: 17
77.119.160.0/20 maxlen: 20
178.113.0.0/17 maxlen: 17
77.119.192.0/19 maxlen: 19
77.117.0.0/17 maxlen: 17
77.118.240.0/20 maxlen: 20
46.220.0.0/16 maxlen: 16
178.115.96.0/24 maxlen: 24
178.115.98.0/24 maxlen: 24
178.112.0.0/17 maxlen: 17
77.118.192.0/20 maxlen: 20
77.118.208.0/20 maxlen: 20
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
77.118.224.0/21 maxlen: 21
77.118.232.0/21 maxlen: 21
77.116.0.0/17 maxlen: 17
77.119.96.0/22 maxlen: 22
77.119.112.0/22 maxlen: 22
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
109.126.64.0/18 maxlen: 18
178.112.128.0/17 maxlen: 17
178.115.224.0/19 maxlen: 19
77.119.80.0/21 maxlen: 21
77.119.88.0/21 maxlen: 21
46.57.124.0/22 maxlen: 22
46.57.120.0/22 maxlen: 22
178.114.192.0/21 maxlen: 21
77.118.32.0/21 maxlen: 21
77.118.48.0/21 maxlen: 21
178.114.208.0/21 maxlen: 21
77.118.56.0/21 maxlen: 21
178.114.216.0/21 maxlen: 21
178.114.224.0/20 maxlen: 20
81.3.192.0/24 maxlen: 24
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
178.114.144.0/21 maxlen: 21
46.57.80.0/21 maxlen: 21
213.94.96.0/21 maxlen: 21
178.114.152.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
46.57.88.0/21 maxlen: 21
178.114.160.0/20 maxlen: 20
46.57.96.0/21 maxlen: 21
46.57.104.0/22 maxlen: 22
178.114.176.0/20 maxlen: 20
77.118.17.0/24 maxlen: 24
77.118.14.0/24 maxlen: 24
46.57.112.0/21 maxlen: 21
77.118.136.0/21 maxlen: 21
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
77.118.160.0/20 maxlen: 20
77.118.176.0/20 maxlen: 20
178.114.240.0/20 maxlen: 20
81.3.204.0/23 maxlen: 23
81.3.206.0/23 maxlen: 23
81.3.201.0/24 maxlen: 24
81.3.211.0/24 maxlen: 24
81.3.210.0/24 maxlen: 24
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
77.118.104.0/22 maxlen: 22
77.118.108.0/22 maxlen: 22
77.118.112.0/20 maxlen: 20
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
77.118.128.0/21 maxlen: 21
2a02:2861:d::/48 maxlen: 48
2a02:2864::/30 maxlen: 30
2a02:2861::/32 maxlen: 32
2a02:2861:e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:51:35:56:10:b1:2f:73:84:02:83:fe:61:c1:4f:15:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Sep 1 14:46:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22bfe6c06e4625e4fbd1ce1af4e804d43ea2aca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d5:0c:d8:61:54:c5:72:5f:87:ab:77:01:bd:
d0:6a:1f:c4:19:20:a0:37:da:3c:c3:fa:44:85:83:
1a:c2:b9:e8:bc:37:9a:10:a6:a6:6a:a8:ac:2d:5c:
37:02:3f:fb:b4:d6:83:a6:49:53:19:e9:dd:3e:ab:
c0:c0:7e:df:f8:a9:31:7e:04:5e:f9:e4:58:f3:ed:
7f:24:7e:ce:dc:c1:b3:01:59:e2:9f:f7:ae:0d:45:
f8:92:c7:17:07:40:b4:76:ce:f8:18:e0:97:f7:0c:
80:69:e9:bd:ac:53:78:9a:95:02:36:55:3b:9c:50:
ac:65:f2:9e:7b:b2:43:68:70:42:0a:f6:72:c7:40:
75:9a:a8:59:83:c1:58:21:52:e2:4b:c2:2c:2a:38:
62:d1:81:f4:68:c4:79:57:2b:3f:40:a0:1b:10:94:
b7:2b:46:de:1f:86:8d:bf:3a:c9:ff:ba:2e:c1:69:
66:b7:8d:c7:5a:2c:4c:91:a2:b5:36:5a:fa:30:6d:
ad:b2:fa:8a:10:f5:9d:77:fe:c7:86:f0:b2:ec:2e:
08:ee:96:0f:80:43:0b:78:e3:45:92:6f:c6:da:53:
6e:ea:43:71:be:56:ab:1a:93:15:78:16:ff:16:c0:
83:9f:f5:f6:21:cb:d7:ac:66:77:fc:37:19:01:62:
22:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BF:E6:C0:6E:46:25:E4:FB:D1:CE:1A:F4:E8:04:D4:3E:A2:AC:A6
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/Ir_mwG5GJeT70c4a9OgE1D6irKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.80.0-46.57.107.255
46.57.112.0/20
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
b5:49:4e:e4:29:24:b8:7b:17:0f:bb:90:36:8e:2c:3a:06:89:
03:70:29:f9:41:6b:ee:41:8e:32:7f:ee:b0:17:ea:2b:9a:60:
ca:53:34:2d:6e:9f:ba:d5:66:c2:ff:a6:74:05:1f:29:54:ac:
ca:13:80:20:fd:aa:14:0b:5a:78:a5:7e:a8:e8:d7:67:ff:58:
50:7e:6d:ce:80:54:05:c4:07:d7:50:77:ee:7a:ad:14:ea:6b:
94:e6:c9:21:3c:45:95:cf:a5:0b:e3:85:6d:17:ea:27:60:1e:
38:49:c9:83:c7:c3:6f:a7:b4:54:be:0a:88:b5:06:e9:7e:d1:
ab:8d:9e:54:6a:94:19:23:34:48:11:56:5c:5a:e6:86:b8:f5:
75:17:47:3d:ac:c6:59:23:db:2c:ae:6e:40:4d:c7:c4:66:52:
27:72:cf:85:e4:8b:64:11:c3:28:79:e1:ea:a3:2b:ec:ad:43:
e6:eb:b4:07:df:00:c7:63:98:e6:db:8c:88:71:79:bd:7e:58:
2c:4b:68:be:a2:68:1d:bd:ea:ff:4a:e7:b5:f0:79:f7:47:34:
b3:71:e3:3a:7a:1e:e3:4f:b7:55:0c:6a:d1:7f:f8:bf:5b:fd:
d7:17:66:2b:22:c4:aa:00:bc:21:21:c6:1d:c0:1c:a8:c8:d4:
47:5e:c7:49
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYpRNVYQsS9zhAKD/mHBTxW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMwOTAxMTQ0NjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJmZTZjMDZlNDYyNWU0ZmJkMWNlMWFmNGU4MDRkNDNlYTJhY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptUM2GFUxXJfh6t3Ab3Qah/EGSCg
N9o8w/pEhYMawrnovDeaEKamaqisLVw3Aj/7tNaDpklTGendPqvAwH7f+KkxfgRe
+eRY8+1/JH7O3MGzAVnin/euDUX4kscXB0C0ds74GOCX9wyAaem9rFN4mpUCNlU7
nFCsZfKee7JDaHBCCvZyx0B1mqhZg8FYIVLiS8IsKjhi0YH0aMR5Vys/QKAbEJS3
K0beH4aNvzrJ/7ouwWlmt43HWixMkaK1Nlr6MG2tsvqKEPWdd/7HhvCy7C4I7pYP
gEMLeONFkm/G2lNu6kNxvlarGpMVeBb/FsCDn/X2IcvXrGZ3/DcZAWIimwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFCK/5sBuRiXk+9HOGvToBNQ+oqymMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvSXJfbXdHNUdKZVQ3MGM0YTlPZ0UxRDZpcktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBTBAIAATBNMAwDBAQuOVAD
BAIuOWgDBAQuOXADAwAu3AMDAk10AwQGUQPAAwQHW40AAwQGXvXAAwQGbX5AAwMC
snADBAeypYADBAXCGIADBAbVXkAwFAQCAAIwDgMFACoCKGEDBQIqAihkMA0GCSqG
SIb3DQEBCwUAA4IBAQC1SU7kKSS4excPu5A2jiw6BokDcCn5QWvuQY4yf+6wF+or
mmDKUzQtbp+61WbC/6Z0BR8pVKzKE4Ag/aoUC1p4pX6o6Ndn/1hQfm3OgFQFxAfX
UHfueq0U6muU5skhPEWVz6UL44VtF+onYB44ScmDx8Nvp7RUvgqItQbpftGrjZ5U
apQZIzRIEVZcWuaGuPV1F0c9rMZZI9ssrm5ATcfEZlIncs+F5ItkEcMoeeHqoyvs
rUPm67QH3wDHY5jm24yIcXm9flgsS2i+omgdver/Sue18Hn3RzSzceM6eh7jT7dV
DGrRf/i/W/3XF2YrIsSqALwhIcYdwByoyNRHXsdJ
-----END CERTIFICATE-----
Generated at Thu Nov 9 07:42:18 2023 by rpki-client on console-ams.rpki-client.org