Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/38xpm2iECrCmXHh-c0Fgh9x_4qk.roa
File: 38xpm2iECrCmXHh-c0Fgh9x_4qk.roa (raw, json)
Hash identifier: veieGhrOOPunBhXiifZbIdB0upR6yeu10l3reXLCrEQ=
Subject key identifier: DF:CC:69:9B:68:84:0A:B0:A6:5C:78:7E:73:41:60:87:DC:7F:E2:A9
Certificate issuer: /CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Certificate serial: 01857227DDDBDB4245E3FC001B70A6031DB6
Authority key identifier: 0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/38xpm2iECrCmXHh-c0Fgh9x_4qk.roa
Signing time: Mon 02 Jan 2023 11:04:53 +0000
ROA not before: Mon 02 Jan 2023 11:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15958
IP address blocks: 109.245.16.0/20 maxlen: 20
109.245.228.0/22 maxlen: 22
109.245.232.0/21 maxlen: 21
109.245.240.0/20 maxlen: 20
217.65.192.0/20 maxlen: 20
217.65.196.0/22 maxlen: 22
217.65.201.0/24 maxlen: 24
217.65.200.0/21 maxlen: 21
217.65.202.0/23 maxlen: 23
217.65.204.0/22 maxlen: 22
109.245.40.0/21 maxlen: 21
109.245.48.0/20 maxlen: 20
109.245.192.0/19 maxlen: 19
109.106.224.0/20 maxlen: 20
109.245.0.0/21 maxlen: 21
109.245.8.0/22 maxlen: 22
109.245.0.0/16 maxlen: 16
2a01:ac80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:dd:db:db:42:45:e3:fc:00:1b:70:a6:03:1d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d72fe2c805ed63afc9c89e9324ac94d30939aab
Validity
Not Before: Jan 2 11:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfcc699b68840ab0a65c787e73416087dc7fe2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:53:40:97:e8:4b:8f:3d:38:f4:9f:1c:dc:93:
b8:5f:c1:c6:9d:e8:0d:7d:0f:89:c3:7e:4f:6c:b8:
4c:32:3a:95:80:c2:c1:8b:66:72:a4:bf:39:0c:b5:
fa:ae:c8:67:5e:ae:9b:8c:fc:e5:36:b6:00:9c:82:
95:9c:87:d2:7b:40:d1:13:3e:f8:a2:bd:89:40:f1:
37:f2:d5:1a:b4:a1:ee:3c:fa:0a:7e:28:2a:80:38:
22:ae:76:69:f9:40:da:4a:ad:3f:9b:0b:ea:0b:fc:
d8:22:38:2a:06:30:3a:42:01:36:aa:22:0a:ad:c4:
d9:af:e1:57:ad:ab:2f:88:b0:ab:7d:c2:a8:cf:c6:
3f:14:2d:af:ed:fc:3a:9b:81:f7:78:d5:a6:7b:bf:
c3:fd:3b:d2:06:7e:a0:66:30:ad:de:64:7d:0c:66:
cc:fb:49:c9:8a:bb:5b:35:27:d8:a9:9a:c2:6a:e1:
8a:f0:b3:45:da:37:88:10:a9:9d:b6:48:6c:00:b5:
aa:be:ab:7c:12:66:11:21:94:90:3b:2b:85:03:2a:
92:4c:32:95:62:94:c5:95:7e:3e:f0:65:d4:9c:d6:
19:0a:88:03:25:52:c4:15:db:5e:60:b3:8e:97:1e:
88:4d:6e:d0:53:2f:0f:7f:04:d1:62:e8:09:56:27:
5f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CC:69:9B:68:84:0A:B0:A6:5C:78:7E:73:41:60:87:DC:7F:E2:A9
X509v3 Authority Key Identifier:
keyid:0D:72:FE:2C:80:5E:D6:3A:FC:9C:89:E9:32:4A:C9:4D:30:93:9A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXL-LIBe1jr8nInpMkrJTTCTmqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/38xpm2iECrCmXHh-c0Fgh9x_4qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/22e1d1-9984-4158-8d18-cf818c7c451a/1/DXL-LIBe1jr8nInpMkrJTTCTmqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.224.0/20
109.245.0.0/16
217.65.192.0/20
IPv6:
2a01:ac80::/32
Signature Algorithm: sha256WithRSAEncryption
35:8c:71:c6:c7:84:04:25:76:ca:72:a9:ec:5e:51:01:8e:c7:
cc:36:b9:e4:63:c9:77:a3:70:28:d7:31:86:e8:1d:5f:20:9d:
fd:25:6e:6e:9d:00:3a:34:6d:f0:57:ca:42:c8:6d:d8:3e:bf:
a2:9b:f7:6a:65:80:9c:d2:be:c4:55:e5:ca:d8:29:19:f7:db:
7a:53:80:ff:65:02:32:ee:3f:bd:de:ff:a9:b8:36:c7:84:50:
94:30:79:79:f6:97:94:84:20:98:6e:0a:d1:8c:a1:0b:d5:6e:
10:88:d4:2b:4e:54:56:90:8c:47:96:e2:18:e6:4a:90:88:23:
14:b9:60:23:a6:05:7c:40:95:7c:ce:fa:d9:5c:64:bc:9c:3a:
e8:ad:19:11:39:ca:60:64:a7:64:46:81:e0:92:5a:7d:ae:cf:
00:e3:d6:64:f6:88:22:13:96:c3:86:dc:af:f7:3e:a4:5a:f3:
bc:11:48:cc:1c:2b:04:e1:bf:c5:f2:f1:b9:93:8e:27:f3:fc:
c8:96:77:33:a3:ec:7e:6f:77:fe:58:aa:8b:6a:04:8b:88:77:
71:ee:0a:d0:48:aa:51:03:9f:e5:7a:00:c8:60:31:1e:41:83:
b6:c4:32:36:56:7e:15:0c:6a:49:82:8b:ac:b5:3c:04:90:9e:
48:d3:9e:26
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVyJ93b20JF4/wAG3CmAx22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzJmZTJjODA1ZWQ2M2FmYzljODllOTMyNGFjOTRkMzA5
MzlhYWIwHhcNMjMwMTAyMTEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmNjNjk5YjY4ODQwYWIwYTY1Yzc4N2U3MzQxNjA4N2RjN2ZlMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFNAl+hLjz049J8c3JO4X8HGnegN
fQ+Jw35PbLhMMjqVgMLBi2ZypL85DLX6rshnXq6bjPzlNrYAnIKVnIfSe0DREz74
or2JQPE38tUatKHuPPoKfigqgDgirnZp+UDaSq0/mwvqC/zYIjgqBjA6QgE2qiIK
rcTZr+FXrasviLCrfcKoz8Y/FC2v7fw6m4H3eNWme7/D/TvSBn6gZjCt3mR9DGbM
+0nJirtbNSfYqZrCauGK8LNF2jeIEKmdtkhsALWqvqt8EmYRIZSQOyuFAyqSTDKV
YpTFlX4+8GXUnNYZCogDJVLEFdteYLOOlx6ITW7QUy8PfwTRYugJVidf+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN/MaZtohAqwplx4fnNBYIfcf+KpMB8GA1UdIwQY
MBaAFA1y/iyAXtY6/JyJ6TJKyU0wk5qrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgt
Y2Y4MThjN2M0NTFhLzEvMzh4cG0yaUVDckNtWEhoLWMwRmdoOXhfNHFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yMmUxZDEtOTk4NC00MTU4LThkMTgtY2Y4MThjN2M0NTFh
LzEvRFhMLUxJQmUxanI4bklucE1rckpUVENUbXFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQEbWrgAwMA
bfUDBATZQcAwDQQCAAIwBwMFACoBrIAwDQYJKoZIhvcNAQELBQADggEBADWMccbH
hAQldspyqexeUQGOx8w2ueRjyXejcCjXMYboHV8gnf0lbm6dADo0bfBXykLIbdg+
v6Kb92plgJzSvsRV5crYKRn323pTgP9lAjLuP73e/6m4NseEUJQweXn2l5SEIJhu
CtGMoQvVbhCI1CtOVFaQjEeW4hjmSpCIIxS5YCOmBXxAlXzO+tlcZLycOuitGRE5
ymBkp2RGgeCSWn2uzwDj1mT2iCITlsOG3K/3PqRa87wRSMwcKwThv8Xy8bmTjifz
/MiWdzOj7H5vd/5YqotqBIuId3HuCtBIqlEDn+V6AMhgMR5Bg7bEMjZWfhUMakmC
i6y1PASQnkjTniY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:51 2024 by rpki-client on console-fra.rpki-client.org