Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/3qY7ndHBrb5Wr-TrUe8r_zuJklA.roa
File: 3qY7ndHBrb5Wr-TrUe8r_zuJklA.roa (raw, json)
Hash identifier: V2KjzsFT2EK0Ct5fNirGy+amKpZlk/QFVxvSk0qQ4+c=
Subject key identifier: DE:A6:3B:9D:D1:C1:AD:BE:56:AF:E4:EB:51:EF:2B:FF:3B:89:92:50
Certificate issuer: /CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Certificate serial: 01857169C6D2BB11877BDFF2B5A19759E819
Authority key identifier: 57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/3qY7ndHBrb5Wr-TrUe8r_zuJklA.roa
Signing time: Mon 02 Jan 2023 07:37:15 +0000
ROA not before: Mon 02 Jan 2023 07:37:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14593
IP address blocks: 145.224.64.0/21 maxlen: 24
176.116.124.0/23 maxlen: 24
145.224.64.0/18 maxlen: 24
145.224.72.0/21 maxlen: 24
145.224.80.0/21 maxlen: 24
145.224.88.0/22 maxlen: 24
188.92.248.0/21 maxlen: 24
145.224.94.0/23 maxlen: 24
145.224.96.0/21 maxlen: 24
145.224.92.0/23 maxlen: 24
188.95.144.0/23 maxlen: 24
216.128.0.0/19 maxlen: 24
169.155.224.0/19 maxlen: 24
217.65.136.0/22 maxlen: 24
217.65.136.0/21 maxlen: 24
162.43.192.0/22 maxlen: 24
91.102.180.0/22 maxlen: 24
145.224.108.0/22 maxlen: 24
145.224.124.0/22 maxlen: 24
209.198.128.0/19 maxlen: 24
2a0d:3340::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c6:d2:bb:11:87:7b:df:f2:b5:a1:97:59:e8:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5799b327dd6cda1ad37bc1c224a454b02dea2afc
Validity
Not Before: Jan 2 07:37:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dea63b9dd1c1adbe56afe4eb51ef2bff3b899250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4e:72:d0:0f:da:c0:7c:27:3e:b2:bd:22:76:
df:bb:a5:05:eb:b4:4d:a7:62:5d:2c:8d:1a:1b:8f:
6b:5e:a2:bd:af:d0:7e:fd:56:6e:db:2d:89:ed:74:
18:6e:4b:34:79:71:b7:57:66:ae:8b:26:f6:12:6e:
fb:d0:b5:34:b8:3c:8b:1b:69:e9:ad:f3:87:5d:3c:
1a:3a:0f:67:70:6d:c0:35:da:11:41:54:35:0d:df:
e2:0e:77:e0:ad:78:9c:90:ca:9c:19:5a:3f:66:ca:
b2:89:5c:94:78:9a:74:17:61:2b:11:53:59:59:7d:
84:fe:95:13:0d:9f:49:f8:86:ad:10:c4:de:da:65:
ee:2d:38:eb:25:ef:8f:71:ae:7a:f1:49:d5:ff:e8:
03:53:83:3f:5d:ab:2a:6d:e9:43:fa:09:8e:1c:28:
8c:8f:0d:7a:f7:d1:48:09:71:9b:7c:23:23:b5:7f:
a9:cd:0d:7b:98:c9:b9:96:f2:ac:e6:78:55:4d:ac:
7d:fa:17:7c:d9:85:b2:34:79:37:3e:5f:ac:a0:6e:
a2:6b:1b:9e:a1:d3:cd:00:31:c3:a7:87:57:23:2e:
aa:87:80:2e:25:cc:76:55:01:b2:a9:40:8b:a2:6a:
0a:10:3d:a2:6b:33:b4:29:08:b5:c8:df:b2:b0:71:
96:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A6:3B:9D:D1:C1:AD:BE:56:AF:E4:EB:51:EF:2B:FF:3B:89:92:50
X509v3 Authority Key Identifier:
keyid:57:99:B3:27:DD:6C:DA:1A:D3:7B:C1:C2:24:A4:54:B0:2D:EA:2A:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5mzJ91s2hrTe8HCJKRUsC3qKvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/3qY7ndHBrb5Wr-TrUe8r_zuJklA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8c2ae9-0a77-49eb-ad3a-ea150e7638ce/1/V5mzJ91s2hrTe8HCJKRUsC3qKvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.180.0/22
145.224.64.0/18
162.43.192.0/22
169.155.224.0/19
176.116.124.0/23
188.92.248.0/21
188.95.144.0/23
209.198.128.0/19
216.128.0.0/19
217.65.136.0/21
IPv6:
2a0d:3340::/29
Signature Algorithm: sha256WithRSAEncryption
a3:75:a2:df:94:03:b4:15:f7:65:50:a0:56:78:1b:4d:4e:4d:
3d:1c:fe:e8:69:2b:1c:fd:c3:cf:c0:3f:6a:ae:ec:21:2c:46:
71:67:89:47:7f:e9:d5:46:1f:73:48:e0:aa:82:8c:b0:70:8b:
0f:53:80:3f:19:c4:95:6d:5c:d6:8d:86:12:ff:d8:fc:3d:87:
47:73:41:74:8a:14:1c:a3:5b:8a:88:41:f2:8d:19:0e:3a:11:
a0:11:29:ec:25:f9:aa:25:0d:ae:6f:52:5b:3d:14:4f:bb:9d:
73:68:04:0a:16:1e:a6:ee:83:cd:f3:98:b4:b9:ea:46:76:f7:
33:82:fb:58:1e:c5:25:fb:90:92:ae:6d:e2:bd:1c:94:82:79:
7b:21:10:0b:cf:44:e7:dc:35:53:15:19:23:b9:08:5a:1e:c1:
cd:79:7f:70:22:2a:c7:1c:2e:cd:58:78:83:c9:70:31:00:64:
8f:27:1f:5c:39:ae:3b:71:b6:32:21:3e:8c:1d:26:45:e1:1b:
82:e5:bc:0a:c2:82:bf:e8:09:21:b2:31:f2:f7:88:a5:19:d5:
bc:71:11:d1:e5:f9:5a:ff:b0:08:59:67:78:06:5c:24:f6:6a:
80:ca:bb:1c:70:40:77:2d:57:c7:2e:d3:51:3e:4b:7d:c6:87:
a3:75:1d:e5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVxacbSuxGHe9/ytaGXWegZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTliMzI3ZGQ2Y2RhMWFkMzdiYzFjMjI0YTQ1NGIwMmRl
YTJhZmMwHhcNMjMwMTAyMDczNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWE2M2I5ZGQxYzFhZGJlNTZhZmU0ZWI1MWVmMmJmZjNiODk5MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0k5y0A/awHwnPrK9Inbfu6UF67RN
p2JdLI0aG49rXqK9r9B+/VZu2y2J7XQYbks0eXG3V2auiyb2Em770LU0uDyLG2np
rfOHXTwaOg9ncG3ANdoRQVQ1Dd/iDnfgrXickMqcGVo/ZsqyiVyUeJp0F2ErEVNZ
WX2E/pUTDZ9J+IatEMTe2mXuLTjrJe+Pca568UnV/+gDU4M/XasqbelD+gmOHCiM
jw1699FICXGbfCMjtX+pzQ17mMm5lvKs5nhVTax9+hd82YWyNHk3Pl+soG6iaxue
odPNADHDp4dXIy6qh4AuJcx2VQGyqUCLomoKED2iazO0KQi1yN+ysHGWiwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFN6mO53Rwa2+Vq/k61HvK/87iZJQMB8GA1UdIwQY
MBaAFFeZsyfdbNoa03vBwiSkVLAt6ir8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2Et
ZWExNTBlNzYzOGNlLzEvM3FZN25kSEJyYjVXci1UclVlOHJfenVKa2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84YzJhZTktMGE3Ny00OWViLWFkM2EtZWExNTBlNzYzOGNl
LzEvVjVteko5MXMyaHJUZThIQ0pLUlVzQzNxS3Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCW2a0AwQG
keBAAwQCoivAAwQFqZvgAwQBsHR8AwQDvFz4AwQBvF+QAwQF0caAAwQF2IAAAwQD
2UGIMA0EAgACMAcDBQMqDTNAMA0GCSqGSIb3DQEBCwUAA4IBAQCjdaLflAO0Ffdl
UKBWeBtNTk09HP7oaSsc/cPPwD9qruwhLEZxZ4lHf+nVRh9zSOCqgoywcIsPU4A/
GcSVbVzWjYYS/9j8PYdHc0F0ihQco1uKiEHyjRkOOhGgESnsJfmqJQ2ub1JbPRRP
u51zaAQKFh6m7oPN85i0uepGdvczgvtYHsUl+5CSrm3ivRyUgnl7IRALz0Tn3DVT
FRkjuQhaHsHNeX9wIirHHC7NWHiDyXAxAGSPJx9cOa47cbYyIT6MHSZF4RuC5bwK
woK/6AkhsjHy94ilGdW8cRHR5fla/7AIWWd4Blwk9mqAyrsccEB3LVfHLtNRPkt9
xoejdR3l
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:30 2024 by rpki-client on console-ams.rpki-client.org