Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/21fxXMvqFZ44hSVETgZTKqF49yk.roa
File: 21fxXMvqFZ44hSVETgZTKqF49yk.roa (raw, json)
Hash identifier: /6RZwPutpXrHkOiqyEotKWsvpF1QeGYYEJ6+RzfG8jo=
Subject key identifier: DB:57:F1:5C:CB:EA:15:9E:38:85:25:44:4E:06:53:2A:A1:78:F7:29
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 0185E0F391B4452FAFB3F33F2A03D95FD752
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/21fxXMvqFZ44hSVETgZTKqF49yk.roa
Signing time: Mon 23 Jan 2023 23:25:37 +0000
ROA not before: Mon 23 Jan 2023 23:25:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205473
IP address blocks: 37.77.69.0/24 maxlen: 24
37.77.70.0/24 maxlen: 24
37.77.71.0/24 maxlen: 24
37.77.66.0/24 maxlen: 24
37.77.67.0/24 maxlen: 24
37.77.68.0/24 maxlen: 24
37.77.65.0/24 maxlen: 24
37.77.73.0/24 maxlen: 24
37.77.74.0/24 maxlen: 24
37.77.75.0/24 maxlen: 24
37.77.72.0/24 maxlen: 24
37.77.76.0/24 maxlen: 24
37.77.77.0/24 maxlen: 24
37.77.78.0/24 maxlen: 24
37.77.79.0/24 maxlen: 24
37.77.64.0/24 maxlen: 24
185.217.89.0/24 maxlen: 24
185.217.90.0/24 maxlen: 24
185.217.91.0/24 maxlen: 24
185.217.88.0/24 maxlen: 24
2a0b:c643::/32 maxlen: 32
2a0b:c641::/32 maxlen: 32
2a0b:c644::/32 maxlen: 32
2a0b:c647::/32 maxlen: 32
2a0b:c646::/32 maxlen: 32
2a0b:c640::/32 maxlen: 32
2a0b:c645::/32 maxlen: 32
2a0b:c642::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e0:f3:91:b4:45:2f:af:b3:f3:3f:2a:03:d9:5f:d7:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Jan 23 23:25:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db57f15ccbea159e388525444e06532aa178f729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6f:5b:00:97:11:c1:20:5d:01:f6:36:67:e7:
94:4d:7a:b1:42:83:4e:9a:8d:86:f0:03:8b:6e:fb:
9f:fe:73:6d:2a:cb:eb:ac:e1:78:3f:0b:7a:0b:e9:
ea:52:3b:52:c1:14:8b:b6:7c:41:7d:6f:1b:41:1f:
b9:75:4a:f8:04:e9:3f:53:5f:42:b4:f8:a1:6d:37:
2f:24:99:b8:cd:05:33:02:74:26:90:c3:d4:9a:06:
a0:ee:cc:4a:6a:9d:c7:f2:cc:27:62:02:43:84:35:
dc:7d:0b:58:84:2d:a8:2f:cd:73:d3:6a:66:00:1c:
76:c2:3c:02:88:7f:b1:9d:18:33:ac:77:e5:22:90:
fb:16:a9:9e:ce:b6:82:3e:97:1e:26:04:2d:23:07:
1c:4d:74:1a:27:36:27:25:28:58:fd:89:17:23:ad:
44:f8:e1:a1:67:84:ce:71:24:35:7f:c0:db:2d:9d:
c5:61:df:c3:00:eb:e1:4c:cd:b3:1d:b1:b5:91:24:
92:f3:0a:42:fa:38:65:be:ed:0b:ec:cd:e6:be:75:
47:2d:5f:a9:94:2d:f6:eb:cf:86:d5:48:2f:e3:ef:
b5:7f:8f:7d:d4:3c:10:bb:c6:49:a5:aa:df:85:d5:
3c:f1:b9:9a:d6:40:b4:ef:9a:21:a2:53:01:57:16:
7f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:57:F1:5C:CB:EA:15:9E:38:85:25:44:4E:06:53:2A:A1:78:F7:29
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/21fxXMvqFZ44hSVETgZTKqF49yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.64.0/20
185.217.88.0/22
IPv6:
2a0b:c640::/29
Signature Algorithm: sha256WithRSAEncryption
5b:89:b1:6f:a7:1b:bc:5b:d1:22:c6:d1:68:2b:6c:0e:48:e4:
bd:5a:58:3f:29:50:30:12:de:db:35:ef:bb:df:7a:f6:07:0d:
f3:33:09:94:fd:2f:99:30:32:b2:cb:60:83:4e:91:4f:71:4e:
83:93:97:ab:18:a2:92:58:01:5e:a9:cf:89:21:cd:e8:64:d5:
e5:f8:1d:af:10:75:50:1b:b8:b8:6a:c3:9a:15:a0:9a:f7:4e:
6c:9f:68:5c:90:d6:df:99:88:e4:43:19:08:9e:01:c1:be:6e:
ca:1f:ee:3a:c0:e1:6f:e7:d9:bf:95:fa:7f:81:20:14:58:65:
21:69:9a:c2:92:98:5a:7f:f6:69:e9:96:ce:09:c8:54:78:11:
63:09:90:cf:13:6b:52:bb:0a:a6:7e:ff:b6:28:89:bf:3d:26:
8d:dd:8f:eb:67:69:90:16:c0:2d:b7:a1:77:9a:6f:ba:69:c6:
67:ec:97:f3:71:e4:3b:5a:46:7e:16:94:18:e7:1a:f0:c6:3c:
39:0a:a7:61:cd:fa:4f:6f:75:52:66:69:d9:66:7a:a6:fc:fe:
fa:6a:31:3a:b7:db:f7:87:7e:fa:91:a2:f1:e9:fb:2a:d6:de:
0a:96:a3:b8:89:00:61:bc:ee:61:06:73:93:c3:32:27:3d:14:
c0:b4:c6:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYXg85G0RS+vs/M/KgPZX9dSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjMwMTIzMjMyNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU3ZjE1Y2NiZWExNTllMzg4NTI1NDQ0ZTA2NTMyYWExNzhmNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi29bAJcRwSBdAfY2Z+eUTXqxQoNO
mo2G8AOLbvuf/nNtKsvrrOF4Pwt6C+nqUjtSwRSLtnxBfW8bQR+5dUr4BOk/U19C
tPihbTcvJJm4zQUzAnQmkMPUmgag7sxKap3H8swnYgJDhDXcfQtYhC2oL81z02pm
ABx2wjwCiH+xnRgzrHflIpD7FqmezraCPpceJgQtIwccTXQaJzYnJShY/YkXI61E
+OGhZ4TOcSQ1f8DbLZ3FYd/DAOvhTM2zHbG1kSSS8wpC+jhlvu0L7M3mvnVHLV+p
lC3268+G1Ugv4++1f4991DwQu8ZJparfhdU88bma1kC075oholMBVxZ/rQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNtX8VzL6hWeOIUlRE4GUyqhePcpMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvMjFmeFhNdnFGWjQ0aFNWRVRnWlRLcUY0OXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEJU1AAwQC
udlYMA0EAgACMAcDBQMqC8ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBbibFvpxu8W9Ei
xtFoK2wOSOS9Wlg/KVAwEt7bNe+733r2Bw3zMwmU/S+ZMDKyy2CDTpFPcU6Dk5er
GKKSWAFeqc+JIc3oZNXl+B2vEHVQG7i4asOaFaCa905sn2hckNbfmYjkQxkIngHB
vm7KH+46wOFv59m/lfp/gSAUWGUhaZrCkphaf/Zp6ZbOCchUeBFjCZDPE2tSuwqm
fv+2KIm/PSaN3Y/rZ2mQFsAtt6F3mm+6acZn7JfzceQ7WkZ+FpQY5xrwxjw5Cqdh
zfpPb3VSZmnZZnqm/P76ajE6t9v3h376kaLx6fsq1t4KlqO4iQBhvO5hBnOTwzIn
PRTAtMb4
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:27 2024 by rpki-client on console-ams.rpki-client.org