Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/w5OAqhr7HuD1w4ZY-8qY666DQgc.roa
File: w5OAqhr7HuD1w4ZY-8qY666DQgc.roa (raw, json)
Hash identifier: g/wuzOgzcNPFycZ2r1c2mPj1w6b9C5a4oUb3qqMEwc8=
Subject key identifier: C3:93:80:AA:1A:FB:1E:E0:F5:C3:86:58:FB:CA:98:EB:AE:83:42:07
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 01893A8966A0A2DCA3ECF88340036AD04976
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/w5OAqhr7HuD1w4ZY-8qY666DQgc.roa
Signing time: Sun 09 Jul 2023 12:03:50 +0000
ROA not before: Sun 09 Jul 2023 12:03:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8895
IP address blocks: 212.138.250.0/24 maxlen: 24
212.138.104.0/24 maxlen: 25
212.138.108.0/24 maxlen: 24
212.138.117.0/24 maxlen: 24
212.138.116.0/24 maxlen: 24
212.138.115.0/24 maxlen: 24
212.138.118.0/24 maxlen: 24
212.138.121.0/24 maxlen: 24
212.138.120.0/24 maxlen: 24
212.138.119.0/24 maxlen: 24
212.138.128.0/24 maxlen: 24
212.138.130.0/24 maxlen: 24
212.138.43.0/24 maxlen: 24
212.138.64.0/22 maxlen: 24
212.138.76.0/22 maxlen: 24
212.138.187.0/24 maxlen: 24
212.138.190.0/24 maxlen: 24
212.138.194.0/24 maxlen: 24
212.138.196.0/24 maxlen: 24
212.138.206.0/24 maxlen: 24
212.138.201.0/24 maxlen: 24
212.138.203.0/24 maxlen: 24
212.138.139.0/24 maxlen: 24
212.138.134.0/24 maxlen: 24
212.138.140.0/24 maxlen: 24
212.138.153.0/24 maxlen: 24
212.138.157.0/24 maxlen: 24
212.138.166.0/24 maxlen: 24
212.138.162.0/24 maxlen: 24
212.138.160.0/24 maxlen: 24
212.138.168.0/24 maxlen: 24
212.138.172.0/24 maxlen: 24
212.138.177.0/24 maxlen: 24
212.138.176.0/24 maxlen: 24
212.138.183.0/24 maxlen: 25
212.138.185.0/24 maxlen: 24
2001:1490:103::/48 maxlen: 48
2001:1490:106::/48 maxlen: 48
2001:1490:107::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:89:66:a0:a2:dc:a3:ec:f8:83:40:03:6a:d0:49:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Jul 9 12:03:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c39380aa1afb1ee0f5c38658fbca98ebae834207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b8:10:5d:cb:8c:c2:ec:c7:0c:22:dc:d5:a1:
cf:23:81:f0:f8:e0:10:44:4a:22:ed:85:ed:4a:ef:
3c:33:40:e8:e9:fd:08:b2:da:43:11:b1:e4:3d:f3:
73:02:56:1b:4f:a0:fe:88:03:73:1e:07:2c:ab:b2:
cd:77:ae:e6:ca:da:00:2f:98:7e:96:00:60:ab:5b:
b0:a2:3d:65:a5:ed:e0:9b:98:29:14:5d:ad:ab:d1:
e9:a0:85:75:e2:59:34:e6:f1:13:d0:a6:3e:e7:69:
43:3e:d9:f3:0d:99:54:2f:c5:56:20:da:d5:4e:a1:
b2:c9:4c:de:4d:c1:86:14:79:e6:06:f1:f7:b9:7d:
72:cf:6f:57:23:a4:c4:d5:7f:48:82:0f:75:da:e9:
3f:92:48:62:65:ab:b6:a7:41:12:62:07:37:0d:da:
22:e3:ed:1f:cf:63:d3:f5:93:4a:52:7a:9a:eb:7c:
d4:10:ee:91:d1:07:ba:e6:a6:60:f9:50:74:1d:51:
3a:31:d8:b7:df:0d:d7:90:ec:d3:c9:43:ce:fa:ee:
6c:a8:c7:2a:16:73:4c:af:a6:ab:3e:8f:62:78:ef:
62:bf:3c:4c:63:7b:ce:aa:4a:2c:7f:bb:38:81:2b:
96:ac:36:ab:42:a7:78:2f:af:b2:88:e5:6e:99:21:
57:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:93:80:AA:1A:FB:1E:E0:F5:C3:86:58:FB:CA:98:EB:AE:83:42:07
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/w5OAqhr7HuD1w4ZY-8qY666DQgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.138.43.0/24
212.138.64.0/22
212.138.76.0/22
212.138.104.0/24
212.138.108.0/24
212.138.115.0-212.138.121.255
212.138.128.0/24
212.138.130.0/24
212.138.134.0/24
212.138.139.0-212.138.140.255
212.138.153.0/24
212.138.157.0/24
212.138.160.0/24
212.138.162.0/24
212.138.166.0/24
212.138.168.0/24
212.138.172.0/24
212.138.176.0/23
212.138.183.0/24
212.138.185.0/24
212.138.187.0/24
212.138.190.0/24
212.138.194.0/24
212.138.196.0/24
212.138.201.0/24
212.138.203.0/24
212.138.206.0/24
212.138.250.0/24
IPv6:
2001:1490:103::/48
2001:1490:106::/47
Signature Algorithm: sha256WithRSAEncryption
07:85:80:24:07:54:e8:ad:13:2c:37:9a:25:51:ce:40:de:38:
4e:6c:01:b1:c1:63:a4:5c:ef:fd:a3:e5:0f:47:6f:6b:a3:70:
e9:70:73:ef:96:5c:aa:30:3b:25:67:76:8b:87:c0:72:56:7a:
3d:4d:aa:80:7e:50:47:6e:96:34:ee:04:bb:51:c2:6f:7d:50:
52:b9:36:be:e7:9f:27:76:6a:e2:d9:1a:e5:ff:d4:e9:b6:26:
b1:32:0e:db:51:59:09:d7:40:cc:17:49:82:44:ab:a8:75:ec:
98:48:71:42:95:23:94:df:cb:7e:cc:ce:26:a3:f3:cd:11:eb:
5d:e1:7d:b9:4e:a9:f8:35:a4:c8:2c:cc:42:e5:e3:94:7f:9d:
02:1e:d4:8f:5a:92:46:3a:9b:13:78:e5:ba:70:b4:71:bc:2e:
c0:fa:18:8e:c6:02:af:4e:a0:a7:98:05:08:3d:07:e9:0f:d3:
b8:e0:33:cb:c6:86:83:81:08:23:89:19:7a:e9:6f:c2:48:c6:
21:be:b6:0a:f8:30:a7:5c:12:7e:c9:60:8d:5e:85:c8:9a:17:
79:d1:57:69:a2:63:14:d0:e2:94:cf:a5:96:92:7a:c5:08:8f:
8f:80:4b:cd:c9:1b:f0:b8:fd:45:3a:62:32:48:f9:00:88:d5:
13:83:be:00
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYk6iWagotyj7PiDQANq0El2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMwNzA5MTIwMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzkzODBhYTFhZmIxZWUwZjVjMzg2NThmYmNhOThlYmFlODM0MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrgQXcuMwuzHDCLc1aHPI4Hw+OAQ
REoi7YXtSu88M0Do6f0IstpDEbHkPfNzAlYbT6D+iANzHgcsq7LNd67mytoAL5h+
lgBgq1uwoj1lpe3gm5gpFF2tq9HpoIV14lk05vET0KY+52lDPtnzDZlUL8VWINrV
TqGyyUzeTcGGFHnmBvH3uX1yz29XI6TE1X9Igg912uk/kkhiZau2p0ESYgc3Ddoi
4+0fz2PT9ZNKUnqa63zUEO6R0Qe65qZg+VB0HVE6Mdi33w3XkOzTyUPO+u5sqMcq
FnNMr6arPo9ieO9ivzxMY3vOqkosf7s4gSuWrDarQqd4L6+yiOVumSFXIQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFMOTgKoa+x7g9cOGWPvKmOuug0IHMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvdzVPQXFocjdIdUQxdzRaWS04cVk2NjZEUWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCBvwQCAAEwgbgDBADU
iisDBALUikADBALUikwDBADUimgDBADUimwwDAMEANSKcwMEAdSKeAMEANSKgAME
ANSKggMEANSKhjAMAwQA1IqLAwQA1IqMAwQA1IqZAwQA1IqdAwQA1IqgAwQA1Iqi
AwQA1IqmAwQA1IqoAwQA1IqsAwQB1IqwAwQA1Iq3AwQA1Iq5AwQA1Iq7AwQA1Iq+
AwQA1IrCAwQA1IrEAwQA1IrJAwQA1IrLAwQA1IrOAwQA1Ir6MBgEAgACMBIDBwAg
ARSQAQMDBwEgARSQAQYwDQYJKoZIhvcNAQELBQADggEBAAeFgCQHVOitEyw3miVR
zkDeOE5sAbHBY6Rc7/2j5Q9Hb2ujcOlwc++WXKowOyVndouHwHJWej1NqoB+UEdu
ljTuBLtRwm99UFK5Nr7nnyd2auLZGuX/1Om2JrEyDttRWQnXQMwXSYJEq6h17JhI
cUKVI5Tfy37Mziaj880R613hfblOqfg1pMgszELl45R/nQIe1I9akkY6mxN45bpw
tHG8LsD6GI7GAq9OoKeYBQg9B+kP07jgM8vGhoOBCCOJGXrpb8JIxiG+tgr4MKdc
En7JYI1ehciaF3nRV2miYxTQ4pTPpZaSesUIj4+AS83JG/C4/UU6YjJI+QCI1ROD
vgA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:35 2023 by rpki-client on console-fra.rpki-client.org