Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/fR5kBQpMvJWcPMglcQIuQ0CGxao.roa
File: fR5kBQpMvJWcPMglcQIuQ0CGxao.roa (raw, json)
Hash identifier: WetZqW54SzjH29xmyeoeDmmPk98Xq7ko4oH5OVDoLwE=
Subject key identifier: 7D:1E:64:05:0A:4C:BC:95:9C:3C:C8:25:71:02:2E:43:40:86:C5:AA
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082A9CB833B26EA4944C573E0B997C7
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/fR5kBQpMvJWcPMglcQIuQ0CGxao.roa
Signing time: Mon 02 Jan 2023 03:24:49 +0000
ROA not before: Mon 02 Jan 2023 03:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12430
IP address blocks: 81.60.0.0/15 maxlen: 18
89.141.0.0/16 maxlen: 16
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
212.97.160.0/19 maxlen: 19
81.202.0.0/15 maxlen: 15
213.37.0.0/16 maxlen: 16
62.117.128.0/17 maxlen: 17
5.40.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
89.140.0.0/16 maxlen: 16
212.22.32.0/19 maxlen: 20
95.39.0.0/16 maxlen: 19
212.79.128.0/19 maxlen: 19
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
85.251.0.0/16 maxlen: 17
212.183.192.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
194.140.128.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
213.231.64.0/18 maxlen: 18
80.174.0.0/16 maxlen: 17
213.201.0.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
212.122.96.0/19 maxlen: 19
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
212.78.128.0/19 maxlen: 19
194.149.192.0/19 maxlen: 19
194.106.0.0/19 maxlen: 19
213.254.64.0/18 maxlen: 18
62.42.0.0/15 maxlen: 16
212.21.224.0/19 maxlen: 19
82.213.128.0/18 maxlen: 18
213.227.0.0/18 maxlen: 18
85.136.0.0/15 maxlen: 15
212.95.192.0/19 maxlen: 19
81.172.0.0/17 maxlen: 17
79.108.0.0/15 maxlen: 18
85.219.0.0/17 maxlen: 17
85.155.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
83.138.192.0/18 maxlen: 18
85.155.174.0/24 maxlen: 24
212.40.224.0/24 maxlen: 24
212.40.224.0/19 maxlen: 19
2.152.0.0/16 maxlen: 16
217.216.0.0/15 maxlen: 15
185.128.128.0/22 maxlen: 24
2.152.0.0/14 maxlen: 17
62.101.160.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:a9:cb:83:3b:26:ea:49:44:c5:73:e0:b9:97:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d1e64050a4cbc959c3cc82571022e434086c5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:43:70:32:7f:bb:e8:cd:3e:c8:53:be:02:88:
3f:23:13:b9:c1:f3:35:dd:14:6d:28:94:bd:35:95:
a3:ee:7a:da:9a:00:04:ae:62:e0:c5:90:6e:1f:fc:
74:ee:49:2b:93:b0:f8:4b:34:a4:e1:2e:d4:47:3e:
41:c6:c8:26:bb:ac:93:e5:fd:a3:ea:50:0d:33:35:
c4:8c:23:fe:d3:c0:3c:31:76:2e:f1:26:09:0e:61:
10:47:19:61:70:19:73:0d:d4:f5:12:98:da:dc:51:
72:ad:21:a9:03:c7:99:98:dd:6d:f7:0b:ae:b4:7b:
2c:2a:08:e0:bc:24:3f:e5:e4:41:8d:d3:92:e7:68:
7f:d9:a2:69:23:d1:eb:dd:ea:75:b6:c6:2e:ec:cd:
82:b5:c2:a6:34:ba:4b:48:eb:fc:94:fa:e5:a0:0c:
77:40:be:55:82:0a:3e:9d:2e:3e:7c:b4:0e:86:18:
94:51:0e:8c:56:15:9f:60:43:8a:7f:e4:ae:a2:e8:
90:ba:e5:ae:e9:90:71:d5:f5:97:93:96:ce:0f:b2:
d8:36:06:c0:39:fc:dc:8c:64:0e:8e:f1:96:92:86:
cd:14:92:9f:c2:05:1c:d2:8b:8c:f7:85:93:52:ab:
20:7f:93:b6:0f:34:83:51:59:96:24:e9:72:41:d4:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1E:64:05:0A:4C:BC:95:9C:3C:C8:25:71:02:2E:43:40:86:C5:AA
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/fR5kBQpMvJWcPMglcQIuQ0CGxao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.117.128.0/17
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.136.0.0/15
85.155.0.0/16
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
217.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7d:49:b0:34:02:20:f0:25:d2:e0:0e:83:45:d9:74:25:67:bf:
df:f7:28:46:72:9d:47:8d:00:83:6c:9f:6a:df:af:f0:1e:85:
a4:17:b5:39:e3:44:01:04:74:37:07:ff:25:7e:7d:af:4b:2d:
96:e5:5b:11:d2:71:0f:91:05:5e:59:1d:13:fc:d6:e5:0e:73:
ae:d7:3a:31:61:bb:74:12:e2:a6:68:6a:3e:8f:29:11:d7:76:
05:fe:db:10:66:fa:06:77:c6:4f:c4:f4:25:2f:2f:49:1f:c2:
b3:6f:8e:10:13:e6:7c:e5:5d:83:72:58:09:dd:7f:49:a3:63:
4e:c9:9a:09:b9:6e:4b:8d:f9:fb:65:99:14:b9:1a:51:af:ae:
83:23:fe:5e:e8:cf:2f:88:99:c5:53:62:87:58:cf:4e:dc:25:
04:9d:4a:74:a7:40:ee:88:30:6c:a9:48:3d:79:ae:b7:39:43:
be:d1:7e:df:d0:44:eb:40:c4:12:db:80:fe:e4:ab:9e:fe:e8:
54:67:64:81:32:87:14:e8:77:79:81:a4:2b:e8:bc:1e:f0:dd:
ff:ef:2b:21:63:22:cd:e6:1d:db:c3:8a:7b:82:7f:2c:08:6c:
5f:26:8e:7d:95:7b:65:a4:68:d4:a6:fb:ff:36:13:2b:96:79:
40:fa:36:d7
-----BEGIN CERTIFICATE-----
MIIGDjCCBPagAwIBAgISAYVwgqnLgzsm6klExXPguZfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDFlNjQwNTBhNGNiYzk1OWMzY2M4MjU3MTAyMmU0MzQwODZjNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoENwMn+76M0+yFO+Aog/IxO5wfM1
3RRtKJS9NZWj7nramgAErmLgxZBuH/x07kkrk7D4SzSk4S7URz5Bxsgmu6yT5f2j
6lANMzXEjCP+08A8MXYu8SYJDmEQRxlhcBlzDdT1Epja3FFyrSGpA8eZmN1t9wuu
tHssKgjgvCQ/5eRBjdOS52h/2aJpI9Hr3ep1tsYu7M2CtcKmNLpLSOv8lPrloAx3
QL5Vggo+nS4+fLQOhhiUUQ6MVhWfYEOKf+SuouiQuuWu6ZBx1fWXk5bOD7LYNgbA
OfzcjGQOjvGWkobNFJKfwgUc0ouM94WTUqsgf5O2DzSDUVmWJOlyQdTL+wIDAQAB
o4IDGjCCAxYwHQYDVR0OBBYEFH0eZAUKTLyVnDzIJXECLkNAhsWqMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvZlI1a0JRcE12SldjUE1nbGNRSXVRMENHeGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLgYIKwYBBQUHAQcBAf8EggEdMIIBGTCCARUEAgABMIIB
DQMDAgKYAwMABSgDAwE+KgMDAD45MAoDAwA+UQMDAj5QAwQFPmRgAwQFPmWgAwQH
PnWAAwMBPq4DAwFPbDAKAwMAUK0DAwBQrgMDAFDgAwMBUTwDBAdRrAADAwBRuAMD
AVHKAwMBUp4DBAZS1YADBAZTisADBAZTrYADAwNUeAMDAVWIAwMAVZsDBAdV2wAD
AwBV+wMDAVmMAwMAXycDBAK5gIADBAXCagADBAbCjIADBAXClcADBAXUFeADBAXU
FiADBAXUKOADBAXUToADBAXUT4ADBAXUX8ADBAXUYaADBAXUemADBAbUt8ADAwDV
JQMEB9XJAAMEBtXjAAMEBtXnQAMEBtX+QAMDAdnYMA0GCSqGSIb3DQEBCwUAA4IB
AQB9SbA0AiDwJdLgDoNF2XQlZ7/f9yhGcp1HjQCDbJ9q36/wHoWkF7U540QBBHQ3
B/8lfn2vSy2W5VsR0nEPkQVeWR0T/NblDnOu1zoxYbt0EuKmaGo+jykR13YF/tsQ
ZvoGd8ZPxPQlLy9JH8Kzb44QE+Z85V2DclgJ3X9Jo2NOyZoJuW5Ljfn7ZZkUuRpR
r66DI/5e6M8viJnFU2KHWM9O3CUEnUp0p0DuiDBsqUg9ea63OUO+0X7f0ETrQMQS
24D+5Kue/uhUZ2SBMocU6Hd5gaQr6Lwe8N3/7yshYyLN5h3bw4p7gn8sCGxfJo59
lXtlpGjUpvv/NhMrlnlA+jbX
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org