Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/uvuC2rUtPFkhHKtQ9nK0QKQ5hgk.roa
File: uvuC2rUtPFkhHKtQ9nK0QKQ5hgk.roa (raw, json)
Hash identifier: 04fEYEGfQcW5kRXJ/pTRueEMuM8J1/qZyBdIcec6yqE=
Subject key identifier: BA:FB:82:DA:B5:2D:3C:59:21:1C:AB:50:F6:72:B4:40:A4:39:86:09
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 01857082A87F0B538C7B348DB571FDED4D71
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/uvuC2rUtPFkhHKtQ9nK0QKQ5hgk.roa
Signing time: Mon 02 Jan 2023 03:24:48 +0000
ROA not before: Mon 02 Jan 2023 03:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6739
IP address blocks: 81.60.0.0/15 maxlen: 18
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
81.202.0.0/15 maxlen: 15
212.97.160.0/19 maxlen: 19
213.37.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
89.140.0.0/16 maxlen: 17
95.39.0.0/16 maxlen: 19
212.79.128.0/19 maxlen: 19
83.173.128.0/18 maxlen: 18
80.224.0.0/16 maxlen: 16
85.251.0.0/16 maxlen: 17
212.183.192.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
194.140.128.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
213.231.64.0/18 maxlen: 18
80.174.0.0/16 maxlen: 17
62.174.0.0/15 maxlen: 19
213.201.0.0/17 maxlen: 17
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
212.78.128.0/19 maxlen: 19
194.149.192.0/19 maxlen: 19
194.106.0.0/19 maxlen: 19
213.254.64.0/18 maxlen: 18
62.42.0.0/15 maxlen: 16
212.21.224.0/19 maxlen: 19
82.213.128.0/18 maxlen: 18
85.136.0.0/15 maxlen: 15
213.227.0.0/18 maxlen: 18
212.95.192.0/19 maxlen: 19
79.108.0.0/15 maxlen: 18
85.219.0.0/17 maxlen: 17
85.155.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
85.155.174.0/24 maxlen: 24
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
2.152.0.0/16 maxlen: 16
217.216.0.0/15 maxlen: 15
185.128.128.0/22 maxlen: 24
2.152.0.0/14 maxlen: 17
62.101.160.0/19 maxlen: 19
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:a8:7f:0b:53:8c:7b:34:8d:b5:71:fd:ed:4d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 2 03:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bafb82dab52d3c59211cab50f672b440a4398609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:c3:be:26:1d:cd:b2:03:42:3a:98:a4:5d:
15:0b:dc:e5:81:2c:f1:50:52:36:4d:b5:7e:1b:71:
fc:eb:6b:24:40:19:ed:3b:f9:cb:6f:b4:08:5b:69:
c9:bf:50:7a:d1:ed:a2:b1:ee:da:d6:ac:97:e0:eb:
fb:62:63:4c:69:ae:45:1d:40:27:74:a3:15:ca:80:
9d:ae:c7:1c:0b:ce:8a:d6:5e:81:65:6e:dd:f6:08:
72:d1:e9:31:03:2a:66:b2:a0:9c:cd:37:2d:2d:0e:
f8:26:18:42:43:66:8f:6d:b0:3c:29:53:94:44:29:
f0:e8:0b:14:e5:ba:48:f4:c1:35:41:47:f6:12:37:
40:59:f5:ea:ea:d5:86:f1:aa:8e:70:d8:99:38:40:
91:03:25:09:ca:c2:ed:7a:7a:73:be:b2:dc:5d:d0:
25:db:bd:6c:81:22:75:eb:ab:0c:b8:00:ac:15:e5:
bb:d2:5b:34:5c:8a:ea:8f:3b:69:4e:6e:d9:60:45:
f0:71:22:65:87:1b:43:9f:83:e0:d7:1f:d2:70:3a:
09:ad:98:da:9a:3e:57:06:14:3f:48:a1:1e:d1:dd:
39:75:57:a5:e6:57:d4:c7:a0:6d:17:c0:b8:80:38:
bd:45:aa:b9:0b:ac:ae:13:28:66:6c:86:13:b0:e0:
f1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FB:82:DA:B5:2D:3C:59:21:1C:AB:50:F6:72:B4:40:A4:39:86:09
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/uvuC2rUtPFkhHKtQ9nK0QKQ5hgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.136.0.0/15
85.155.0.0/16
85.219.0.0/17
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
217.216.0.0/15
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
36:0f:79:b0:34:37:b8:b2:25:18:9e:03:d4:e0:1c:f9:74:e1:
ce:3a:05:01:28:94:52:d9:43:1d:38:17:53:17:73:3f:70:d4:
5f:7b:94:b1:6a:2a:6b:87:96:a4:75:86:0f:b2:7e:1f:67:89:
96:ea:65:00:a6:ee:ad:46:f4:39:1a:2d:43:22:ec:08:e8:58:
58:1d:91:81:1b:1b:e2:3b:dc:e1:75:ee:40:37:48:f2:e9:37:
50:8d:89:4c:e9:16:f7:a0:6c:21:02:59:ca:e5:da:08:4b:cd:
8b:29:8d:1b:a3:ea:1a:20:dc:47:20:fd:f9:63:03:ce:6f:58:
cd:aa:2e:56:3a:6e:a3:64:a0:51:48:92:65:65:ad:16:e2:2c:
0a:4b:5d:a7:3e:3e:d5:14:c3:56:b3:e5:33:0e:80:72:7c:2f:
e2:a1:19:d7:a4:35:a1:1d:ee:73:15:3d:51:a8:be:64:f3:b4:
e1:58:73:9d:49:d3:dc:42:a8:73:c3:68:2b:32:85:3f:c2:24:
4b:c7:9a:de:af:8c:cc:6a:c1:5f:75:03:ef:e1:8d:f9:5e:29:
1a:fb:73:04:29:a9:36:70:b4:78:dd:3e:6c:8b:04:c3:6e:fc:
de:1b:81:98:b2:89:28:57:05:d4:13:d3:e4:a6:9b:73:81:fb:
5a:e4:f1:a3
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgISAYVwgqh/C1OMezSNtXH97U1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjMwMTAyMDMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZiODJkYWI1MmQzYzU5MjExY2FiNTBmNjcyYjQ0MGE0Mzk4NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRvDviYdzbIDQjqYpF0VC9zlgSzx
UFI2TbV+G3H862skQBntO/nLb7QIW2nJv1B60e2ise7a1qyX4Ov7YmNMaa5FHUAn
dKMVyoCdrsccC86K1l6BZW7d9ghy0ekxAypmsqCczTctLQ74JhhCQ2aPbbA8KVOU
RCnw6AsU5bpI9ME1QUf2EjdAWfXq6tWG8aqOcNiZOECRAyUJysLtenpzvrLcXdAl
271sgSJ166sMuACsFeW70ls0XIrqjztpTm7ZYEXwcSJlhxtDn4Pg1x/ScDoJrZja
mj5XBhQ/SKEe0d05dVel5lfUx6BtF8C4gDi9Raq5C6yuEyhmbIYTsODxcQIDAQAB
o4IDCTCCAwUwHQYDVR0OBBYEFLr7gtq1LTxZIRyrUPZytECkOYYJMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvdXZ1QzJyVXRQRmtoSEt0UTluSzBRS1E1aGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHQYIKwYBBQUHAQcBAf8EggEMMIIBCDCB9gQCAAEwge8D
AwICmAMDAAUoAwMBPioDAwA+OTAKAwMAPlEDAwI+UAMEBT5kYAMEBT5loAMDAT6u
AwMBT2wwCgMDAFCtAwMAUK4DAwBQ4AMDAVE8AwMAUbgDAwFRygMDAVKeAwQGUtWA
AwQGU62AAwMDVHgDAwFViAMDAFWbAwQHVdsAAwMAVfsDAwBZjAMDAF8nAwQCuYCA
AwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXgAwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/A
AwQF1GGgAwQG1LfAAwMA1SUDBAfVyQADBAbV4wADBAbV50ADBAbV/kADAwHZ2DAN
BAIAAjAHAwUGKgKoADANBgkqhkiG9w0BAQsFAAOCAQEANg95sDQ3uLIlGJ4D1OAc
+XThzjoFASiUUtlDHTgXUxdzP3DUX3uUsWoqa4eWpHWGD7J+H2eJluplAKburUb0
ORotQyLsCOhYWB2RgRsb4jvc4XXuQDdI8uk3UI2JTOkW96BsIQJZyuXaCEvNiymN
G6PqGiDcRyD9+WMDzm9YzaouVjpuo2SgUUiSZWWtFuIsCktdpz4+1RTDVrPlMw6A
cnwv4qEZ16Q1oR3ucxU9Uai+ZPO04VhznUnT3EKoc8NoKzKFP8IkS8ea3q+MzGrB
X3UD7+GN+V4pGvtzBCmpNnC0eN0+bIsEw2783huBmLKJKFcF1BPT5Kabc4H7WuTx
ow==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:17:16 2024 by rpki-client on console-ams.rpki-client.org