Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/dFG3QSgJb4lrSO4Z3leOOClx9l8.roa
File: dFG3QSgJb4lrSO4Z3leOOClx9l8.roa (raw, json)
Hash identifier: kF6d3fQInSZ7Iq6AkYVwx450Sxw/EXKkUGp41f6DI0s=
Subject key identifier: 74:51:B7:41:28:09:6F:89:6B:48:EE:19:DE:57:8E:38:29:71:F6:5F
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018B1D4D6E5A17241DF7F59FDA743830D1CA
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/dFG3QSgJb4lrSO4Z3leOOClx9l8.roa
Signing time: Wed 11 Oct 2023 05:54:55 +0000
ROA not before: Wed 11 Oct 2023 05:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 193.124.20.0/23 maxlen: 24
62.112.12.0/23 maxlen: 24
89.39.172.0/23 maxlen: 24
86.105.104.0/22 maxlen: 24
194.58.64.0/23 maxlen: 24
89.37.188.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
89.34.124.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.24.0/22 maxlen: 24
86.107.108.0/23 maxlen: 24
188.211.250.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:4d:6e:5a:17:24:1d:f7:f5:9f:da:74:38:30:d1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 11 05:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7451b74128096f896b48ee19de578e382971f65f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e1:d3:cf:8e:2f:1e:e1:b4:ac:55:5b:36:ec:
db:3e:ad:81:cd:0d:25:5a:e4:f8:72:dc:dc:25:ee:
ad:d0:df:aa:78:f3:c5:96:df:b5:21:94:01:86:3c:
c2:48:b9:84:d9:54:b7:01:fa:62:2d:37:4b:58:6b:
c8:86:f7:c5:58:2a:b9:6a:7b:a3:5a:f1:cd:60:1d:
36:15:9c:55:94:e8:1b:76:b9:94:60:d0:64:6a:39:
a9:5d:ff:e9:d6:a5:1e:fd:00:78:df:21:f3:8e:ae:
d3:8b:49:e7:b2:de:6c:c5:1c:ef:33:58:93:97:98:
94:85:b1:19:6b:9c:6b:81:08:5f:24:27:c7:1e:94:
80:1e:c9:45:d3:b8:43:0b:7b:74:f3:13:23:35:d4:
25:d6:30:7e:dd:26:86:12:b4:64:eb:2d:0b:31:30:
cb:37:7d:9a:b3:99:73:dd:86:e4:03:6c:3e:ea:b9:
d0:0b:5d:fb:75:75:5c:ae:f3:a2:af:75:5e:76:93:
5f:61:34:60:6a:8d:16:4a:94:25:f9:ea:19:8e:96:
7f:a0:70:2e:30:19:42:e4:fe:e3:14:fe:6e:bc:6d:
98:f9:9f:08:bc:f8:79:63:4b:ed:c2:c5:64:f7:e3:
0e:2a:61:d9:6a:e2:ae:e1:ce:61:ef:6b:11:fb:78:
63:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:51:B7:41:28:09:6F:89:6B:48:EE:19:DE:57:8E:38:29:71:F6:5F
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/dFG3QSgJb4lrSO4Z3leOOClx9l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
84.234.24.0/22
86.105.104.0/22
86.107.108.0/23
89.34.124.0/23
89.37.188.0/22
89.37.216.0/23
89.39.172.0/23
188.211.250.0/23
193.124.20.0/23
194.58.64.0/23
194.88.96.0/21
195.133.202.0/23
195.133.208.0/23
Signature Algorithm: sha256WithRSAEncryption
42:a6:48:53:e7:a0:b7:06:8e:d4:12:2f:e8:a0:51:32:27:12:
e9:1f:f0:d6:f7:88:cb:c2:c4:71:87:46:1e:1c:df:3f:03:04:
aa:fb:0b:c3:b1:0e:39:05:50:6c:89:01:4e:e8:28:f6:9c:68:
38:f8:03:4b:f1:3e:2a:c3:38:1c:9d:60:3b:b9:89:6c:cb:fd:
a6:05:d6:97:20:0e:75:5b:e9:2b:e3:9e:14:1a:90:8e:d7:db:
3d:26:12:18:ba:fd:0b:bb:03:3f:6f:7a:df:64:b8:cc:63:a6:
e0:df:3f:f5:48:02:c7:cf:6e:ad:9e:91:77:95:8f:34:a2:e1:
06:69:85:b9:11:c9:47:00:31:fe:9f:e8:fa:41:03:32:e0:20:
48:b2:5d:24:d6:3f:fd:ad:0c:55:89:c8:0b:fb:dd:13:86:8f:
4d:bf:2b:4a:03:5d:6c:d4:6d:da:31:4c:80:a5:99:fa:69:b6:
df:ee:92:cc:db:2d:f6:2d:1d:17:0e:06:5d:b7:f5:7a:30:64:
2c:86:4c:5d:53:dc:17:4c:fd:fc:53:38:02:2f:b7:53:e8:a1:
28:fe:7d:69:ef:34:fd:ae:64:05:41:8f:a0:7c:a5:2e:be:03:
ea:c9:c3:25:37:da:22:ca:35:38:3d:d1:7d:2c:b6:af:49:46:
b5:b6:05:56
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYsdTW5aFyQd9/Wf2nQ4MNHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDExMDU1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDUxYjc0MTI4MDk2Zjg5NmI0OGVlMTlkZTU3OGUzODI5NzFmNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+HTz44vHuG0rFVbNuzbPq2BzQ0l
WuT4ctzcJe6t0N+qePPFlt+1IZQBhjzCSLmE2VS3AfpiLTdLWGvIhvfFWCq5anuj
WvHNYB02FZxVlOgbdrmUYNBkajmpXf/p1qUe/QB43yHzjq7Ti0nnst5sxRzvM1iT
l5iUhbEZa5xrgQhfJCfHHpSAHslF07hDC3t08xMjNdQl1jB+3SaGErRk6y0LMTDL
N32as5lz3YbkA2w+6rnQC137dXVcrvOir3VedpNfYTRgao0WSpQl+eoZjpZ/oHAu
MBlC5P7jFP5uvG2Y+Z8IvPh5Y0vtwsVk9+MOKmHZauKu4c5h72sR+3hjKQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHRRt0EoCW+Ja0juGd5XjjgpcfZfMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvZEZHM1FTZ0piNGxyU080WjNsZU9PQ2x4OWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBPnAMAwQC
VOoYAwQCVmloAwQBVmtsAwQBWSJ8AwQCWSW8AwQBWSXYAwQBWSesAwQBvNP6AwQB
wXwUAwQBwjpAAwQDwlhgAwQBw4XKAwQBw4XQMA0GCSqGSIb3DQEBCwUAA4IBAQBC
pkhT56C3Bo7UEi/ooFEyJxLpH/DW94jLwsRxh0YeHN8/AwSq+wvDsQ45BVBsiQFO
6Cj2nGg4+ANL8T4qwzgcnWA7uYlsy/2mBdaXIA51W+kr454UGpCO19s9JhIYuv0L
uwM/b3rfZLjMY6bg3z/1SALHz26tnpF3lY80ouEGaYW5EclHADH+n+j6QQMy4CBI
sl0k1j/9rQxVicgL+90Tho9NvytKA11s1G3aMUyApZn6abbf7pLM2y32LR0XDgZd
t/V6MGQshkxdU9wXTP38UzgCL7dT6KEo/n1p7zT9rmQFQY+gfKUuvgPqycMlN9oi
yjU4PdF9LLavSUa1tgVW
-----END CERTIFICATE-----
Generated at Sun Oct 15 03:00:17 2023 by rpki-client on console-ams.rpki-client.org