Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/w2DIMP_jT3N9G6SoAEpJ5tQCMBc.roa
File: w2DIMP_jT3N9G6SoAEpJ5tQCMBc.roa (raw, json)
Hash identifier: h0+OFgaZeimCmH4vqNYQnGDtZ98O3p2YzCsvPfasSW4=
Subject key identifier: C3:60:C8:30:FF:E3:4F:73:7D:1B:A4:A8:00:4A:49:E6:D4:02:30:17
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 018571FA41531AFD3F4D3AD74CD3F0EAB2AB
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/w2DIMP_jT3N9G6SoAEpJ5tQCMBc.roa
Signing time: Mon 02 Jan 2023 10:15:04 +0000
ROA not before: Mon 02 Jan 2023 10:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61400
IP address blocks: 217.199.223.0/24 maxlen: 24
217.199.221.0/24 maxlen: 24
217.199.220.0/24 maxlen: 24
193.243.182.0/24 maxlen: 24
78.24.92.0/22 maxlen: 24
185.16.212.0/22 maxlen: 24
37.0.120.0/21 maxlen: 24
89.248.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:41:53:1a:fd:3f:4d:3a:d7:4c:d3:f0:ea:b2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Jan 2 10:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c360c830ffe34f737d1ba4a8004a49e6d4023017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:63:a3:c1:96:4f:4a:8e:7a:5a:e1:fc:23:16:
ad:48:24:21:c9:01:66:71:b2:44:ea:73:37:33:cc:
0a:ba:ef:93:24:5e:ef:54:91:de:94:5e:91:2f:01:
93:af:f1:f2:7d:90:9a:03:62:69:3b:c9:32:84:4b:
18:b0:a9:68:5d:5a:f3:f2:f5:cb:47:b7:c8:35:ea:
52:41:21:08:60:ff:f2:cb:34:f7:47:39:20:1d:00:
85:e8:d3:72:e4:84:d1:f1:76:82:3e:68:2c:2e:e0:
e8:5a:38:37:65:ee:0f:3d:8d:4c:59:0d:31:ee:bf:
c3:5f:7e:84:7b:5e:4a:89:54:85:ac:13:29:3e:4e:
8f:04:2d:0f:11:05:a7:00:08:ba:53:21:8e:73:2b:
ce:36:f6:cd:1b:e6:f4:c4:69:e9:0c:06:11:fe:c7:
3d:bc:53:58:ba:07:8a:5e:ed:9a:a3:bd:34:d4:c3:
c7:d2:97:ae:ae:ee:6a:46:70:04:63:a5:96:a0:4d:
39:fb:19:12:6e:87:e2:29:eb:3a:97:82:20:26:c2:
81:32:11:25:61:45:87:ad:3a:7c:16:9a:09:19:29:
dc:f2:b3:91:99:3a:f3:08:3e:09:72:18:7c:aa:00:
30:71:5f:16:55:d4:49:9f:8a:82:3f:26:00:21:b6:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:60:C8:30:FF:E3:4F:73:7D:1B:A4:A8:00:4A:49:E6:D4:02:30:17
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/w2DIMP_jT3N9G6SoAEpJ5tQCMBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.120.0/21
78.24.92.0/22
89.248.235.0/24
185.16.212.0/22
193.243.182.0/24
217.199.220.0/23
217.199.223.0/24
Signature Algorithm: sha256WithRSAEncryption
94:44:cc:78:46:9d:c0:3d:05:8a:04:2e:53:bb:f3:5b:df:b9:
43:85:32:e1:d6:2a:27:79:75:f1:72:28:74:c0:8a:14:e1:1e:
c7:3c:01:10:ae:35:e3:96:dd:36:2d:0d:0c:8f:3c:0a:42:c8:
38:37:06:15:19:52:08:02:af:ae:6d:1d:78:13:dd:02:56:73:
b6:3d:08:50:31:49:c2:e3:e7:cf:af:75:b4:73:be:80:31:06:
fd:95:80:90:f0:10:30:ea:3b:b8:76:36:c4:4f:d6:03:35:04:
a4:cb:ea:46:8d:f3:eb:99:af:7d:ed:36:b2:5b:30:70:d3:ff:
88:dc:82:3f:e8:b9:36:23:31:ad:c3:f0:0c:3b:a3:40:fe:be:
07:56:ca:6d:17:ff:f2:de:97:85:3a:04:63:ac:5f:91:3f:a2:
15:a1:32:d4:4f:b0:21:d8:ee:c3:d1:ba:3f:6b:e0:07:78:08:
9a:d1:70:28:0b:48:c1:01:b2:f3:16:7a:b7:bf:d9:21:95:46:
48:58:02:b4:dc:45:ae:9c:a6:a8:22:08:e3:55:e7:e3:6a:ea:
05:bd:cf:2d:62:00:c4:76:32:70:b3:1d:20:93:e5:c0:52:dd:
76:26:18:87:dd:70:0c:a8:81:ec:e6:5a:3e:5e:33:02:97:39:
df:57:34:ac
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVx+kFTGv0/TTrXTNPw6rKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjMwMTAyMTAxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzYwYzgzMGZmZTM0ZjczN2QxYmE0YTgwMDRhNDllNmQ0MDIzMDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGOjwZZPSo56WuH8IxatSCQhyQFm
cbJE6nM3M8wKuu+TJF7vVJHelF6RLwGTr/HyfZCaA2JpO8kyhEsYsKloXVrz8vXL
R7fINepSQSEIYP/yyzT3RzkgHQCF6NNy5ITR8XaCPmgsLuDoWjg3Ze4PPY1MWQ0x
7r/DX36Ee15KiVSFrBMpPk6PBC0PEQWnAAi6UyGOcyvONvbNG+b0xGnpDAYR/sc9
vFNYugeKXu2ao7001MPH0peuru5qRnAEY6WWoE05+xkSbofiKes6l4IgJsKBMhEl
YUWHrTp8FpoJGSnc8rORmTrzCD4Jchh8qgAwcV8WVdRJn4qCPyYAIbbZSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMNgyDD/409zfRukqABKSebUAjAXMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvdzJESU1QX2pUM045RzZTb0FFcEo1dFFDTUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJQB4AwQC
ThhcAwQAWfjrAwQCuRDUAwQAwfO2AwQB2cfcAwQA2cffMA0GCSqGSIb3DQEBCwUA
A4IBAQCURMx4Rp3APQWKBC5Tu/Nb37lDhTLh1ioneXXxcih0wIoU4R7HPAEQrjXj
lt02LQ0MjzwKQsg4NwYVGVIIAq+ubR14E90CVnO2PQhQMUnC4+fPr3W0c76AMQb9
lYCQ8BAw6ju4djbET9YDNQSky+pGjfPrma997TayWzBw0/+I3II/6Lk2IzGtw/AM
O6NA/r4HVsptF//y3peFOgRjrF+RP6IVoTLUT7Ah2O7D0bo/a+AHeAia0XAoC0jB
AbLzFnq3v9khlUZIWAK03EWunKaoIgjjVefjauoFvc8tYgDEdjJwsx0gk+XAUt12
JhiH3XAMqIHs5lo+XjMClznfVzSs
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:37 2024 by rpki-client on console.sobornost.net