Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3RLKPzLXuXmpgCZ9Ag6l80MnLKo.roa
File: 3RLKPzLXuXmpgCZ9Ag6l80MnLKo.roa (raw, json)
Hash identifier: PjopqdT9O2dP+W4sl3hYSKy2zXaiMrmX0ISY3j8N6YE=
Subject key identifier: DD:12:CA:3F:32:D7:B9:79:A9:80:26:7D:02:0E:A5:F3:43:27:2C:AA
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01861699E549727A9429F0E4CF7611F4F4ED
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3RLKPzLXuXmpgCZ9Ag6l80MnLKo.roa
Signing time: Fri 03 Feb 2023 09:27:09 +0000
ROA not before: Fri 03 Feb 2023 09:27:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 94.198.217.0/24 maxlen: 24
94.198.218.0/24 maxlen: 24
94.198.219.0/24 maxlen: 24
94.198.216.0/24 maxlen: 24
81.200.144.0/24 maxlen: 24
81.200.145.0/24 maxlen: 24
81.200.150.0/24 maxlen: 24
81.200.151.0/24 maxlen: 24
81.200.152.0/24 maxlen: 24
81.200.146.0/24 maxlen: 24
81.200.147.0/24 maxlen: 24
81.200.148.0/24 maxlen: 24
81.200.149.0/24 maxlen: 24
81.200.153.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
46.19.64.0/24 maxlen: 24
46.19.67.0/24 maxlen: 24
46.19.65.0/24 maxlen: 24
46.19.66.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
37.220.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:99:e5:49:72:7a:94:29:f0:e4:cf:76:11:f4:f4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Feb 3 09:27:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd12ca3f32d7b979a980267d020ea5f343272caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:af:ca:ae:da:fb:a5:7a:d3:a0:1f:87:a7:01:
2d:3a:71:53:28:bc:3d:96:e1:11:d0:25:6c:75:23:
b3:90:79:dd:08:7c:ac:5a:16:36:9b:fd:ef:02:04:
90:eb:b0:88:26:70:9f:6e:c9:72:e1:d3:77:76:d3:
a4:fd:66:55:74:8c:33:31:5e:01:79:1b:db:e3:0a:
6d:55:a4:49:5f:a4:f7:64:e5:53:51:2c:4d:6a:ee:
0a:d5:4b:3d:23:40:ac:51:48:5a:04:da:73:6a:0e:
11:70:8b:e9:43:19:6d:0c:26:55:c3:34:bf:6e:e2:
9e:7c:21:23:6f:fd:55:39:f4:d4:7a:16:22:17:20:
f3:88:86:38:89:08:dc:ed:08:c8:de:33:d3:44:9a:
44:c8:0b:a8:12:20:bb:63:d1:f3:c3:b9:0e:33:9a:
ab:99:36:ce:4c:d8:63:fc:ba:8d:31:6f:00:cc:12:
32:a8:2d:7c:9c:af:15:b0:2d:6d:76:ec:67:74:18:
a0:b4:dd:cd:f4:e8:7e:34:c6:21:5f:0a:38:88:94:
ff:64:66:f4:e6:2b:eb:6f:39:55:ae:b5:e1:a8:0a:
ab:1a:6e:c9:4c:3a:93:32:8f:0d:e6:04:3b:a3:7e:
62:b7:33:62:27:1a:34:71:41:c3:a0:53:8b:aa:c7:
72:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:12:CA:3F:32:D7:B9:79:A9:80:26:7D:02:0E:A5:F3:43:27:2C:AA
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3RLKPzLXuXmpgCZ9Ag6l80MnLKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.80.0/24
45.8.97.0/24
46.19.64.0/22
81.200.144.0-81.200.153.255
94.198.216.0/22
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:8c:cd:f2:d8:c2:26:c7:64:96:ea:d3:2d:b2:8e:ee:0a:aa:
21:83:20:df:51:4e:10:d7:fc:6c:42:d6:e9:7c:a1:9c:33:48:
bc:24:37:3b:62:cd:9e:d9:ca:50:72:ad:f7:76:24:a6:ba:93:
03:aa:1d:0e:dd:6d:8a:dc:b0:06:1a:23:bd:4e:d6:8b:55:7b:
e6:24:f9:64:e5:07:11:30:b0:a6:f8:6e:fa:6b:51:f1:d1:48:
6b:f2:75:99:59:19:20:d0:9e:a3:ec:4f:9e:5e:48:09:34:48:
dc:7e:ba:79:16:26:f2:00:40:76:77:e6:68:98:a7:7e:e6:d8:
07:65:ab:39:9f:8b:d9:58:7d:e3:dc:cf:f8:48:29:1b:4d:c7:
df:f5:b4:25:37:58:c1:95:0e:5d:ab:d4:ea:1a:41:03:9c:61:
ad:b0:88:00:cf:a2:f9:3e:e5:5a:41:10:84:0d:1b:0e:01:0d:
0e:ab:cd:aa:a9:17:b2:f2:45:aa:91:e0:64:f8:7d:bb:24:7a:
29:5f:f7:4f:c5:1d:70:0c:b1:57:8f:98:69:5d:bf:b0:7c:d0:
71:9b:aa:a6:33:a0:f3:01:9c:22:57:b9:87:94:33:5a:9c:6c:
31:e3:44:91:e0:41:2e:33:55:cf:08:3e:13:62:3c:a8:8f:68:
20:4e:f7:f9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYYWmeVJcnqUKfDkz3YR9PTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMjAzMDkyNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDEyY2EzZjMyZDdiOTc5YTk4MDI2N2QwMjBlYTVmMzQzMjcyY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK/Krtr7pXrToB+HpwEtOnFTKLw9
luER0CVsdSOzkHndCHysWhY2m/3vAgSQ67CIJnCfbsly4dN3dtOk/WZVdIwzMV4B
eRvb4wptVaRJX6T3ZOVTUSxNau4K1Us9I0CsUUhaBNpzag4RcIvpQxltDCZVwzS/
buKefCEjb/1VOfTUehYiFyDziIY4iQjc7QjI3jPTRJpEyAuoEiC7Y9Hzw7kOM5qr
mTbOTNhj/LqNMW8AzBIyqC18nK8VsC1tduxndBigtN3N9Oh+NMYhXwo4iJT/ZGb0
5ivrbzlVrrXhqAqrGm7JTDqTMo8N5gQ7o35itzNiJxo0cUHDoFOLqsdy6QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFN0Syj8y17l5qYAmfQIOpfNDJyyqMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvM1JMS1B6TFh1WG1wZ0NaOUFnNmw4ME1uTEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAJdxQAwQA
LQhhAwQCLhNAMAwDBARRyJADBAFRyJgDBAJextgDBAHDUDIwDQYJKoZIhvcNAQEL
BQADggEBAI+MzfLYwibHZJbq0y2yju4KqiGDIN9RThDX/GxC1ul8oZwzSLwkNzti
zZ7ZylByrfd2JKa6kwOqHQ7dbYrcsAYaI71O1otVe+Yk+WTlBxEwsKb4bvprUfHR
SGvydZlZGSDQnqPsT55eSAk0SNx+unkWJvIAQHZ35miYp37m2Adlqzmfi9lYfePc
z/hIKRtNx9/1tCU3WMGVDl2r1OoaQQOcYa2wiADPovk+5VpBEIQNGw4BDQ6rzaqp
F7LyRaqR4GT4fbskeilf90/FHXAMsVePmGldv7B80HGbqqYzoPMBnCJXuYeUM1qc
bDHjRJHgQS4zVc8IPhNiPKiPaCBO9/k=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org