Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/C0ktgjkj3PZGoPtfhBp08bsAf8s.roa
File: C0ktgjkj3PZGoPtfhBp08bsAf8s.roa (raw, json)
Hash identifier: WGAQ2/xXfMdpRZmMkqUtZfAJsYFKXWco1iecNscN6cE=
Subject key identifier: 0B:49:2D:82:39:23:DC:F6:46:A0:FB:5F:84:1A:74:F1:BB:00:7F:CB
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018A6CD3CCAF60ED3D50001A22C5B3F7E366
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/C0ktgjkj3PZGoPtfhBp08bsAf8s.roa
Signing time: Wed 06 Sep 2023 23:28:54 +0000
ROA not before: Wed 06 Sep 2023 23:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 45.43.64.0/23 maxlen: 24
45.43.68.0/22 maxlen: 24
45.43.80.0/22 maxlen: 24
45.43.84.0/23 maxlen: 24
45.43.86.0/24 maxlen: 24
198.105.100.0/22 maxlen: 24
198.105.109.0/24 maxlen: 24
198.105.108.0/24 maxlen: 24
198.105.111.0/24 maxlen: 24
89.33.6.0/23 maxlen: 24
155.254.48.0/23 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.132.0/23 maxlen: 24
107.181.140.0/22 maxlen: 24
107.181.152.0/24 maxlen: 24
107.181.148.0/23 maxlen: 24
107.181.154.0/24 maxlen: 24
107.181.153.0/24 maxlen: 24
2a05:9f46::/32 maxlen: 48
2a05:9f47::/32 maxlen: 48
2a07:9946::/32 maxlen: 48
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
2a07:9947::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6c:d3:cc:af:60:ed:3d:50:00:1a:22:c5:b3:f7:e3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Sep 6 23:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b492d823923dcf646a0fb5f841a74f1bb007fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:10:a0:82:43:25:d4:60:1d:c4:0f:8f:b4:cd:
7d:ad:d5:b2:d4:89:2e:cf:92:e7:da:75:89:27:19:
3e:fe:53:b5:04:c0:7e:3b:89:27:7e:cb:14:35:a4:
02:3c:43:66:29:bf:5c:ea:35:0c:f7:bd:99:f6:e0:
75:06:08:9e:5d:6e:be:58:30:f2:2b:44:c3:b7:24:
3f:9f:bc:93:b5:07:a8:68:ec:9a:15:42:f0:b3:5a:
6a:c1:53:32:ef:67:70:df:20:3f:2d:29:5a:cd:cd:
a1:c6:cd:4d:76:30:f7:79:c6:e6:a8:25:f5:ee:67:
db:f5:76:34:cf:ae:74:9f:70:cb:58:7a:ef:e0:9d:
23:ee:cf:fc:5e:ca:b5:ce:64:12:5b:1b:87:40:69:
2e:5d:1c:fb:f7:c8:ec:47:33:2b:da:21:26:d5:76:
84:25:2f:32:0b:f1:38:ad:5e:d6:5c:f9:2d:e3:82:
d5:f5:50:ea:7c:f6:eb:49:10:5b:e4:0a:57:eb:d3:
8a:0f:38:ca:60:6a:5d:90:45:86:5b:c2:e9:22:4e:
ea:10:4c:0f:83:ae:0a:fd:d7:f9:e7:08:49:12:fd:
d0:04:59:c9:4e:73:04:da:a0:61:81:7d:60:b0:4d:
8c:7c:59:d2:59:68:85:8b:ec:55:57:bb:67:cc:cf:
eb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:49:2D:82:39:23:DC:F6:46:A0:FB:5F:84:1A:74:F1:BB:00:7F:CB
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/C0ktgjkj3PZGoPtfhBp08bsAf8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/23
45.43.68.0/22
45.43.80.0-45.43.86.255
89.33.6.0/23
107.181.128.0-107.181.133.255
107.181.140.0/22
107.181.148.0/23
107.181.152.0-107.181.154.255
155.254.48.0/23
198.105.100.0/22
198.105.108.0/23
198.105.111.0/24
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
2a05:9f46::/31
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
60:f6:c6:51:51:c4:4e:d7:38:fb:76:73:95:e2:41:73:1c:c2:
c0:45:fb:70:75:15:d4:2c:cc:1c:a0:52:1a:a8:af:27:6e:ac:
c6:ac:b7:58:9e:a5:81:6f:98:8c:25:22:27:7e:a8:5f:76:6b:
d5:a9:6d:fa:6e:45:10:78:0f:de:45:95:41:83:fb:7d:97:0e:
e4:72:dd:34:fa:84:f7:e7:45:98:d2:a4:55:5a:36:7c:2f:d6:
64:4e:15:96:96:fb:88:38:38:79:31:2f:38:5a:cb:9c:59:49:
db:78:4d:63:d7:47:81:08:c3:d4:de:58:da:51:37:6e:1d:ce:
ee:15:b0:12:43:b3:57:0c:39:c5:c8:2d:10:27:64:34:8e:4b:
48:39:ed:e0:ea:19:74:bc:71:9d:08:36:82:60:99:dc:6f:65:
f9:e7:9c:5a:2c:d4:e1:93:68:b7:06:13:5c:69:f0:29:15:9f:
9c:8f:8f:b0:51:1c:36:2c:95:6d:64:13:65:75:53:ba:8e:68:
af:7f:55:86:0a:73:3a:08:9f:60:4f:28:8e:28:bd:33:d5:d8:
d5:69:24:53:cb:c4:bf:99:46:75:3d:c1:e6:bc:18:91:3b:17:
14:5f:ab:d3:56:9a:2d:6e:1c:53:df:ea:3b:38:93:6d:b9:2f:
e5:cd:08:e3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYps08yvYO09UAAaIsWz9+NmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwOTA2MjMyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQ5MmQ4MjM5MjNkY2Y2NDZhMGZiNWY4NDFhNzRmMWJiMDA3ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBCggkMl1GAdxA+PtM19rdWy1Iku
z5Ln2nWJJxk+/lO1BMB+O4knfssUNaQCPENmKb9c6jUM972Z9uB1BgieXW6+WDDy
K0TDtyQ/n7yTtQeoaOyaFULws1pqwVMy72dw3yA/LSlazc2hxs1NdjD3ecbmqCX1
7mfb9XY0z650n3DLWHrv4J0j7s/8Xsq1zmQSWxuHQGkuXRz798jsRzMr2iEm1XaE
JS8yC/E4rV7WXPkt44LV9VDqfPbrSRBb5ApX69OKDzjKYGpdkEWGW8LpIk7qEEwP
g64K/df55whJEv3QBFnJTnME2qBhgX1gsE2MfFnSWWiFi+xVV7tnzM/rrQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFAtJLYI5I9z2RqD7X4QadPG7AH/LMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvQzBrdGdqa2ozUFpHb1B0ZmhCcDA4YnNBZjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBmBAIAATBgAwQBLStA
AwQCLStEMAwDBAQtK1ADBAAtK1YDBAFZIQYwDAMEB2u1gAMEAWu1hAMEAmu1jAME
AWu1lDAMAwQDa7WYAwQAa7WaAwQBm/4wAwQCxmlkAwQBxmlsAwQAxmlvMCYEAgAC
MCADBwAqBZ9AAB8DBwAqBZ9EKgUDBQEqBZ9GAwUBKgeZRjANBgkqhkiG9w0BAQsF
AAOCAQEAYPbGUVHETtc4+3ZzleJBcxzCwEX7cHUV1CzMHKBSGqivJ26sxqy3WJ6l
gW+YjCUiJ36oX3Zr1alt+m5FEHgP3kWVQYP7fZcO5HLdNPqE9+dFmNKkVVo2fC/W
ZE4Vlpb7iDg4eTEvOFrLnFlJ23hNY9dHgQjD1N5Y2lE3bh3O7hWwEkOzVww5xcgt
ECdkNI5LSDnt4OoZdLxxnQg2gmCZ3G9l+eecWizU4ZNotwYTXGnwKRWfnI+PsFEc
NiyVbWQTZXVTuo5or39VhgpzOgifYE8ojii9M9XY1WkkU8vEv5lGdT3B5rwYkTsX
FF+r01aaLW4cU9/qOziTbbkv5c0I4w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:16 2024 by rpki-client on console-ams.rpki-client.org