Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/f6CLqztlvG4VZDpJvUnCtGq_DIQ.roa
File: f6CLqztlvG4VZDpJvUnCtGq_DIQ.roa (raw, json)
Hash identifier: /Ree4lk9OJusYTMl+EWrY1jdiyrbBKDakU6xPlVUFAM=
Subject key identifier: 7F:A0:8B:AB:3B:65:BC:6E:15:64:3A:49:BD:49:C2:B4:6A:BF:0C:84
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018A1820003FD7E992EE37496B309CCE0102
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/f6CLqztlvG4VZDpJvUnCtGq_DIQ.roa
Signing time: Mon 21 Aug 2023 12:44:24 +0000
ROA not before: Mon 21 Aug 2023 12:44:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64080
IP address blocks: 45.43.64.0/19 maxlen: 24
45.43.68.0/22 maxlen: 24
45.43.84.0/23 maxlen: 24
45.43.80.0/22 maxlen: 24
198.105.96.0/19 maxlen: 24
198.105.100.0/22 maxlen: 24
89.33.6.0/23 maxlen: 24
155.254.32.0/19 maxlen: 24
155.254.48.0/23 maxlen: 24
107.181.132.0/23 maxlen: 24
107.181.128.0/19 maxlen: 24
107.181.140.0/22 maxlen: 24
107.181.148.0/23 maxlen: 24
2a05:9f46::/32 maxlen: 32
2a05:9f47::/32 maxlen: 32
2a05:9f40:1f::/48 maxlen: 48
2a07:9946::/32 maxlen: 32
2a05:9f44:2a05::/48 maxlen: 48
2a07:9947::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:20:00:3f:d7:e9:92:ee:37:49:6b:30:9c:ce:01:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Aug 21 12:44:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fa08bab3b65bc6e15643a49bd49c2b46abf0c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:db:76:bc:11:49:2d:f3:6d:fb:10:27:c2:bf:
30:06:ae:44:b5:ec:8b:2d:c5:d2:c3:b9:04:84:f4:
b6:8a:9b:29:18:91:aa:53:fc:ba:53:4d:2a:a4:5f:
7d:4d:1e:b2:7e:26:f6:0d:bc:d6:5c:bc:87:75:e4:
57:d1:cb:06:d1:08:81:4d:aa:0a:4d:0a:bf:1c:7b:
1f:35:19:80:ac:b4:b1:82:2f:d0:e4:4f:9c:46:17:
46:fa:8b:9a:ec:a2:f1:3b:a9:ee:2d:3b:ae:6d:22:
98:c1:9c:e8:42:eb:0e:34:fc:48:27:99:0f:8e:4f:
f9:0d:37:89:42:a8:5e:30:a0:a8:23:da:a8:91:88:
e5:42:9f:19:ff:57:c9:24:7a:9a:a0:b5:cb:d9:4d:
bc:f5:c3:1c:71:21:5e:e2:b0:a4:16:b8:8f:92:f5:
cd:95:9e:75:ce:6b:a3:27:6d:b2:4b:d8:13:9f:d7:
f1:dc:61:61:46:85:9b:d8:2c:10:82:b7:35:66:dc:
42:0a:fe:c3:75:05:59:49:39:45:a2:95:22:b9:48:
54:53:78:74:36:7e:0d:08:36:03:a6:6f:d0:47:c4:
89:ae:f1:57:cc:b4:61:fa:50:9b:1e:2a:b4:cb:a2:
b6:ca:53:37:50:88:79:f0:6c:63:8c:16:84:af:22:
83:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A0:8B:AB:3B:65:BC:6E:15:64:3A:49:BD:49:C2:B4:6A:BF:0C:84
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/f6CLqztlvG4VZDpJvUnCtGq_DIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
89.33.6.0/23
107.181.128.0/19
155.254.32.0/19
198.105.96.0/19
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
2a05:9f46::/31
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
94:c4:e0:db:c6:73:43:9b:35:e0:20:44:37:d0:8d:c1:4a:90:
e6:bb:d3:7c:a0:1a:75:02:48:f1:d8:f8:c2:b0:2f:c4:b6:6e:
44:ea:c8:16:77:b2:88:95:21:78:c2:80:ad:0a:7f:6c:10:91:
f1:66:4f:22:c5:53:fa:0c:98:a3:40:59:1f:e9:20:f2:b8:17:
70:46:ee:97:9f:c9:61:4c:4e:0b:d5:9e:68:f0:93:5c:c5:f9:
9c:bc:65:7f:cb:a4:3d:a3:be:c1:4f:f5:9a:91:12:c0:75:28:
d3:1b:7a:71:bd:c2:a5:d1:5c:0c:4c:a5:7b:c3:ad:97:4c:54:
42:cd:7b:a6:1c:1b:e3:c3:30:3c:35:3b:bd:6b:43:1d:38:d0:
f1:68:cc:87:15:4b:f8:b8:ab:80:2f:ed:8a:d4:da:f3:87:b4:
4c:d9:18:f8:bc:54:ec:eb:e0:c7:46:12:ec:00:0c:6c:de:c7:
00:2f:cc:33:dc:81:f8:5c:36:5c:50:ce:b3:72:bd:ab:0d:9a:
b6:43:b5:c6:19:82:8f:ca:77:fc:f5:c1:1c:a8:f6:e0:d6:63:
d2:11:44:c1:24:17:4c:cf:61:28:5b:46:0f:3e:1d:89:5f:28:
c9:a0:6b:f3:56:aa:ed:06:45:f4:11:c5:b4:59:ef:8a:92:6a:
ad:2f:87:aa
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYoYIAA/1+mS7jdJazCczgECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwODIxMTI0NDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmEwOGJhYjNiNjViYzZlMTU2NDNhNDliZDQ5YzJiNDZhYmYwYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNt2vBFJLfNt+xAnwr8wBq5EteyL
LcXSw7kEhPS2ipspGJGqU/y6U00qpF99TR6yfib2DbzWXLyHdeRX0csG0QiBTaoK
TQq/HHsfNRmArLSxgi/Q5E+cRhdG+oua7KLxO6nuLTuubSKYwZzoQusONPxIJ5kP
jk/5DTeJQqheMKCoI9qokYjlQp8Z/1fJJHqaoLXL2U289cMccSFe4rCkFriPkvXN
lZ51zmujJ22yS9gTn9fx3GFhRoWb2CwQgrc1ZtxCCv7DdQVZSTlFopUiuUhUU3h0
Nn4NCDYDpm/QR8SJrvFXzLRh+lCbHiq0y6K2ylM3UIh58GxjjBaEryKDbwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFH+gi6s7ZbxuFWQ6Sb1JwrRqvwyEMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvZjZDTHF6dGx2RzRWWkRwSnZVbkN0R3FfRElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAkBAIAATAeAwQFLStAAwQB
WSEGAwQFa7WAAwQFm/4gAwQFxmlgMCYEAgACMCADBwAqBZ9AAB8DBwAqBZ9EKgUD
BQEqBZ9GAwUBKgeZRjANBgkqhkiG9w0BAQsFAAOCAQEAlMTg28ZzQ5s14CBEN9CN
wUqQ5rvTfKAadQJI8dj4wrAvxLZuROrIFneyiJUheMKArQp/bBCR8WZPIsVT+gyY
o0BZH+kg8rgXcEbul5/JYUxOC9WeaPCTXMX5nLxlf8ukPaO+wU/1mpESwHUo0xt6
cb3CpdFcDEyle8Otl0xUQs17phwb48MwPDU7vWtDHTjQ8WjMhxVL+LirgC/titTa
84e0TNkY+LxU7Ovgx0YS7AAMbN7HAC/MM9yB+Fw2XFDOs3K9qw2atkO1xhmCj8p3
/PXBHKj24NZj0hFEwSQXTM9hKFtGDz4diV8oyaBr81aq7QZF9BHFtFnvipJqrS+H
qg==
-----END CERTIFICATE-----
Generated at Tue Aug 22 09:32:41 2023 by rpki-client on console-fra.rpki-client.org