Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/4322AHmiz9_TjoY6pmu8SeqASF8.roa
File: 4322AHmiz9_TjoY6pmu8SeqASF8.roa (raw, json)
Hash identifier: IZRaT3dV12CqLWZntQ9nkiOzn7zZDLnEWdGbOUdMK18=
Subject key identifier: E3:7D:B6:00:79:A2:CF:DF:D3:8E:86:3A:A6:6B:BC:49:EA:80:48:5F
Certificate issuer: /CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Certificate serial: 01856D419819BAD759648ADFC3FD837D4DB8
Authority key identifier: BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/4322AHmiz9_TjoY6pmu8SeqASF8.roa
Signing time: Sun 01 Jan 2023 12:14:53 +0000
ROA not before: Sun 01 Jan 2023 12:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43463
IP address blocks: 185.244.251.0/24 maxlen: 24
185.244.250.0/24 maxlen: 24
185.244.249.0/24 maxlen: 24
91.224.93.0/24 maxlen: 24
193.46.83.0/24 maxlen: 24
185.36.80.0/24 maxlen: 24
185.36.83.0/24 maxlen: 24
185.36.82.0/24 maxlen: 24
185.169.4.0/24 maxlen: 24
185.255.192.0/22 maxlen: 22
2a00:ea60:200::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:98:19:ba:d7:59:64:8a:df:c3:fd:83:7d:4d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Validity
Not Before: Jan 1 12:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e37db60079a2cfdfd38e863aa66bbc49ea80485f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:ba:c0:7c:20:d7:24:28:3e:81:69:85:af:b0:
0a:0a:1d:e9:12:18:3e:bc:68:57:7d:c7:0b:0d:b6:
08:fa:5a:63:df:4a:8c:9e:99:40:ae:5f:16:27:a9:
81:e9:90:6b:d5:2d:c8:3d:f7:f4:3d:e7:02:2c:e3:
9b:5b:ce:74:51:d8:1e:ba:2c:06:b6:41:28:50:0e:
82:85:db:4e:93:b5:30:df:16:59:65:e0:1a:33:a9:
e9:07:d1:96:cd:f9:88:3d:4b:80:d5:2c:57:1e:04:
14:f3:bd:77:bb:45:84:1e:7d:32:13:d1:d9:7b:3e:
73:7d:85:3f:a4:da:c6:30:02:40:01:fb:99:d7:ae:
f1:06:87:00:ea:75:24:20:20:4a:9d:c6:a5:8b:90:
5e:97:1d:41:40:14:37:a2:65:d9:e8:2b:56:a3:69:
49:2f:f5:4d:85:e2:fd:a0:15:7c:7b:a2:66:f5:b2:
b3:2a:41:34:f4:67:16:b8:4d:41:ff:43:82:73:15:
a1:21:ba:44:8f:78:d4:82:c5:97:9a:75:cc:d6:af:
9e:9e:95:ca:7f:e1:1f:9f:9b:0a:04:b5:2d:a9:76:
a3:09:6e:1d:87:76:99:93:da:1c:3e:2c:0f:23:8e:
8e:38:26:27:54:e0:7e:99:69:80:6b:14:24:5e:bd:
80:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7D:B6:00:79:A2:CF:DF:D3:8E:86:3A:A6:6B:BC:49:EA:80:48:5F
X509v3 Authority Key Identifier:
keyid:BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/4322AHmiz9_TjoY6pmu8SeqASF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.93.0/24
185.36.80.0/24
185.36.82.0/23
185.169.4.0/24
185.244.249.0-185.244.251.255
185.255.192.0/22
193.46.83.0/24
IPv6:
2a00:ea60:200::/40
Signature Algorithm: sha256WithRSAEncryption
40:73:c7:f3:a5:f5:22:1f:9b:2d:6b:41:58:db:c5:0c:8d:25:
7a:4b:c1:a9:db:5e:ff:2d:10:16:2e:2c:2d:72:da:80:39:d2:
99:71:63:d9:5a:bf:ee:c4:f9:70:6f:f1:e7:30:ef:d9:db:d9:
54:0e:53:d1:86:5d:e2:e1:d5:aa:5c:cc:db:5b:6b:55:35:0a:
ac:88:8e:2e:2d:13:e6:aa:2e:68:3a:3f:63:df:e0:3d:26:e5:
8c:29:29:0b:60:0a:56:4e:69:9e:28:8e:5e:f5:b9:cc:e3:f6:
e5:c7:7d:6d:2c:c2:de:79:02:5f:18:ad:ba:93:3e:5d:8a:5b:
f0:12:a6:e9:23:d3:76:2e:c6:f6:2f:ae:d7:bd:35:9c:7d:f3:
73:b5:46:e2:40:52:3f:2f:8a:1b:2e:80:42:8b:51:b2:26:5f:
28:a5:d9:45:c3:2a:b1:14:43:d0:1d:66:8b:89:51:38:3d:3d:
f9:12:e2:46:52:81:c3:40:09:d9:5f:a0:e0:22:59:c5:b7:37:
9f:34:37:e5:00:17:9d:24:56:a8:8b:c0:c1:8a:f5:cd:88:c4:
99:34:d4:c0:da:47:15:7a:dc:57:d2:a1:c1:89:b9:af:a9:45:
23:b8:3f:fa:3d:85:d6:be:75:c5:5a:a7:34:28:54:dd:ef:db:
8c:51:7b:a9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVtQZgZutdZZIrfw/2DfU24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDlmYjE5MGY0YmQwZjU4MTVhOGU1NzlmMzY2YWQ1OGQ1
ZDQxZjkwHhcNMjMwMTAxMTIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdkYjYwMDc5YTJjZmRmZDM4ZTg2M2FhNjZiYmM0OWVhODA0ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47rAfCDXJCg+gWmFr7AKCh3pEhg+
vGhXfccLDbYI+lpj30qMnplArl8WJ6mB6ZBr1S3IPff0PecCLOObW850UdgeuiwG
tkEoUA6ChdtOk7Uw3xZZZeAaM6npB9GWzfmIPUuA1SxXHgQU8713u0WEHn0yE9HZ
ez5zfYU/pNrGMAJAAfuZ167xBocA6nUkICBKncali5Belx1BQBQ3omXZ6CtWo2lJ
L/VNheL9oBV8e6Jm9bKzKkE09GcWuE1B/0OCcxWhIbpEj3jUgsWXmnXM1q+enpXK
f+Efn5sKBLUtqXajCW4dh3aZk9ocPiwPI46OOCYnVOB+mWmAaxQkXr2APwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFON9tgB5os/f046GOqZrvEnqgEhfMB8GA1UdIwQY
MBaAFL5J+xkPS9D1gVqOV582atWNXUH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDct
NWU2NTZmMWI0ODc2LzEvNDMyMkFIbWl6OV9Uam9ZNnBtdThTZXFBU0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDctNWU2NTZmMWI0ODc2
LzEvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA4BAIAATAyAwQAW+BdAwQA
uSRQAwQBuSRSAwQAuakEMAwDBAC59PkDBAK59PgDBAK5/8ADBADBLlMwDgQCAAIw
CAMGACoA6mACMA0GCSqGSIb3DQEBCwUAA4IBAQBAc8fzpfUiH5sta0FY28UMjSV6
S8Gp217/LRAWLiwtctqAOdKZcWPZWr/uxPlwb/HnMO/Z29lUDlPRhl3i4dWqXMzb
W2tVNQqsiI4uLRPmqi5oOj9j3+A9JuWMKSkLYApWTmmeKI5e9bnM4/blx31tLMLe
eQJfGK26kz5dilvwEqbpI9N2Lsb2L67XvTWcffNztUbiQFI/L4obLoBCi1GyJl8o
pdlFwyqxFEPQHWaLiVE4PT35EuJGUoHDQAnZX6DgIlnFtzefNDflABedJFaoi8DB
ivXNiMSZNNTA2kcVetxX0qHBibmvqUUjuD/6PYXWvnXFWqc0KFTd79uMUXup
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:30 2023 by rpki-client on console-ams.rpki-client.org