Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/z0WG3re8Ip0CwC88WWs0_NYTVYA.roa
File: z0WG3re8Ip0CwC88WWs0_NYTVYA.roa (raw, json)
Hash identifier: aeeBXy3b/lzB7u8TakC3uXgtDxx2E4w6gwZhRvwrdkg=
Subject key identifier: CF:45:86:DE:B7:BC:22:9D:02:C0:2F:3C:59:6B:34:FC:D6:13:55:80
Certificate issuer: /CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Certificate serial: 018BCF2E3A44EE929198AB20340D5AF77786
Authority key identifier: 15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/z0WG3re8Ip0CwC88WWs0_NYTVYA.roa
Signing time: Tue 14 Nov 2023 18:53:15 +0000
ROA not before: Tue 14 Nov 2023 18:53:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61221
IP address blocks: 185.14.246.0/24 maxlen: 24
185.14.245.0/24 maxlen: 24
185.14.246.0/23 maxlen: 23
185.14.244.0/24 maxlen: 24
185.14.244.0/23 maxlen: 23
185.14.247.0/24 maxlen: 24
5.252.146.0/24 maxlen: 24
2a03:b840:2::/48 maxlen: 48
2a03:b840:12::/48 maxlen: 48
2a03:b840:100::/48 maxlen: 48
2a03:b840:3::/48 maxlen: 64
2a03:b840:13::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cf:2e:3a:44:ee:92:91:98:ab:20:34:0d:5a:f7:77:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Validity
Not Before: Nov 14 18:53:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf4586deb7bc229d02c02f3c596b34fcd6135580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:dc:e9:07:dc:51:90:7a:0e:dd:78:2a:78:
7d:21:d4:41:61:73:38:86:a5:fb:4e:ea:b4:db:36:
d3:47:20:95:7f:9a:a3:f3:01:48:4b:a5:39:29:8f:
cd:03:47:7a:e4:24:15:d3:09:1a:e4:f9:80:31:0c:
69:e1:99:64:7a:fc:4a:a1:a9:48:7e:01:24:c2:3a:
10:a8:6d:5f:e4:2a:c2:00:1a:6a:2d:b1:41:17:85:
f8:08:07:48:3e:41:9d:6b:74:38:4e:a4:54:ce:10:
09:e3:c4:d1:da:df:75:c7:72:37:d4:b0:02:6f:a5:
56:1f:63:14:72:41:e9:ee:05:0d:71:02:48:4b:26:
32:c0:04:3d:2f:71:a0:c4:34:57:e6:d6:ec:16:2c:
f4:eb:d1:9f:78:10:98:06:9f:49:c3:b5:dd:4d:7b:
57:0a:5c:ca:7f:8c:9f:61:66:d9:e0:42:a7:ff:26:
1b:19:05:cb:7e:28:1b:94:b4:51:a4:cb:e9:36:15:
b5:18:8b:ca:82:77:5b:34:72:c1:20:6b:4f:23:53:
ea:e1:21:48:aa:c3:a4:12:bf:25:42:b0:e8:fb:a7:
c3:58:76:cb:b2:86:8c:b0:44:e4:cd:c8:21:75:dc:
6c:c2:d8:75:4d:91:60:a0:58:21:ec:1f:f0:2a:32:
0a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:45:86:DE:B7:BC:22:9D:02:C0:2F:3C:59:6B:34:FC:D6:13:55:80
X509v3 Authority Key Identifier:
keyid:15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/z0WG3re8Ip0CwC88WWs0_NYTVYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/FVCvriuu-2uI-XUbsyGOs5uUtXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.146.0/24
185.14.244.0/22
IPv6:
2a03:b840:2::/47
2a03:b840:12::/47
2a03:b840:100::/48
Signature Algorithm: sha256WithRSAEncryption
6b:4a:df:5d:ee:d5:6c:9e:6b:d7:ef:3e:a6:8e:ab:90:96:c7:
4e:03:53:c5:50:40:d3:8b:b7:df:8b:5c:52:4f:10:f1:3b:08:
31:dd:8c:8e:71:2e:fe:64:33:44:55:d5:c4:8b:89:d0:c1:e2:
14:f1:5b:90:f4:cd:ad:1c:56:54:be:6e:5f:ce:33:a9:bd:73:
1f:32:00:18:d2:88:dc:9a:43:f2:31:aa:ff:84:0a:2a:1c:69:
93:b8:91:87:33:18:8e:40:c1:3f:ff:1b:3f:c2:e9:4e:4f:4a:
d0:96:f2:ca:2a:46:af:3d:0c:48:cd:08:d1:85:a9:94:b7:68:
6c:29:e1:fd:a0:4a:d9:f5:b2:3c:37:8b:a7:f1:73:65:5d:c5:
c5:ee:4d:80:6f:ed:7a:3c:cc:02:0e:ea:43:5e:e7:61:9f:65:
46:10:d1:6e:cf:83:72:5c:be:85:cc:4f:e1:7e:d9:e0:29:00:
59:c6:4f:8e:d3:03:21:9d:5c:02:1e:25:53:b1:a0:cb:49:e1:
5d:2b:e7:a2:9b:49:9a:17:a3:b0:a5:42:f3:6a:fd:7e:7b:46:
17:74:9f:65:bf:51:5e:71:9e:3a:72:07:2e:65:5d:60:f8:e5:
47:d6:9f:79:a1:b1:bc:68:e0:71:aa:87:62:75:77:bb:c4:e1:
4a:cf:19:ce
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYvPLjpE7pKRmKsgNA1a93eGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NTBhZmFlMmJhZWZiNmI4OGY5NzUxYmIzMjE4ZWIzOWI5
NGI1NzYwHhcNMjMxMTE0MTg1MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQ1ODZkZWI3YmMyMjlkMDJjMDJmM2M1OTZiMzRmY2Q2MTM1NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX/c6QfcUZB6Dt14Knh9IdRBYXM4
hqX7Tuq02zbTRyCVf5qj8wFIS6U5KY/NA0d65CQV0wka5PmAMQxp4ZlkevxKoalI
fgEkwjoQqG1f5CrCABpqLbFBF4X4CAdIPkGda3Q4TqRUzhAJ48TR2t91x3I31LAC
b6VWH2MUckHp7gUNcQJISyYywAQ9L3GgxDRX5tbsFiz069GfeBCYBp9Jw7XdTXtX
ClzKf4yfYWbZ4EKn/yYbGQXLfigblLRRpMvpNhW1GIvKgndbNHLBIGtPI1Pq4SFI
qsOkEr8lQrDo+6fDWHbLsoaMsETkzcghddxswth1TZFgoFgh7B/wKjIKuQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFM9Fht63vCKdAsAvPFlrNPzWE1WAMB8GA1UdIwQY
MBaAFBVQr64rrvtriPl1G7MhjrOblLV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlZDdnJpdXUtMnVJLVhVYnN5R09zNXVVdFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82Mjc4YzYtYzIwMS00NzQwLWE1ZjEt
NjZkNjcxZjg0MmIzLzEvejBXRzNyZThJcDBDd0M4OFdXczBfTllUVllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82Mjc4YzYtYzIwMS00NzQwLWE1ZjEtNjZkNjcxZjg0MmIz
LzEvRlZDdnJpdXUtMnVJLVhVYnN5R09zNXVVdFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQABfySAwQC
uQ70MCEEAgACMBsDBwEqA7hAAAIDBwEqA7hAABIDBwAqA7hAAQAwDQYJKoZIhvcN
AQELBQADggEBAGtK313u1Wyea9fvPqaOq5CWx04DU8VQQNOLt9+LXFJPEPE7CDHd
jI5xLv5kM0RV1cSLidDB4hTxW5D0za0cVlS+bl/OM6m9cx8yABjSiNyaQ/Ixqv+E
CiocaZO4kYczGI5AwT//Gz/C6U5PStCW8soqRq89DEjNCNGFqZS3aGwp4f2gStn1
sjw3i6fxc2VdxcXuTYBv7Xo8zAIO6kNe52GfZUYQ0W7Pg3JcvoXMT+F+2eApAFnG
T47TAyGdXAIeJVOxoMtJ4V0r56KbSZoXo7ClQvNq/X57Rhd0n2W/UV5xnjpyBy5l
XWD45UfWn3mhsbxo4HGqh2J1d7vE4UrPGc4=
-----END CERTIFICATE-----
Generated at Thu Dec 7 09:51:12 2023 by rpki-client on console-fra.rpki-client.org