Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/RkEjJKKY_HSAGqwEPXavwqgKV_8.roa
File: RkEjJKKY_HSAGqwEPXavwqgKV_8.roa (raw, json)
Hash identifier: JEHVW515Daqe9OV7X4c4v1/S2OGR6mQcpwvKrqz9B0A=
Subject key identifier: 46:41:23:24:A2:98:FC:74:80:1A:AC:04:3D:76:AF:C2:A8:0A:57:FF
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 0188EF41A6E71E32C0A5DEA01232D64F700C
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/RkEjJKKY_HSAGqwEPXavwqgKV_8.roa
Signing time: Sat 24 Jun 2023 21:13:57 +0000
ROA not before: Sat 24 Jun 2023 21:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.45.94.0/24 maxlen: 24
171.22.60.0/23 maxlen: 23
5.183.240.0/23 maxlen: 23
92.119.24.0/23 maxlen: 23
171.22.62.0/23 maxlen: 23
5.183.242.0/23 maxlen: 23
92.119.26.0/23 maxlen: 23
45.14.80.0/24 maxlen: 24
45.86.24.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ef:41:a6:e7:1e:32:c0:a5:de:a0:12:32:d6:4f:70:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jun 24 21:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46412324a298fc74801aac043d76afc2a80a57ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7f:b8:07:6b:4e:1f:85:5c:5b:2e:cf:d1:73:
13:f8:f5:e5:56:56:00:81:30:4f:8d:0f:f7:2c:b9:
d9:12:4d:c0:e0:76:23:74:d7:d1:46:7c:7a:6c:93:
86:b9:fb:82:7b:92:a3:90:4b:c1:1b:e9:a8:ed:13:
9d:f5:38:8d:2c:d7:e5:2f:77:a0:21:9b:f3:54:7c:
bc:30:29:1f:0a:aa:45:c1:fb:af:ce:e5:aa:b4:e9:
ee:16:f0:9a:83:60:12:15:25:e9:8a:9c:f9:34:ca:
8a:36:0a:76:0d:1c:6d:43:6d:2f:4e:85:dd:7c:8d:
25:76:c2:26:05:9d:7b:1a:7f:90:de:b5:f7:30:27:
ee:bc:41:b9:4d:bd:ed:7a:51:a3:54:17:52:06:c8:
e7:6c:32:64:f2:4e:1b:78:e4:76:04:ac:f4:d1:b6:
08:90:6a:64:d4:3f:51:55:1a:a7:08:44:08:fc:48:
6e:b3:8d:3d:d4:99:be:fb:5e:76:66:82:b1:b7:16:
2b:06:62:6e:d3:1d:3b:78:8c:ed:4e:83:5d:46:b7:
91:3c:15:e9:a7:c5:ef:6c:db:35:c6:eb:4b:63:dd:
e0:67:95:4b:f2:15:df:04:50:ec:db:f6:6d:44:ad:
15:7a:33:a7:c5:0a:07:c7:72:11:dc:1f:ac:9d:a6:
a6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:41:23:24:A2:98:FC:74:80:1A:AC:04:3D:76:AF:C2:A8:0A:57:FF
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/RkEjJKKY_HSAGqwEPXavwqgKV_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.240.0/22
45.14.80.0/24
45.86.24.0/22
92.119.24.0/22
171.22.60.0/22
185.45.94.0/24
Signature Algorithm: sha256WithRSAEncryption
32:04:5d:2a:40:ff:ba:86:cf:f3:bd:f6:ba:ec:35:87:1e:af:
a7:28:02:80:15:56:0c:c2:d8:2a:82:ac:f7:8b:c8:55:5d:43:
21:38:24:49:d5:7e:dc:50:a7:b9:56:f0:66:01:84:df:61:88:
39:9e:d7:43:46:e5:e7:95:ad:3b:b9:e6:75:48:89:47:77:ec:
68:04:18:87:53:25:ff:5e:0f:7a:2b:f8:21:78:52:a4:f8:de:
20:53:bd:17:62:d3:4d:29:ee:7d:44:c3:89:cc:da:2b:7a:de:
da:80:41:dc:7d:87:9b:e0:66:89:ff:4d:90:72:fb:4d:54:fa:
75:97:61:b4:45:41:24:37:c7:a1:b1:c4:2e:23:59:b7:88:2a:
0f:37:87:4b:b3:e8:76:33:10:de:04:01:af:68:73:ef:80:68:
f3:9c:5e:af:e8:c1:1d:67:b1:b0:15:ce:b5:14:0d:55:3f:b8:
a6:56:90:bb:40:9e:d3:3e:bd:00:61:a5:bb:6c:74:d9:0f:30:
3d:fa:bd:46:07:8f:a6:51:d6:ff:60:ce:9c:45:aa:6a:2e:40:
3b:d8:5b:4d:c5:ab:78:9e:2b:90:5e:c7:63:85:b4:9f:8d:db:
22:d9:31:80:88:36:a9:72:31:49:e7:5b:7c:51:a2:36:4d:cd:
e3:6e:f1:05
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjvQabnHjLApd6gEjLWT3AMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjMwNjI0MjExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQxMjMyNGEyOThmYzc0ODAxYWFjMDQzZDc2YWZjMmE4MGE1N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX+4B2tOH4VcWy7P0XMT+PXlVlYA
gTBPjQ/3LLnZEk3A4HYjdNfRRnx6bJOGufuCe5KjkEvBG+mo7ROd9TiNLNflL3eg
IZvzVHy8MCkfCqpFwfuvzuWqtOnuFvCag2ASFSXpipz5NMqKNgp2DRxtQ20vToXd
fI0ldsImBZ17Gn+Q3rX3MCfuvEG5Tb3telGjVBdSBsjnbDJk8k4beOR2BKz00bYI
kGpk1D9RVRqnCEQI/Ehus4091Jm++152ZoKxtxYrBmJu0x07eIztToNdRreRPBXp
p8XvbNs1xutLY93gZ5VL8hXfBFDs2/ZtRK0VejOnxQoHx3IR3B+snaamGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEZBIySimPx0gBqsBD12r8KoClf/MB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvUmtFakpLS1lfSFNBR3F3RVBYYXZ3cWdLVl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbfwAwQA
LQ5QAwQCLVYYAwQCXHcYAwQCqxY8AwQAuS1eMA0GCSqGSIb3DQEBCwUAA4IBAQAy
BF0qQP+6hs/zvfa67DWHHq+nKAKAFVYMwtgqgqz3i8hVXUMhOCRJ1X7cUKe5VvBm
AYTfYYg5ntdDRuXnla07ueZ1SIlHd+xoBBiHUyX/Xg96K/gheFKk+N4gU70XYtNN
Ke59RMOJzNoret7agEHcfYeb4GaJ/02QcvtNVPp1l2G0RUEkN8ehscQuI1m3iCoP
N4dLs+h2MxDeBAGvaHPvgGjznF6v6MEdZ7GwFc61FA1VP7imVpC7QJ7TPr0AYaW7
bHTZDzA9+r1GB4+mUdb/YM6cRapqLkA72FtNxat4niuQXsdjhbSfjdsi2TGAiDap
cjFJ51t8UaI2Tc3jbvEF
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:14 2024 by rpki-client on console-fra.rpki-client.org