Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/Y3lKaGhOiBY2uBG5Vo7lIryQcWk.roa
File: Y3lKaGhOiBY2uBG5Vo7lIryQcWk.roa (raw, json)
Hash identifier: ENq1MyVhiNp+AYwkOybLxryLvc1TKC/Jsjhs27AHz0Y=
Subject key identifier: 63:79:4A:68:68:4E:88:16:36:B8:11:B9:56:8E:E5:22:BC:90:71:69
Certificate issuer: /CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Certificate serial: 018C6880BB8A37F7F8C055101A421375741D
Authority key identifier: 3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/Y3lKaGhOiBY2uBG5Vo7lIryQcWk.roa
Signing time: Thu 14 Dec 2023 13:25:16 +0000
ROA not before: Thu 14 Dec 2023 13:25:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202543
IP address blocks: 185.246.170.0/24 maxlen: 24
185.246.169.0/24 maxlen: 24
185.246.168.0/24 maxlen: 24
45.154.178.0/24 maxlen: 24
45.154.177.0/24 maxlen: 24
45.154.176.0/24 maxlen: 24
45.154.179.0/24 maxlen: 24
2a14:2984::/30 maxlen: 30
2a0f:3980::/30 maxlen: 30
2a14:2980::/30 maxlen: 30
2a0f:3984::/30 maxlen: 30
2a0f:c300::/30 maxlen: 30
2a0f:c304::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:80:bb:8a:37:f7:f8:c0:55:10:1a:42:13:75:74:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe14329b6c1e695011a82406f7af48f4bb10ad4
Validity
Not Before: Dec 14 13:25:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63794a68684e881636b811b9568ee522bc907169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2a:2c:4d:3d:ad:af:b8:c6:35:8c:6b:3e:1b:
4b:78:a5:d1:8a:10:17:f0:4f:88:a3:b6:d8:d4:98:
b1:ea:5d:d0:70:0f:29:f0:5e:1b:f7:ac:5b:30:24:
81:53:7d:cf:94:2a:1a:f3:39:66:9e:28:19:f7:be:
18:24:9e:a8:a3:6f:23:da:12:c8:cd:98:5f:aa:f3:
9b:a0:4f:96:27:e8:82:77:7b:f7:4f:a4:98:73:4e:
b8:d4:ac:19:4a:b2:e2:6d:b7:1c:a7:b4:5e:07:27:
07:a4:ff:05:01:64:ba:a2:d1:0a:89:fe:cd:f3:01:
f3:1f:83:3b:f7:60:79:72:7a:22:66:cf:5f:d5:ea:
45:48:60:2d:d4:80:72:b3:3c:f1:8f:89:bb:bf:70:
b6:e2:51:fd:2b:19:7e:e1:67:47:ad:fa:f6:a4:33:
b1:4a:82:0e:08:15:38:ae:09:9f:b0:b9:d6:a7:8b:
b5:d9:05:a4:55:87:f4:e4:b0:57:d9:ca:51:17:50:
3c:9e:4b:0d:0c:c2:be:db:84:d1:37:1b:c6:51:eb:
a0:f0:dd:c9:2f:0a:6c:9f:68:dd:97:f0:3b:7f:ce:
53:11:c8:9c:e7:65:a5:61:bc:27:3b:51:0e:e3:0d:
5d:4b:37:23:7c:7e:03:9d:45:3b:4b:f5:5b:b5:5d:
14:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:79:4A:68:68:4E:88:16:36:B8:11:B9:56:8E:E5:22:BC:90:71:69
X509v3 Authority Key Identifier:
keyid:3F:E1:43:29:B6:C1:E6:95:01:1A:82:40:6F:7A:F4:8F:4B:B1:0A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/Y3lKaGhOiBY2uBG5Vo7lIryQcWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/00c6c4-ab28-4405-b694-c3d57e2387ca/1/P-FDKbbB5pUBGoJAb3r0j0uxCtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.176.0/22
185.246.168.0-185.246.170.255
IPv6:
2a0f:3980::/29
2a0f:c300::/29
2a14:2980::/29
Signature Algorithm: sha256WithRSAEncryption
09:89:bf:7a:b7:f4:15:74:ee:33:c1:94:5f:7a:2b:66:f4:5a:
c2:5f:e4:b4:5b:77:2f:9e:67:39:c1:9d:39:ef:be:cd:7d:97:
1f:71:21:4e:4f:62:84:6b:ad:b3:78:56:6b:30:85:58:91:85:
4a:da:72:4d:0f:c9:5a:3a:83:5e:03:fb:ab:b3:4d:cd:e5:fd:
39:d9:04:79:64:f8:c2:25:49:e2:de:47:65:0f:ff:98:4d:ab:
19:ff:70:6b:f2:d0:de:e4:20:0d:10:ef:5e:cd:b7:d8:fc:62:
c5:86:74:8d:f9:16:7c:e5:33:66:ee:15:24:53:a8:4b:58:2d:
19:da:a5:4e:7c:75:9f:0d:e3:9f:44:d4:81:29:f6:84:3d:32:
67:30:b2:f4:f1:19:71:c7:77:61:ac:77:30:c8:ac:f2:73:3b:
a7:14:23:e4:97:cf:bb:7a:87:58:3b:14:69:fe:85:13:07:f7:
b2:9c:35:a0:a2:10:11:e2:15:ef:57:ce:8f:95:c1:5b:bb:3c:
aa:5c:9f:6c:28:ca:c0:08:28:c5:4c:75:bc:34:d0:1f:a6:a2:
d5:a4:22:e3:19:f4:49:e2:5f:90:ee:b2:f9:7c:83:2b:cf:d9:
e8:8c:0c:e2:63:c8:0f:ca:03:fe:c9:5a:5c:02:80:5f:03:e4:
61:bd:38:d4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYxogLuKN/f4wFUQGkITdXQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTE0MzI5YjZjMWU2OTUwMTFhODI0MDZmN2FmNDhmNGJi
MTBhZDQwHhcNMjMxMjE0MTMyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzc5NGE2ODY4NGU4ODE2MzZiODExYjk1NjhlZTUyMmJjOTA3MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyosTT2tr7jGNYxrPhtLeKXRihAX
8E+Io7bY1Jix6l3QcA8p8F4b96xbMCSBU33PlCoa8zlmnigZ974YJJ6oo28j2hLI
zZhfqvOboE+WJ+iCd3v3T6SYc0641KwZSrLibbccp7ReBycHpP8FAWS6otEKif7N
8wHzH4M792B5cnoiZs9f1epFSGAt1IByszzxj4m7v3C24lH9Kxl+4WdHrfr2pDOx
SoIOCBU4rgmfsLnWp4u12QWkVYf05LBX2cpRF1A8nksNDMK+24TRNxvGUeug8N3J
Lwpsn2jdl/A7f85TEcic52WlYbwnO1EO4w1dSzcjfH4DnUU7S/VbtV0UXQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGN5SmhoTogWNrgRuVaO5SK8kHFpMB8GA1UdIwQY
MBaAFD/hQym2weaVARqCQG969I9LsQrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQt
YzNkNTdlMjM4N2NhLzEvWTNsS2FHaE9pQlkydUJHNVZvN2xJcnlRY1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMGM2YzQtYWIyOC00NDA1LWI2OTQtYzNkNTdlMjM4N2Nh
LzEvUC1GREtiYkI1cFVCR29KQWIzcjBqMHV4Q3RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAaBAIAATAUAwQCLZqwMAwD
BAO59qgDBAC59qowGwQCAAIwFQMFAyoPOYADBQMqD8MAAwUDKhQpgDANBgkqhkiG
9w0BAQsFAAOCAQEACYm/erf0FXTuM8GUX3orZvRawl/ktFt3L55nOcGdOe++zX2X
H3EhTk9ihGuts3hWazCFWJGFStpyTQ/JWjqDXgP7q7NNzeX9OdkEeWT4wiVJ4t5H
ZQ//mE2rGf9wa/LQ3uQgDRDvXs232PxixYZ0jfkWfOUzZu4VJFOoS1gtGdqlTnx1
nw3jn0TUgSn2hD0yZzCy9PEZccd3Yax3MMis8nM7pxQj5JfPu3qHWDsUaf6FEwf3
spw1oKIQEeIV71fOj5XBW7s8qlyfbCjKwAgoxUx1vDTQH6ai1aQi4xn0SeJfkO6y
+XyDK8/Z6IwM4mPID8oD/slaXAKAXwPkYb041A==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:43 2024 by rpki-client on console-ams.rpki-client.org