Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/HzgwPWVt9uWKi2C_sNfIAIQSz9o.roa
File: HzgwPWVt9uWKi2C_sNfIAIQSz9o.roa (raw, json)
Hash identifier: SkW76xosVR1RmBTX4RivhxqjaYfgycaig2owFbOiFys=
Subject key identifier: 1F:38:30:3D:65:6D:F6:E5:8A:8B:60:BF:B0:D7:C8:00:84:12:CF:DA
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 0185CC1C2E60C7107AA1EF73EAD9154F52BC
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/HzgwPWVt9uWKi2C_sNfIAIQSz9o.roa
Signing time: Thu 19 Jan 2023 22:17:56 +0000
ROA not before: Thu 19 Jan 2023 22:17:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41114
IP address blocks: 45.151.16.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
2a0a:7980::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 48
2a09:4380::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a00:7aa0::/32 maxlen: 32
2a0f:d00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cc:1c:2e:60:c7:10:7a:a1:ef:73:ea:d9:15:4f:52:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Jan 19 22:17:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f38303d656df6e58a8b60bfb0d7c8008412cfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:ab:1b:0d:89:35:fa:c8:12:93:66:8f:58:
63:2a:07:52:a8:f9:45:86:36:bb:d0:38:60:b1:26:
ea:c5:37:9b:d7:3b:cb:20:24:1d:a8:9b:5e:13:dd:
3c:8a:64:2e:64:e8:85:58:cd:10:fb:33:76:19:64:
ea:a3:99:b4:66:57:bb:f9:9d:05:40:f6:ba:74:b0:
a7:6a:e6:50:73:6e:d9:2b:3b:a7:65:25:c7:49:01:
66:58:f1:b0:bc:b7:9c:29:c8:fb:61:66:62:a2:23:
52:c2:3b:b7:d9:ed:a0:4c:cd:bd:0a:2e:5b:ee:7a:
54:cf:14:f9:66:0b:55:f0:44:fc:0e:9c:85:f2:49:
f1:4c:5d:2f:60:69:c0:97:be:87:a7:13:07:33:fe:
ef:fd:4f:6a:40:8e:2b:66:0d:18:e6:c2:b1:68:11:
5a:95:94:9f:5b:7e:3b:a2:34:b4:97:06:64:cf:b1:
e2:54:77:b0:1c:b2:35:0b:a7:5a:e8:18:cc:1c:b6:
6e:7b:5b:29:4a:d8:59:fb:a0:86:aa:80:86:f6:7c:
da:50:0a:b2:96:4d:5c:f8:a8:ba:ff:4e:77:4d:49:
87:80:f5:97:4a:03:19:49:81:97:f5:dd:14:57:8b:
05:3e:97:c1:43:64:45:80:68:1f:f0:a6:23:fa:c9:
01:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:38:30:3D:65:6D:F6:E5:8A:8B:60:BF:B0:D7:C8:00:84:12:CF:DA
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/HzgwPWVt9uWKi2C_sNfIAIQSz9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
147.78.164.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
50:f3:0b:d6:a1:e2:03:f0:15:70:82:92:96:4c:91:0d:f0:11:
26:e6:e1:77:29:72:3e:71:5d:89:eb:6a:35:60:45:1e:9d:ed:
cf:4d:8e:57:03:d7:47:d0:8a:61:60:a9:9f:b5:9d:90:77:5d:
3c:bb:27:00:af:69:8d:c3:b5:98:ad:a2:ce:73:4f:b2:47:4d:
6a:58:d6:db:99:13:43:da:0f:2a:c1:60:fc:cc:c0:0a:67:53:
96:68:f6:b7:8e:03:96:21:d0:20:aa:52:07:a5:a5:f4:35:cf:
bc:3f:3d:e9:cb:c5:0f:c2:2c:09:a9:86:43:9a:c9:9d:f0:2d:
3b:44:42:d8:f9:e9:a0:f5:1b:b9:29:40:a4:c6:b0:3b:d4:2e:
31:d0:fe:31:28:ea:98:fa:70:d9:5b:84:b2:5c:d9:81:98:04:
cd:8f:13:18:7e:31:a5:9e:76:52:af:2c:ff:cf:e5:a5:03:5a:
6b:f7:4a:9d:b1:95:8f:ad:fc:9d:f1:d6:07:92:05:a3:64:81:
be:e6:c1:a6:76:69:34:6a:7d:a0:81:2b:57:ca:9e:19:52:b5:
ed:91:b1:d4:99:d0:8c:e2:df:f5:e6:80:18:fe:78:2d:55:ff:
a8:33:3b:66:76:ab:88:fb:88:9a:f9:bf:f6:65:83:87:40:a4:
91:0c:5d:56
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYXMHC5gxxB6oe9z6tkVT1K8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjMwMTE5MjIxNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjM4MzAzZDY1NmRmNmU1OGE4YjYwYmZiMGQ3YzgwMDg0MTJjZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl92rGw2JNfrIEpNmj1hjKgdSqPlF
hja70DhgsSbqxTeb1zvLICQdqJteE908imQuZOiFWM0Q+zN2GWTqo5m0Zle7+Z0F
QPa6dLCnauZQc27ZKzunZSXHSQFmWPGwvLecKcj7YWZioiNSwju32e2gTM29Ci5b
7npUzxT5ZgtV8ET8DpyF8knxTF0vYGnAl76HpxMHM/7v/U9qQI4rZg0Y5sKxaBFa
lZSfW347ojS0lwZkz7HiVHewHLI1C6da6BjMHLZue1spSthZ+6CGqoCG9nzaUAqy
lk1c+Ki6/053TUmHgPWXSgMZSYGX9d0UV4sFPpfBQ2RFgGgf8KYj+skBFwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFB84MD1lbfbliotgv7DXyACEEs/aMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvSHpnd1BXVnQ5dVdLaTJDX3NOZklBSVFTejlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDAwBAIAATAqAwQCLZcQAwQC
LZ34AwQCPsCMAwQCk06kAwQCuWJAAwQCwZRQAwQC1eJIMDAEAgACMCoDBQAqAHqg
AwUAKgkmwAMFACoJQ4ADBQAqCnmAAwUAKg3mwAMFACoPDQAwDQYJKoZIhvcNAQEL
BQADggEBAFDzC9ah4gPwFXCCkpZMkQ3wESbm4Xcpcj5xXYnrajVgRR6d7c9NjlcD
10fQimFgqZ+1nZB3XTy7JwCvaY3DtZitos5zT7JHTWpY1tuZE0PaDyrBYPzMwApn
U5Zo9reOA5Yh0CCqUgelpfQ1z7w/PenLxQ/CLAmphkOayZ3wLTtEQtj56aD1G7kp
QKTGsDvULjHQ/jEo6pj6cNlbhLJc2YGYBM2PExh+MaWedlKvLP/P5aUDWmv3Sp2x
lY+t/J3x1geSBaNkgb7mwaZ2aTRqfaCBK1fKnhlSte2RsdSZ0Izi3/XmgBj+eC1V
/6gzO2Z2q4j7iJr5v/Zlg4dApJEMXVY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:08 2023 by rpki-client on console-fra.rpki-client.org