Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3kTzz3X9VLiWQBvixDHVnM6swEw.roa
File: 3kTzz3X9VLiWQBvixDHVnM6swEw.roa (raw, json)
Hash identifier: jvgQnyE22pT5UwutsgiPmVoxSOyH5uMr2d1r9JEbems=
Subject key identifier: DE:44:F3:CF:75:FD:54:B8:96:40:1B:E2:C4:31:D5:9C:CE:AC:C0:4C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E88B715047B954EB24A961E7F7B826
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3kTzz3X9VLiWQBvixDHVnM6swEw.roa
Signing time: Mon 02 Jan 2023 09:55:43 +0000
ROA not before: Mon 02 Jan 2023 09:55:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.190.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.88.136.0/23 maxlen: 24
85.209.122.0/23 maxlen: 24
194.242.97.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:8b:71:50:47:b9:54:eb:24:a9:61:e7:f7:b8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de44f3cf75fd54b896401be2c431d59cceacc04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e1:6f:34:26:d1:38:24:6e:42:d8:9f:ee:73:
f7:d2:fd:30:ee:71:d6:70:bb:71:7f:09:61:c6:a5:
04:fc:3b:8c:6f:0c:b0:cd:e2:52:ba:91:72:fb:d5:
06:bf:ef:f3:1b:a2:15:3c:63:eb:d8:03:f0:78:fc:
10:e7:4d:e4:0d:0a:04:2a:76:da:40:1a:6f:79:e4:
81:f8:09:83:a3:99:73:0e:ff:9a:2e:46:47:f4:d1:
07:32:cc:d2:ea:0c:17:d8:f5:70:15:00:5c:15:00:
64:58:b4:d4:20:2e:43:13:fa:35:f5:82:10:d8:4a:
9c:c6:fa:09:2a:77:83:2f:02:b0:41:8a:61:69:6c:
aa:39:43:7b:bf:2f:bf:30:14:fc:9b:05:36:dc:30:
9b:9e:a0:b1:29:72:28:70:43:92:ef:18:70:3e:3b:
71:8b:b9:f7:30:83:ce:62:73:55:e7:82:de:2a:50:
06:0c:16:23:56:c7:6b:76:16:fb:2b:0f:5e:e1:b9:
37:15:be:0b:4e:dc:a2:ca:8e:f9:11:af:f9:1c:0a:
da:30:fa:05:f8:1f:b6:c9:87:a4:31:39:6d:bf:26:
4b:98:d9:bd:1c:b0:e2:73:40:40:6a:0c:1c:ec:6a:
a1:f0:9d:cd:f5:19:88:24:d9:a1:37:cc:43:a9:fc:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:44:F3:CF:75:FD:54:B8:96:40:1B:E2:C4:31:D5:9C:CE:AC:C0:4C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3kTzz3X9VLiWQBvixDHVnM6swEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.13.190.0/24
45.81.112.0/22
45.88.136.0/23
45.132.181.0-45.132.183.255
45.144.212.0/24
45.151.3.0/24
85.209.122.0/23
194.242.97.0/24
195.177.92.0/23
Signature Algorithm: sha256WithRSAEncryption
45:19:3a:02:cf:2d:6a:41:d7:19:04:80:18:8d:a1:4a:43:0d:
d3:fd:42:22:d3:79:3c:5f:4a:14:52:fb:dc:74:fb:45:35:4c:
4b:9b:9d:0f:33:fb:bd:43:33:f2:ad:ea:48:08:7a:bc:fa:02:
4d:17:3c:ab:b0:15:c1:5c:0a:06:2b:28:a9:03:64:db:90:43:
ad:25:f6:64:77:df:f2:4a:cf:ac:34:23:bb:f5:d9:11:91:bb:
dd:6f:77:39:bd:28:64:39:47:c3:e6:da:a9:90:56:42:e9:3c:
e9:b5:19:15:00:fd:30:f2:d8:62:10:72:fb:7c:e4:70:b3:81:
d9:4d:fc:b0:b3:40:7e:1a:d0:a3:8e:41:ab:29:af:f4:b0:6e:
84:f1:57:8b:c8:e6:48:41:e2:4c:9e:61:ec:a7:ca:a3:d6:75:
95:90:1e:bd:29:f9:3b:8c:a8:62:82:26:4a:c8:0c:70:9a:9e:
10:65:9e:69:60:46:8b:d0:7e:b4:f6:ed:34:34:4a:48:f8:97:
ea:73:b3:90:b8:d8:58:88:0c:86:06:4d:5f:b3:c5:89:a2:c3:
48:69:bf:33:f9:fa:05:7b:3a:8e:f1:98:68:2a:be:b4:0a:23:
34:f5:d8:d4:b6:2d:2e:8f:56:84:23:84:9b:5a:5e:bc:1f:1a:
9c:e7:ad:8b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVx6ItxUEe5VOskqWHn97gmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ0ZjNjZjc1ZmQ1NGI4OTY0MDFiZTJjNDMxZDU5Y2NlYWNjMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuFvNCbROCRuQtif7nP30v0w7nHW
cLtxfwlhxqUE/DuMbwywzeJSupFy+9UGv+/zG6IVPGPr2APwePwQ503kDQoEKnba
QBpveeSB+AmDo5lzDv+aLkZH9NEHMszS6gwX2PVwFQBcFQBkWLTUIC5DE/o19YIQ
2EqcxvoJKneDLwKwQYphaWyqOUN7vy+/MBT8mwU23DCbnqCxKXIocEOS7xhwPjtx
i7n3MIPOYnNV54LeKlAGDBYjVsdrdhb7Kw9e4bk3Fb4LTtyiyo75Ea/5HAraMPoF
+B+2yYekMTltvyZLmNm9HLDic0BAagwc7Gqh8J3N9RmIJNmhN8xDqfxApQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFN5E8891/VS4lkAb4sQx1ZzOrMBMMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvM2tUenozWDlWTGlXUUJ2aXhESFZuTTZzd0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBBbVUAwQA
BbVXAwQALQ2+AwQCLVFwAwQBLViIMAwDBAAthLUDBAMthLADBAAtkNQDBAAtlwMD
BAFV0XoDBADC8mEDBAHDsVwwDQYJKoZIhvcNAQELBQADggEBAEUZOgLPLWpB1xkE
gBiNoUpDDdP9QiLTeTxfShRS+9x0+0U1TEubnQ8z+71DM/Kt6kgIerz6Ak0XPKuw
FcFcCgYrKKkDZNuQQ60l9mR33/JKz6w0I7v12RGRu91vdzm9KGQ5R8Pm2qmQVkLp
POm1GRUA/TDy2GIQcvt85HCzgdlN/LCzQH4a0KOOQaspr/SwboTxV4vI5khB4kye
YeynyqPWdZWQHr0p+TuMqGKCJkrIDHCanhBlnmlgRovQfrT27TQ0Skj4l+pzs5C4
2FiIDIYGTV+zxYmiw0hpvzP5+gV7Oo7xmGgqvrQKIzT12NS2LS6PVoQjhJtaXrwf
GpznrYs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org