Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/8C-PB5PViTimrdnJyLG3BUFYJ1k.roa
File: 8C-PB5PViTimrdnJyLG3BUFYJ1k.roa (raw, json)
Hash identifier: c+qDM+AtiWfLbQbY3ivBGdVtc+0RRJiMaPyJ2bf6HkQ=
Subject key identifier: F0:2F:8F:07:93:D5:89:38:A6:AD:D9:C9:C8:B1:B7:05:41:58:27:59
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 018812CAF2E38AFF5C07175BA45EACFE4625
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/8C-PB5PViTimrdnJyLG3BUFYJ1k.roa
Signing time: Sat 13 May 2023 01:47:50 +0000
ROA not before: Sat 13 May 2023 01:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49028
IP address blocks: 193.203.52.0/22 maxlen: 22
185.252.236.0/22 maxlen: 22
185.252.236.0/24 maxlen: 24
45.151.8.0/22 maxlen: 22
185.252.237.0/24 maxlen: 24
185.252.238.0/24 maxlen: 24
185.252.239.0/24 maxlen: 24
2.59.188.0/22 maxlen: 22
2a0c:2dc0::/29 maxlen: 29
2a09:f7c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:12:ca:f2:e3:8a:ff:5c:07:17:5b:a4:5e:ac:fe:46:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: May 13 01:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f02f8f0793d58938a6add9c9c8b1b70541582759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fb:9c:72:72:e3:c1:7e:36:75:f4:d0:b9:83:
fe:56:46:ba:68:7c:c1:73:5e:7d:07:c7:d2:89:f3:
fd:56:77:3a:3a:ff:ad:38:b7:e6:20:4b:90:cc:39:
6e:20:52:61:b8:d4:a8:30:e5:3c:d7:8f:61:f7:f3:
22:7d:3f:1c:49:7d:aa:3a:82:3a:98:53:a9:95:a4:
01:2f:ef:38:b7:d2:22:77:ee:76:d4:1c:8f:f7:bf:
71:96:b9:8b:e2:6d:01:d5:ae:7f:aa:94:e5:e2:e4:
21:c4:66:be:c3:f3:30:35:c2:bb:b1:42:60:df:99:
ab:c0:27:26:82:f3:ef:25:b2:12:81:72:fa:6d:d0:
66:3e:79:3a:a1:10:23:ae:f5:1b:3c:a9:58:ea:b6:
48:25:0d:c4:a6:f2:c2:40:46:eb:86:57:8c:e1:ac:
48:e8:b5:17:f1:82:a2:fa:47:9f:a7:af:b5:c1:2f:
90:09:64:a7:23:ee:86:54:a1:82:2e:51:0a:98:34:
4c:ca:b2:8d:5d:fc:40:99:6c:25:42:50:31:9f:c0:
ad:ef:0e:44:cf:50:f5:5e:40:55:01:f0:39:38:b0:
2c:6b:c7:22:50:26:e5:94:a3:72:f7:50:11:66:1e:
fe:cf:e9:52:fc:bd:b8:87:45:15:b7:2d:16:26:1a:
b6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2F:8F:07:93:D5:89:38:A6:AD:D9:C9:C8:B1:B7:05:41:58:27:59
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/8C-PB5PViTimrdnJyLG3BUFYJ1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.188.0/22
45.151.8.0/22
185.252.236.0/22
193.203.52.0/22
IPv6:
2a09:f7c0::/29
2a0c:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
00:d8:84:f2:1d:5b:44:3b:9d:d1:04:5a:6e:e3:79:0d:32:ef:
78:5a:bc:d2:d9:8b:0c:a6:5f:32:4c:70:ee:cf:c6:43:36:93:
f8:7d:ba:8b:9e:6d:b9:bf:f2:c3:ec:6f:7a:53:99:4a:16:04:
2d:e1:f4:ee:11:22:9b:7e:e0:47:86:e6:22:a1:4e:1d:45:af:
a5:e4:e8:43:e6:af:17:4f:bc:c9:c9:5f:06:7a:2c:de:00:3f:
6a:80:4a:93:82:b8:31:9b:45:7f:f0:2f:85:80:4c:39:46:2f:
60:ac:98:bc:45:ad:ed:97:1e:ac:4d:77:68:98:91:38:fa:a2:
51:ca:75:72:7c:23:d5:b8:05:2d:f8:a3:65:c8:64:12:20:b1:
0f:3b:7a:8f:09:eb:93:ca:27:3f:14:e6:49:58:6f:50:30:f7:
db:77:81:3b:c4:33:35:84:83:f9:28:65:4f:ce:f5:27:8c:d8:
dc:42:ad:e3:23:a0:8a:94:fd:00:c3:3c:df:64:c0:f4:74:7b:
53:77:a1:d8:0a:73:be:7b:87:77:66:4b:83:93:29:9a:77:cd:
2f:b5:5e:72:88:64:41:a5:74:9d:ce:e4:78:1d:c6:a7:b4:a1:
54:1c:a8:f9:33:25:fa:31:7f:ba:35:0f:71:05:1d:63:99:70:
62:4b:0c:e6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYgSyvLjiv9cBxdbpF6s/kYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjMwNTEzMDE0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJmOGYwNzkzZDU4OTM4YTZhZGQ5YzljOGIxYjcwNTQxNTgyNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPuccnLjwX42dfTQuYP+Vka6aHzB
c159B8fSifP9Vnc6Ov+tOLfmIEuQzDluIFJhuNSoMOU8149h9/MifT8cSX2qOoI6
mFOplaQBL+84t9Iid+521ByP979xlrmL4m0B1a5/qpTl4uQhxGa+w/MwNcK7sUJg
35mrwCcmgvPvJbISgXL6bdBmPnk6oRAjrvUbPKlY6rZIJQ3EpvLCQEbrhleM4axI
6LUX8YKi+kefp6+1wS+QCWSnI+6GVKGCLlEKmDRMyrKNXfxAmWwlQlAxn8Ct7w5E
z1D1XkBVAfA5OLAsa8ciUCbllKNy91ARZh7+z+lS/L24h0UVty0WJhq2PQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPAvjweT1Yk4pq3ZycixtwVBWCdZMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvOEMtUEI1UFZpVGltcmRuSnlMRzNCVUZZSjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCAju8AwQC
LZcIAwQCufzsAwQCwcs0MBQEAgACMA4DBQMqCffAAwUDKgwtwDANBgkqhkiG9w0B
AQsFAAOCAQEAANiE8h1bRDud0QRabuN5DTLveFq80tmLDKZfMkxw7s/GQzaT+H26
i55tub/yw+xvelOZShYELeH07hEim37gR4bmIqFOHUWvpeToQ+avF0+8yclfBnos
3gA/aoBKk4K4MZtFf/AvhYBMOUYvYKyYvEWt7ZcerE13aJiROPqiUcp1cnwj1bgF
LfijZchkEiCxDzt6jwnrk8onPxTmSVhvUDD323eBO8QzNYSD+ShlT871J4zY3EKt
4yOgipT9AMM832TA9HR7U3eh2ApzvnuHd2ZLg5MpmnfNL7VecohkQaV0nc7keB3G
p7ShVByo+TMl+jF/ujUPcQUdY5lwYksM5g==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:46 2024 by rpki-client on console-fra.rpki-client.org