Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/1LLl6IDZmRQAdTDIGq81JlZUeQ0.roa
File: 1LLl6IDZmRQAdTDIGq81JlZUeQ0.roa (raw, json)
Hash identifier: 57nKtt+ln+wToYhrXWWfEanqMbd+IW3F+bbbBsbuhAc=
Subject key identifier: D4:B2:E5:E8:80:D9:99:14:00:75:30:C8:1A:AF:35:26:56:54:79:0D
Certificate issuer: /CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Certificate serial: 01856F14B0414E59CE72E588F850C70B0296
Authority key identifier: F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/1LLl6IDZmRQAdTDIGq81JlZUeQ0.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2535
IP address blocks: 149.184.160.0/20 maxlen: 20
149.184.160.0/21 maxlen: 21
149.184.168.0/21 maxlen: 21
149.189.192.0/22 maxlen: 22
149.189.192.0/21 maxlen: 21
149.189.196.0/22 maxlen: 22
149.182.217.0/24 maxlen: 24
149.182.216.0/24 maxlen: 24
149.182.216.0/23 maxlen: 23
149.184.144.0/24 maxlen: 24
149.184.144.0/23 maxlen: 23
149.184.143.0/24 maxlen: 24
149.184.145.0/24 maxlen: 24
149.184.142.0/24 maxlen: 24
149.184.142.0/23 maxlen: 23
149.189.160.0/21 maxlen: 21
149.189.160.0/20 maxlen: 20
149.189.168.0/21 maxlen: 21
149.195.58.0/23 maxlen: 23
149.195.58.0/24 maxlen: 24
149.195.59.0/24 maxlen: 24
149.184.224.0/19 maxlen: 19
149.184.224.0/20 maxlen: 20
149.184.240.0/20 maxlen: 20
149.185.136.0/24 maxlen: 24
149.185.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b0:41:4e:59:ce:72:e5:88:f8:50:c7:0b:02:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4460d6554d581ebb80e39e45015cd7d36d93f66
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4b2e5e880d99914007530c81aaf35265654790d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:44:41:42:0e:be:14:a4:27:9d:66:55:44:27:
b6:70:d1:f6:13:da:ff:f1:fd:63:92:0b:55:96:4d:
4f:9e:ee:7b:89:5b:92:33:ba:5f:c7:6e:22:1a:0f:
cf:e8:0c:79:ad:8a:84:5f:47:0f:89:49:95:a6:6e:
bc:9f:43:32:8f:13:fe:83:ff:36:ed:21:f5:1b:fc:
41:25:05:3f:25:55:38:ee:c2:e1:ca:10:75:d9:bb:
cd:d4:65:df:39:6d:7b:71:57:ba:0f:6e:e5:51:12:
32:6e:ab:0e:34:50:fb:03:53:11:9f:a2:1c:d7:6b:
1d:ad:24:6e:c5:a5:2c:1d:99:9f:5d:4a:f1:23:3c:
21:d3:79:e4:34:8b:86:b7:77:2b:c7:32:bf:39:4b:
b0:69:f5:3e:ae:13:f9:54:22:26:a5:85:aa:9f:17:
e2:e2:af:7d:71:9a:c0:c9:0d:e7:cc:5b:8f:ff:de:
32:68:25:a0:a9:ef:c1:3c:11:61:42:82:06:90:37:
de:51:4f:8d:11:ff:25:23:03:05:00:69:e3:3f:92:
a4:db:3f:3e:16:ec:8c:ba:9c:03:87:b1:ea:e0:13:
85:ba:9e:71:4f:8a:d3:b9:9f:38:d4:0f:c4:fb:82:
a4:15:c4:c2:47:82:5d:f6:c3:fc:65:42:31:a2:77:
33:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B2:E5:E8:80:D9:99:14:00:75:30:C8:1A:AF:35:26:56:54:79:0D
X509v3 Authority Key Identifier:
keyid:F4:46:0D:65:54:D5:81:EB:B8:0E:39:E4:50:15:CD:7D:36:D9:3F:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/1LLl6IDZmRQAdTDIGq81JlZUeQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/455f56-1e6f-467d-b711-ebdf38b0095c/1/9EYNZVTVgeu4DjnkUBXNfTbZP2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.182.216.0/23
149.184.142.0-149.184.145.255
149.184.160.0/20
149.184.224.0/19
149.185.136.0/24
149.185.200.0/24
149.189.160.0/20
149.189.192.0/21
149.195.58.0/23
Signature Algorithm: sha256WithRSAEncryption
00:78:10:a3:03:0f:1d:d1:67:67:d8:c9:3b:5d:9c:a9:28:41:
72:5e:8e:07:76:45:e9:0e:ef:17:2c:2b:98:1f:f3:bd:04:94:
e5:e0:f6:3f:45:ce:3e:3d:79:13:8c:01:35:66:84:5d:13:eb:
c4:0e:90:db:16:7f:3e:d1:2e:bc:dc:52:2d:6b:0a:4e:30:b4:
37:93:a0:ec:03:79:7c:b6:c6:9b:2a:13:f4:90:df:98:2e:39:
db:58:fd:8a:e9:55:70:2b:58:e2:85:ab:2f:f3:f2:87:6e:25:
76:fb:a6:7d:bb:53:0d:c2:1e:81:83:e5:ce:bd:0e:04:19:ab:
f4:69:da:90:06:95:96:0d:1d:83:6d:3b:2f:07:3f:44:92:6c:
d5:cb:d0:4d:a6:11:0e:82:7b:6b:69:d0:10:b4:1e:5f:70:05:
a1:f8:36:d8:e9:71:5e:4c:cb:b9:1b:87:54:be:0c:96:7c:88:
4d:4b:8f:bc:39:26:45:8c:f2:c6:f4:88:24:73:4c:8c:0b:a5:
e5:ba:bd:cc:5b:00:d6:60:50:46:e3:05:77:51:df:fd:03:38:
d2:23:90:96:d0:8b:0b:37:5f:fa:3d:d5:a5:4f:5e:f7:26:58:
2a:13:d0:bf:f6:64:04:71:b0:ee:b2:af:bf:ef:27:98:90:cf:
42:b2:8d:02
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVvFLBBTlnOcuWI+FDHCwKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDYwZDY1NTRkNTgxZWJiODBlMzllNDUwMTVjZDdkMzZk
OTNmNjYwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGIyZTVlODgwZDk5OTE0MDA3NTMwYzgxYWFmMzUyNjU2NTQ3OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkRBQg6+FKQnnWZVRCe2cNH2E9r/
8f1jkgtVlk1Pnu57iVuSM7pfx24iGg/P6Ax5rYqEX0cPiUmVpm68n0MyjxP+g/82
7SH1G/xBJQU/JVU47sLhyhB12bvN1GXfOW17cVe6D27lURIybqsONFD7A1MRn6Ic
12sdrSRuxaUsHZmfXUrxIzwh03nkNIuGt3crxzK/OUuwafU+rhP5VCImpYWqnxfi
4q99cZrAyQ3nzFuP/94yaCWgqe/BPBFhQoIGkDfeUU+NEf8lIwMFAGnjP5Kk2z8+
FuyMupwDh7Hq4BOFup5xT4rTuZ841A/E+4KkFcTCR4Jd9sP8ZUIxonczIwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNSy5eiA2ZkUAHUwyBqvNSZWVHkNMB8GA1UdIwQY
MBaAFPRGDWVU1YHruA455FAVzX022T9mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVZTlpWVFZnZXU0RGpua1VCWE5mVGJaUDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi80NTVmNTYtMWU2Zi00NjdkLWI3MTEt
ZWJkZjM4YjAwOTVjLzEvMUxMbDZJRFptUlFBZFRESUdxODFKbFpVZVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi80NTVmNTYtMWU2Zi00NjdkLWI3MTEtZWJkZjM4YjAwOTVj
LzEvOUVZTlpWVFZnZXU0RGpua1VCWE5mVGJaUDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBlbbYMAwD
BAGVuI4DBAGVuJADBASVuKADBAWVuOADBACVuYgDBACVucgDBASVvaADBAOVvcAD
BAGVwzowDQYJKoZIhvcNAQELBQADggEBAAB4EKMDDx3RZ2fYyTtdnKkoQXJejgd2
RekO7xcsK5gf870ElOXg9j9Fzj49eROMATVmhF0T68QOkNsWfz7RLrzcUi1rCk4w
tDeToOwDeXy2xpsqE/SQ35guOdtY/YrpVXArWOKFqy/z8oduJXb7pn27Uw3CHoGD
5c69DgQZq/Rp2pAGlZYNHYNtOy8HP0SSbNXL0E2mEQ6Ce2tp0BC0Hl9wBaH4Ntjp
cV5My7kbh1S+DJZ8iE1Lj7w5JkWM8sb0iCRzTIwLpeW6vcxbANZgUEbjBXdR3/0D
ONIjkJbQiws3X/o91aVPXvcmWCoT0L/2ZARxsO6yr7/vJ5iQz0KyjQI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:56 2024 by rpki-client on console-ams.rpki-client.org