Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_dEv_uk2HHhaZhHrb4P2_rJ4Uas.roa
File: _dEv_uk2HHhaZhHrb4P2_rJ4Uas.roa (raw, json)
Hash identifier: EFrATROMk8ez14gcqMEHYG3TeTrHQeA5SRhtpREsg8c=
Subject key identifier: FD:D1:2F:FE:E9:36:1C:78:5A:66:11:EB:6F:83:F6:FE:B2:78:51:AB
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A238F79F073626719B5E524E028846240
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_dEv_uk2HHhaZhHrb4P2_rJ4Uas.roa
Signing time: Wed 23 Aug 2023 18:01:59 +0000
ROA not before: Wed 23 Aug 2023 18:01:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 194.180.238.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
45.149.160.0/22 maxlen: 24
185.243.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:8f:79:f0:73:62:67:19:b5:e5:24:e0:28:84:62:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 23 18:01:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdd12ffee9361c785a6611eb6f83f6feb27851ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a1:42:6b:3a:ef:04:26:74:48:cf:70:0a:be:
f3:a6:c3:df:d2:73:71:ef:8a:b0:6e:df:9d:1f:75:
cd:9b:75:d9:b1:09:49:12:83:22:72:8e:44:23:64:
11:f4:0d:1d:04:8b:e4:b4:cd:51:4b:ab:a7:9a:28:
e5:97:ae:ad:e8:ff:a8:2b:87:9b:66:72:22:44:a7:
7b:9c:c3:86:58:c1:19:f3:c6:aa:e3:b6:1c:9a:ef:
b4:50:a5:7e:45:35:d7:d8:56:fa:09:12:c5:9f:1d:
9a:f2:c9:22:a1:44:39:ed:2f:1e:07:94:65:9b:60:
a4:e3:ef:0b:79:7c:66:12:6e:64:69:eb:d6:af:b6:
35:1c:4d:af:25:4b:4e:05:9f:6d:5f:da:13:cd:41:
02:28:fe:7a:24:a4:35:c8:0e:ef:c2:c5:79:6c:a1:
ca:8d:bd:29:f8:50:44:7a:80:e9:57:13:b0:97:f9:
28:60:16:85:42:db:43:77:5f:39:dc:31:63:d9:c3:
73:a5:43:dd:3a:74:47:78:e9:5f:fe:99:d5:32:b4:
c8:70:bb:18:c4:7b:49:be:69:ad:65:6d:14:fb:da:
db:a7:b7:52:31:8e:c9:b7:b9:f2:d0:0d:f4:44:2b:
1e:b0:cb:9d:13:74:e0:b6:8e:26:88:82:34:62:12:
d1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:D1:2F:FE:E9:36:1C:78:5A:66:11:EB:6F:83:F6:FE:B2:78:51:AB
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_dEv_uk2HHhaZhHrb4P2_rJ4Uas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.160.0/22
89.32.126.0/24
185.15.136.0/23
185.243.140.0/22
194.180.238.0/24
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
05:6b:7c:60:7b:c2:21:c7:d5:6a:1c:1d:78:74:6a:d0:04:2f:
fd:f0:b7:10:c9:9b:aa:17:81:cf:e3:9e:5f:47:fb:02:45:ab:
c5:50:54:a9:49:26:10:22:4f:53:60:09:e4:5f:46:0d:9e:20:
75:9f:04:11:80:db:52:ff:0f:b7:47:52:1c:3b:91:cf:7b:61:
c6:2c:9b:af:5f:fa:49:2c:0b:0a:ff:01:8a:ef:99:c4:dc:50:
31:a5:c5:ea:18:2a:d6:d2:35:a1:e0:90:37:63:6f:3f:19:bf:
d0:78:ac:46:2e:52:c5:37:f5:03:a2:a8:5c:f0:33:af:19:1a:
24:91:ca:db:c5:0e:ab:d6:52:52:cf:71:4b:c7:1b:6b:da:e2:
2b:0e:31:d3:22:b5:5c:06:3b:f9:fd:07:2e:ae:fa:f2:8f:7d:
bf:75:be:9c:24:92:5a:bd:0e:6d:a8:0b:d7:f5:57:00:56:73:
00:9d:a6:93:4a:12:62:84:ba:29:08:69:ba:26:2a:40:42:a8:
21:c9:43:09:87:18:cc:6d:52:4a:a9:16:fc:f3:f2:df:95:ad:
c7:86:e7:3c:92:c7:ba:bc:af:d6:e7:5a:fd:c5:e7:9b:30:39:
80:dc:1e:44:c2:ea:9e:33:1b:2e:af:1e:5f:a2:97:27:4e:d0:
d2:de:c2:3e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYojj3nwc2JnGbXlJOAohGJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODIzMTgwMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGQxMmZmZWU5MzYxYzc4NWE2NjExZWI2ZjgzZjZmZWIyNzg1MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aFCazrvBCZ0SM9wCr7zpsPf0nNx
74qwbt+dH3XNm3XZsQlJEoMico5EI2QR9A0dBIvktM1RS6unmijll66t6P+oK4eb
ZnIiRKd7nMOGWMEZ88aq47Ycmu+0UKV+RTXX2Fb6CRLFnx2a8skioUQ57S8eB5Rl
m2Ck4+8LeXxmEm5kaevWr7Y1HE2vJUtOBZ9tX9oTzUECKP56JKQ1yA7vwsV5bKHK
jb0p+FBEeoDpVxOwl/koYBaFQttDd1853DFj2cNzpUPdOnRHeOlf/pnVMrTIcLsY
xHtJvmmtZW0U+9rbp7dSMY7Jt7ny0A30RCsesMudE3Tgto4miII0YhLRjQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP3RL/7pNhx4WmYR62+D9v6yeFGrMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvX2RFdl91azJISGhhWmhIcmI0UDJfcko0VWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLZWgAwQA
WSB+AwQBuQ+IAwQCufOMAwQAwrTuAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IBAQAF
a3xge8Ihx9VqHB14dGrQBC/98LcQyZuqF4HP455fR/sCRavFUFSpSSYQIk9TYAnk
X0YNniB1nwQRgNtS/w+3R1IcO5HPe2HGLJuvX/pJLAsK/wGK75nE3FAxpcXqGCrW
0jWh4JA3Y28/Gb/QeKxGLlLFN/UDoqhc8DOvGRokkcrbxQ6r1lJSz3FLxxtr2uIr
DjHTIrVcBjv5/Qcurvryj32/db6cJJJavQ5tqAvX9VcAVnMAnaaTShJihLopCGm6
JipAQqghyUMJhxjMbVJKqRb88/Lfla3Hhuc8kse6vK/W51r9xeebMDmA3B5Ewuqe
Mxsurx5fopcnTtDS3sI+
-----END CERTIFICATE-----
Generated at Tue Sep 5 17:41:24 2023 by rpki-client on console-ams.rpki-client.org