Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/1-nvAywDoJfaOUXsqhvWiLQNk6kY.roa
File: 1-nvAywDoJfaOUXsqhvWiLQNk6kY.roa (raw, json)
Hash identifier: CL1JxUX3le9/hCi8qi+RQ82zCABMiIfnlpzWJuFwgoY=
Subject key identifier: FA:7B:C0:CB:00:E8:25:F6:8E:51:7B:2A:86:F5:A2:2D:03:64:EA:46
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 018B8AF68E52C55C08670824BE7542C12617
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/1-nvAywDoJfaOUXsqhvWiLQNk6kY.roa
Signing time: Wed 01 Nov 2023 12:58:15 +0000
ROA not before: Wed 01 Nov 2023 12:58:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42303
IP address blocks: 193.149.178.0/24 maxlen: 24
185.55.8.0/22 maxlen: 22
5.35.184.0/21 maxlen: 21
77.72.96.0/21 maxlen: 21
94.127.32.0/21 maxlen: 21
46.182.200.0/21 maxlen: 24
185.153.212.0/22 maxlen: 24
151.236.200.0/21 maxlen: 24
2a02:470::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:f6:8e:52:c5:5c:08:67:08:24:be:75:42:c1:26:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Nov 1 12:58:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa7bc0cb00e825f68e517b2a86f5a22d0364ea46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d9:f8:1b:98:2b:15:44:20:aa:dd:43:86:77:
e6:25:2a:f0:e4:17:c7:11:3f:0f:98:c7:37:f7:3c:
9e:41:d4:bc:64:8e:f8:19:74:a6:71:64:ac:37:a5:
ea:12:4d:7c:d4:ad:12:31:d2:c4:a5:38:a1:f5:c4:
2a:1f:21:af:9b:f3:cc:18:3b:77:47:03:b3:33:51:
ab:7a:d3:a9:33:5c:15:3b:e0:c6:30:c6:79:27:5a:
3d:21:45:26:06:c4:22:fc:78:87:a5:4a:e6:da:64:
a6:87:1e:56:98:97:58:99:6b:fe:22:92:f4:20:8f:
3e:69:ff:2b:12:34:1b:02:7c:04:c3:bb:4c:38:d1:
1d:12:28:7c:eb:a9:80:08:cd:f9:b8:c1:61:15:96:
0e:a6:81:a6:9c:ab:ac:08:77:e4:62:41:90:2d:49:
24:b7:a7:68:8d:15:7a:fb:a3:81:b7:d2:54:67:4c:
31:04:1e:67:09:9a:50:c8:55:17:80:bb:b5:66:ec:
6f:27:83:46:c7:17:f4:ee:ba:27:0d:bb:e6:d8:31:
58:d6:29:98:33:92:8c:a7:03:7b:fc:12:2e:86:4d:
c0:1c:e7:de:a2:da:b4:85:98:6f:ab:cf:9e:cb:cf:
68:73:18:67:b0:14:78:14:4b:3b:0f:7c:ff:f5:3e:
ce:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7B:C0:CB:00:E8:25:F6:8E:51:7B:2A:86:F5:A2:2D:03:64:EA:46
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/1-nvAywDoJfaOUXsqhvWiLQNk6kY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.184.0/21
46.182.200.0/21
77.72.96.0/21
94.127.32.0/21
151.236.200.0/21
185.55.8.0/22
185.153.212.0/22
193.149.178.0/24
IPv6:
2a02:470::/32
Signature Algorithm: sha256WithRSAEncryption
98:ed:1d:92:d7:6a:01:e9:ab:1a:53:ad:bb:35:9b:c7:1a:47:
37:8c:06:8c:be:90:f1:ef:d3:ca:37:c0:4a:a6:95:09:8a:91:
30:10:66:89:d8:70:b5:e5:75:8e:6b:96:40:92:64:9d:c6:e5:
ea:03:e0:55:bd:67:f9:a2:a3:19:48:a8:f5:99:e5:eb:40:fb:
44:9f:a1:d2:36:c9:a6:a8:67:ff:f3:4d:95:fb:d8:99:85:f1:
59:5f:0d:da:e4:01:37:68:f1:20:7c:4e:f8:2e:1a:8d:53:3c:
ea:62:a4:00:07:c8:d7:da:0a:ba:fd:c9:1b:f8:ab:1a:e2:ee:
f4:7f:e3:96:6c:c8:3e:4b:31:eb:41:68:f3:dc:14:11:e3:8a:
be:55:f7:30:6c:2e:1a:b7:90:79:2d:c5:fa:ac:66:95:34:29:
3f:7d:b5:48:55:6c:f2:27:44:a9:a0:76:84:93:4c:67:6a:f3:
e9:99:a9:31:2f:ee:a7:c7:dc:e5:c3:68:0d:60:74:c1:0b:28:
01:6c:04:bc:e2:32:f7:93:7e:c8:d6:8d:20:c1:88:21:d2:a6:
16:10:a0:48:0b:e7:e1:0b:d7:8f:7e:18:96:86:20:4d:d5:a1:
ed:2a:02:c9:1c:92:56:c4:58:04:6f:52:66:c1:71:eb:4b:97:
87:5c:df:48
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYuK9o5SxVwIZwgkvnVCwSYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMxMTAxMTI1ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTdiYzBjYjAwZTgyNWY2OGU1MTdiMmE4NmY1YTIyZDAzNjRlYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9n4G5grFUQgqt1DhnfmJSrw5BfH
ET8PmMc39zyeQdS8ZI74GXSmcWSsN6XqEk181K0SMdLEpTih9cQqHyGvm/PMGDt3
RwOzM1GretOpM1wVO+DGMMZ5J1o9IUUmBsQi/HiHpUrm2mSmhx5WmJdYmWv+IpL0
II8+af8rEjQbAnwEw7tMONEdEih866mACM35uMFhFZYOpoGmnKusCHfkYkGQLUkk
t6dojRV6+6OBt9JUZ0wxBB5nCZpQyFUXgLu1ZuxvJ4NGxxf07ronDbvm2DFY1imY
M5KMpwN7/BIuhk3AHOfeotq0hZhvq8+ey89ocxhnsBR4FEs7D3z/9T7O4wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPp7wMsA6CX2jlF7Kob1oi0DZOpGMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvMS1udkF5d0RvSmZhT1VYc3FodldpTFFOazZrWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvMjhlYTQ1LTdkMzAtNDZkZi04ZjJhLTA3NzlmNDhlY2Vh
MC8xL0JWRmdXMmRlems0UHpuRjFyakdwUDZnbks2WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAwUjuAME
Ay62yAMEA01IYAMEA15/IAMEA5fsyAMEArk3CAMEArmZ1AMEAMGVsjANBAIAAjAH
AwUAKgIEcDANBgkqhkiG9w0BAQsFAAOCAQEAmO0dktdqAemrGlOtuzWbxxpHN4wG
jL6Q8e/TyjfASqaVCYqRMBBmidhwteV1jmuWQJJkncbl6gPgVb1n+aKjGUio9Znl
60D7RJ+h0jbJpqhn//NNlfvYmYXxWV8N2uQBN2jxIHxO+C4ajVM86mKkAAfI19oK
uv3JG/irGuLu9H/jlmzIPksx60Fo89wUEeOKvlX3MGwuGreQeS3F+qxmlTQpP321
SFVs8idEqaB2hJNMZ2rz6ZmpMS/up8fc5cNoDWB0wQsoAWwEvOIy95N+yNaNIMGI
IdKmFhCgSAvn4QvXj34YloYgTdWh7SoCyRySVsRYBG9SZsFx60uXh1zfSA==
-----END CERTIFICATE-----
Generated at Wed Nov 1 15:14:25 2023 by rpki-client on console-ams.rpki-client.org