Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa
File: Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa (raw, json)
Hash identifier: F73xiVfjWrh5EGaqWx566fvk6zIQyc2yx7lA0ZiqnGE=
Subject key identifier: 66:AE:EC:B0:EF:5A:1E:09:7E:05:9E:9C:9C:04:48:78:D1:FD:19:57
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018B7314AA26D9A1BD449747390BD443AA10
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa
Signing time: Fri 27 Oct 2023 21:40:15 +0000
ROA not before: Fri 27 Oct 2023 21:40:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47583
IP address blocks: 194.55.132.0/24 maxlen: 24
194.55.133.0/24 maxlen: 24
45.145.184.0/23 maxlen: 24
45.145.186.0/23 maxlen: 24
193.202.44.0/24 maxlen: 24
193.202.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:73:14:aa:26:d9:a1:bd:44:97:47:39:0b:d4:43:aa:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Oct 27 21:40:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66aeecb0ef5a1e097e059e9c9c044878d1fd1957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bb:8a:8d:8e:e3:2e:21:2f:60:88:8f:29:a3:
80:68:38:9a:41:40:82:49:de:17:6a:42:67:97:62:
b8:0c:38:5b:d3:3d:0d:69:e0:b2:04:e1:b4:df:9e:
55:c0:37:fa:72:f8:1a:da:cb:fc:ea:20:27:8e:3a:
bd:b9:f7:51:bb:86:12:a9:37:75:a7:4c:9b:13:a9:
69:37:e1:23:8f:22:cc:59:29:0b:6f:7e:af:5f:a8:
5c:54:64:51:62:99:d4:1a:a6:bf:02:b8:93:84:bf:
9a:2f:41:44:21:6e:6e:b9:a3:46:84:78:21:f5:cd:
66:56:69:c6:82:1b:6b:71:de:96:ac:80:eb:0a:ef:
63:54:e2:46:36:a5:8b:f6:84:1e:f1:79:46:69:a0:
7d:a0:ea:21:0e:a5:84:43:37:ef:db:b1:5d:90:f4:
59:f4:40:aa:22:45:17:ab:86:d7:69:83:5d:de:8d:
1e:72:9f:fe:a2:04:a7:b9:18:60:5f:91:87:2f:e8:
22:a2:4b:da:21:17:96:22:17:18:72:3e:71:0f:1d:
8e:66:d9:4c:8b:22:56:41:9c:ee:19:23:6a:09:97:
36:d7:0f:fd:7b:21:94:ff:a1:02:b5:19:22:03:c9:
72:eb:2a:e3:84:26:e3:36:14:22:91:87:62:83:2b:
4b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AE:EC:B0:EF:5A:1E:09:7E:05:9E:9C:9C:04:48:78:D1:FD:19:57
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/Zq7ssO9aHgl-BZ6cnARIeNH9GVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.184.0/22
193.202.44.0/23
194.55.132.0/23
Signature Algorithm: sha256WithRSAEncryption
83:e6:a0:c4:13:1c:06:42:bb:28:42:9d:45:23:f3:6c:3a:6b:
44:d2:07:92:a0:f4:a1:b6:00:2b:bc:9c:1c:9f:99:ea:f8:ff:
af:be:48:9f:5e:06:9d:ed:00:0b:f8:36:86:56:66:7f:67:d5:
33:1c:6d:35:11:de:3f:8f:d0:b4:8f:80:e9:db:1d:0a:81:87:
24:d1:98:f4:34:30:9e:97:57:0e:07:57:3f:48:e5:04:7a:c1:
65:4c:1d:74:05:de:4f:d3:fc:69:39:89:4d:52:17:5c:aa:50:
4d:85:3d:d2:be:b4:8f:70:cf:34:09:13:de:4f:6f:f5:52:d3:
8c:9b:fa:1f:80:77:ed:e2:2a:ba:09:0c:88:41:a9:32:5f:b9:
ec:32:ca:cb:27:04:7a:58:e9:81:3f:a7:c4:47:e3:28:64:bb:
ac:e6:26:4f:10:97:ad:51:56:78:59:f7:e8:46:cb:99:01:cc:
1f:aa:b3:99:36:af:d4:c5:14:75:2d:fc:e0:b2:cb:14:58:ab:
cf:b5:d0:6b:66:35:6d:a7:79:44:0a:b0:bf:52:20:5a:e1:2a:
01:9f:af:2c:9e:45:a0:f1:d7:0b:f7:79:8f:12:c4:ae:ed:53:
7e:c0:bc:5a:0a:1e:2f:65:6a:9d:91:80:29:bf:2c:8e:14:1b:
2f:59:c2:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtzFKom2aG9RJdHOQvUQ6oQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMDI3MjE0MDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFlZWNiMGVmNWExZTA5N2UwNTllOWM5YzA0NDg3OGQxZmQxOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLuKjY7jLiEvYIiPKaOAaDiaQUCC
Sd4XakJnl2K4DDhb0z0NaeCyBOG0355VwDf6cvga2sv86iAnjjq9ufdRu4YSqTd1
p0ybE6lpN+EjjyLMWSkLb36vX6hcVGRRYpnUGqa/AriThL+aL0FEIW5uuaNGhHgh
9c1mVmnGghtrcd6WrIDrCu9jVOJGNqWL9oQe8XlGaaB9oOohDqWEQzfv27FdkPRZ
9ECqIkUXq4bXaYNd3o0ecp/+ogSnuRhgX5GHL+giokvaIReWIhcYcj5xDx2OZtlM
iyJWQZzuGSNqCZc21w/9eyGU/6ECtRkiA8ly6yrjhCbjNhQikYdigytLdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGau7LDvWh4JfgWenJwESHjR/RlXMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvWnE3c3NPOWFIZ2wtQlo2Y25BUkllTkg5R1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZG4AwQB
wcosAwQBwjeEMA0GCSqGSIb3DQEBCwUAA4IBAQCD5qDEExwGQrsoQp1FI/NsOmtE
0geSoPShtgArvJwcn5nq+P+vvkifXgad7QAL+DaGVmZ/Z9UzHG01Ed4/j9C0j4Dp
2x0KgYck0Zj0NDCel1cOB1c/SOUEesFlTB10Bd5P0/xpOYlNUhdcqlBNhT3SvrSP
cM80CRPeT2/1UtOMm/ofgHft4iq6CQyIQakyX7nsMsrLJwR6WOmBP6fER+MoZLus
5iZPEJetUVZ4WffoRsuZAcwfqrOZNq/UxRR1LfzgsssUWKvPtdBrZjVtp3lECrC/
UiBa4SoBn68snkWg8dcL93mPEsSu7VN+wLxaCh4vZWqdkYApvyyOFBsvWcK1
-----END CERTIFICATE-----
Generated at Mon Oct 30 18:43:28 2023 by rpki-client on console-ams.rpki-client.org