Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa
File: 1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa (raw, json)
Hash identifier: 3ucjEbTOQu0s20NmTMlUBTpU+M1yWXsssTScVIrpP8U=
Subject key identifier: F8:EA:45:C3:CA:90:18:2B:59:C0:8B:D5:6F:48:37:42:75:3E:C3:FA
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 018891A41F6BB9D2ABD837565D4A49A0BB92
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa
Signing time: Tue 06 Jun 2023 16:57:12 +0000
ROA not before: Tue 06 Jun 2023 16:57:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51175
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.188.0/22 maxlen: 22
195.110.50.0/23 maxlen: 23
213.5.0.0/21 maxlen: 22
185.11.108.0/22 maxlen: 24
46.148.80.0/20 maxlen: 20
178.219.128.0/20 maxlen: 24
178.219.129.0/24 maxlen: 24
2a00:c020::/32 maxlen: 32
2a03:22c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:a4:1f:6b:b9:d2:ab:d8:37:56:5d:4a:49:a0:bb:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Jun 6 16:57:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8ea45c3ca90182b59c08bd56f483742753ec3fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d0:7b:6d:1f:62:62:a5:f5:57:a8:09:f7:8b:
43:2d:86:e9:97:f3:2a:fb:4b:ae:a2:77:cd:87:f1:
4f:70:cf:b7:e4:f7:fb:67:d1:bc:d5:47:49:60:1e:
7a:3c:aa:c2:98:62:36:5b:03:cc:70:e6:2b:82:42:
7c:cb:71:0a:4a:0c:ee:1a:57:b7:2d:66:c9:a1:43:
87:3a:3a:fe:36:3f:83:72:62:ab:f4:01:ae:70:86:
83:50:65:c0:53:43:fb:2d:b5:49:9e:0e:51:6d:76:
de:f4:85:a1:4d:73:1e:1c:36:89:1f:69:32:69:09:
dc:b3:67:cb:3e:a9:93:fd:e7:d1:e2:07:01:6e:cb:
c8:d3:83:53:05:d2:8d:da:9b:6f:67:b2:9f:f5:08:
01:92:c2:38:6c:71:55:1d:9b:c8:92:7d:0d:d7:86:
21:db:d6:83:bf:f0:82:f7:23:ac:d5:d4:7d:82:3a:
af:d1:2d:1d:13:05:5f:07:fa:2a:e1:1a:a1:08:78:
f9:fd:eb:85:90:47:df:1e:ac:2d:a2:e8:33:2a:8a:
f7:07:15:40:7b:cd:55:25:26:52:ed:63:5c:65:e5:
b3:f6:63:0e:92:54:d0:eb:0d:3a:5b:17:47:d4:d0:
07:1a:52:30:a8:c1:8d:7f:9c:a9:f7:9a:40:9c:6b:
a7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EA:45:C3:CA:90:18:2B:59:C0:8B:D5:6F:48:37:42:75:3E:C3:FA
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/1-OpFw8qQGCtZwIvVb0g3QnU-w_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.80.0/20
178.219.128.0/20
185.11.108.0/22
185.101.188.0/22
194.29.180.0/22
195.110.50.0/23
213.5.0.0/21
IPv6:
2a00:c020::/32
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
56:7a:83:13:b7:e2:06:a3:fe:74:36:e7:b9:f3:db:09:ae:11:
0b:f9:0c:2c:64:8c:ad:47:6b:90:25:fb:aa:72:aa:20:6c:f9:
d9:82:92:7e:34:ba:66:f1:de:74:34:f6:de:75:e4:de:8d:e9:
5d:30:10:4a:c3:af:4d:4e:73:f8:da:2a:8e:43:45:c2:d3:f4:
f4:06:cf:78:10:da:31:62:71:5a:4a:5f:9e:e9:ee:8c:ee:67:
2d:fa:1b:11:a8:91:d5:4c:83:c9:1b:f7:ba:6d:85:a4:10:bf:
6f:d8:ef:80:40:8b:cc:60:a4:d6:e5:fb:a3:fc:26:59:58:9b:
31:b3:78:43:2f:ea:ab:78:8b:9d:ae:a6:84:1e:6c:fa:24:c3:
e4:31:b3:e2:3f:87:11:ca:35:f8:54:84:4c:f9:be:5c:50:64:
6d:91:7d:86:00:fd:d2:4c:9b:07:f3:85:5f:dc:c1:9e:6e:1c:
c5:6a:38:e4:6c:f6:c9:83:08:ca:10:46:0a:f1:3b:6d:58:06:
4a:5d:de:c5:5b:be:de:58:1b:e8:fc:2d:f2:b8:f9:77:af:5b:
79:d4:04:f0:a5:52:ff:05:73:2d:d5:f6:cc:85:6b:a8:cc:ef:
62:ad:15:8d:96:1b:ba:ad:21:fe:69:70:8a:7f:eb:71:58:65:
94:5a:11:b8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYiRpB9rudKr2DdWXUpJoLuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwNjA2MTY1NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVhNDVjM2NhOTAxODJiNTljMDhiZDU2ZjQ4Mzc0Mjc1M2VjM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NB7bR9iYqX1V6gJ94tDLYbpl/Mq
+0uuonfNh/FPcM+35Pf7Z9G81UdJYB56PKrCmGI2WwPMcOYrgkJ8y3EKSgzuGle3
LWbJoUOHOjr+Nj+DcmKr9AGucIaDUGXAU0P7LbVJng5RbXbe9IWhTXMeHDaJH2ky
aQncs2fLPqmT/efR4gcBbsvI04NTBdKN2ptvZ7Kf9QgBksI4bHFVHZvIkn0N14Yh
29aDv/CC9yOs1dR9gjqv0S0dEwVfB/oq4RqhCHj5/euFkEffHqwtougzKor3BxVA
e81VJSZS7WNcZeWz9mMOklTQ6w06WxdH1NAHGlIwqMGNf5yp95pAnGunPwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPjqRcPKkBgrWcCL1W9IN0J1PsP6MB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvMS1PcEZ3OHFRR0N0WndJdlZiMGczUW5VLXdfby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzIvY2I4MzM5LWNlZTMtNDAzNy1iYWNjLWRjOGI1MmUzZWEw
YS8xL1RWOE1zR3BhUjdUZHJIOU5iZjFFcTZUVEh5NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBZBggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEBC6UUAME
BLLbgAMEArkLbAMEArllvAMEAsIdtAMEAcNuMgMEA9UFADAUBAIAAjAOAwUAKgDA
IAMFACoDIsAwDQYJKoZIhvcNAQELBQADggEBAFZ6gxO34gaj/nQ257nz2wmuEQv5
DCxkjK1Ha5Al+6pyqiBs+dmCkn40umbx3nQ09t515N6N6V0wEErDr01Oc/jaKo5D
RcLT9PQGz3gQ2jFicVpKX57p7ozuZy36GxGokdVMg8kb97pthaQQv2/Y74BAi8xg
pNbl+6P8JllYmzGzeEMv6qt4i52upoQebPokw+Qxs+I/hxHKNfhUhEz5vlxQZG2R
fYYA/dJMmwfzhV/cwZ5uHMVqOORs9smDCMoQRgrxO21YBkpd3sVbvt5YG+j8LfK4
+XevW3nUBPClUv8Fcy3V9syFa6jM72KtFY2WG7qtIf5pcIp/63FYZZRaEbg=
-----END CERTIFICATE-----
Generated at Wed Jul 26 11:17:26 2023 by rpki-client on console-fra.rpki-client.org