Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/Yz0fzWr8NRvhcTDhZh0PNmkpoYE.roa
File: Yz0fzWr8NRvhcTDhZh0PNmkpoYE.roa (raw, json)
Hash identifier: Ay5DhgmMz2cXgpfeODdz15J+vw/FaTG/yBW6zVIIQ04=
Subject key identifier: 63:3D:1F:CD:6A:FC:35:1B:E1:71:30:E1:66:1D:0F:36:69:29:A1:81
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 0187B21B8F552CE61575C7ECFD169214207B
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/Yz0fzWr8NRvhcTDhZh0PNmkpoYE.roa
Signing time: Mon 24 Apr 2023 07:12:43 +0000
ROA not before: Mon 24 Apr 2023 07:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51175
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.190.0/24 maxlen: 24
185.101.188.0/22 maxlen: 22
195.110.50.0/23 maxlen: 23
213.5.0.0/21 maxlen: 22
185.11.108.0/22 maxlen: 24
46.148.80.0/20 maxlen: 20
178.219.128.0/20 maxlen: 24
2a00:c020::/32 maxlen: 32
2a03:22c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b2:1b:8f:55:2c:e6:15:75:c7:ec:fd:16:92:14:20:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Apr 24 07:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=633d1fcd6afc351be17130e1661d0f366929a181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8e:4e:b1:ab:c1:49:e1:d7:48:2b:4a:54:75:
0c:81:cf:95:d0:ef:f1:56:a2:b8:b7:73:fa:51:fb:
a7:97:c9:c1:a6:f7:82:1b:49:50:e3:3a:d2:1b:62:
58:05:71:50:d1:92:a2:03:0b:d7:9f:38:75:ef:c2:
7f:a5:6a:d7:32:8f:4c:90:2d:49:27:c1:24:be:39:
f3:00:90:89:c5:f9:e3:fe:c9:44:2e:da:71:37:f5:
1f:54:83:a7:15:53:be:7f:a5:a7:53:94:29:eb:90:
b1:5f:7f:79:0d:ff:a3:91:00:1f:57:4a:cc:61:70:
78:67:d0:2c:20:d0:3e:f9:94:2a:1c:c1:07:68:4e:
5a:e7:3a:7a:85:93:f8:2f:93:c9:c6:70:fe:02:53:
70:55:93:b8:7f:7d:61:2c:47:0b:2d:a8:73:8e:83:
6a:65:03:74:7b:61:d4:96:8d:63:f3:cd:7b:ac:02:
9e:8f:5b:7e:7e:3f:a8:b9:5f:5b:37:c3:15:ca:16:
bd:be:c6:0f:9a:ed:0e:9c:21:14:32:94:0a:35:9f:
a4:4c:0e:35:37:21:62:d2:3d:5b:39:24:e9:d2:f4:
8b:eb:54:2b:18:c3:94:2b:2b:13:e1:52:08:a7:f8:
ba:07:1e:61:ad:5d:b3:22:0d:71:d4:84:31:16:c2:
9d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3D:1F:CD:6A:FC:35:1B:E1:71:30:E1:66:1D:0F:36:69:29:A1:81
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/Yz0fzWr8NRvhcTDhZh0PNmkpoYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.80.0/20
178.219.128.0/20
185.11.108.0/22
185.101.188.0/22
194.29.180.0/22
195.110.50.0/23
213.5.0.0/21
IPv6:
2a00:c020::/32
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
c8:0f:be:01:1e:31:a3:f4:72:b1:9c:6e:28:ab:73:79:2b:55:
f4:34:bb:f2:21:b3:c4:ab:50:ce:40:ce:ed:86:a7:26:03:06:
69:35:f0:62:90:3c:b1:81:fe:f6:47:4e:e4:54:10:27:ec:95:
af:fd:96:0d:35:d6:7c:3c:b3:54:66:ec:d7:e0:48:4b:e1:30:
d3:1b:be:5b:1a:98:79:8e:5c:66:ac:66:df:52:af:74:8d:70:
bf:ff:ab:11:fc:af:b6:7b:04:16:0c:8d:12:fe:7a:36:42:1b:
4b:49:85:49:bb:98:b1:13:c9:67:45:a1:62:42:00:08:9f:27:
6c:40:67:55:fd:25:0a:ee:ba:81:73:05:09:57:5f:6b:82:39:
8a:82:3a:1a:5d:88:0d:60:70:40:9b:89:8e:1e:d7:6f:31:3e:
3b:ff:1c:68:2a:c0:65:99:a7:d2:e2:19:de:6b:5e:08:48:73:
38:be:98:80:ea:08:ee:04:83:31:7c:85:db:2b:0a:1b:7f:80:
8c:d1:de:20:4f:ed:76:a4:f5:15:72:e4:38:8f:e0:f0:d2:90:
e4:ed:43:5a:6c:50:d0:5b:75:b3:28:a1:50:c9:cf:c3:39:9e:
f4:5c:27:83:cc:8d:3a:b1:fc:9c:6b:f8:de:b1:98:27:c9:8f:
d5:79:39:92
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYeyG49VLOYVdcfs/RaSFCB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwNDI0MDcxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNkMWZjZDZhZmMzNTFiZTE3MTMwZTE2NjFkMGYzNjY5MjlhMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY5OsavBSeHXSCtKVHUMgc+V0O/x
VqK4t3P6Ufunl8nBpveCG0lQ4zrSG2JYBXFQ0ZKiAwvXnzh178J/pWrXMo9MkC1J
J8EkvjnzAJCJxfnj/slELtpxN/UfVIOnFVO+f6WnU5Qp65CxX395Df+jkQAfV0rM
YXB4Z9AsINA++ZQqHMEHaE5a5zp6hZP4L5PJxnD+AlNwVZO4f31hLEcLLahzjoNq
ZQN0e2HUlo1j8817rAKej1t+fj+ouV9bN8MVyha9vsYPmu0OnCEUMpQKNZ+kTA41
NyFi0j1bOSTp0vSL61QrGMOUKysT4VIIp/i6Bx5hrV2zIg1x1IQxFsKduwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGM9H81q/DUb4XEw4WYdDzZpKaGBMB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvWXowZnpXcjhOUnZoY1REaFpoMFBObWtwb1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQELpRQAwQE
stuAAwQCuQtsAwQCuWW8AwQCwh20AwQBw24yAwQD1QUAMBQEAgACMA4DBQAqAMAg
AwUAKgMiwDANBgkqhkiG9w0BAQsFAAOCAQEAyA++AR4xo/RysZxuKKtzeStV9DS7
8iGzxKtQzkDO7YanJgMGaTXwYpA8sYH+9kdO5FQQJ+yVr/2WDTXWfDyzVGbs1+BI
S+Ew0xu+WxqYeY5cZqxm31KvdI1wv/+rEfyvtnsEFgyNEv56NkIbS0mFSbuYsRPJ
Z0WhYkIACJ8nbEBnVf0lCu66gXMFCVdfa4I5ioI6Gl2IDWBwQJuJjh7XbzE+O/8c
aCrAZZmn0uIZ3mteCEhzOL6YgOoI7gSDMXyF2ysKG3+AjNHeIE/tdqT1FXLkOI/g
8NKQ5O1DWmxQ0Ft1syihUMnPwzme9Fwng8yNOrH8nGv43rGYJ8mP1Xk5kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:01 2023 by rpki-client on console-ams.rpki-client.org