Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/weRtoON5QnYOASdVVfriQT-qZdc.roa
File: weRtoON5QnYOASdVVfriQT-qZdc.roa (raw, json)
Hash identifier: qABRGZFaSai3x0EctCV2ztT/SLtxh2sma9zKrbDq9+4=
Subject key identifier: C1:E4:6D:A0:E3:79:42:76:0E:01:27:55:55:FA:E2:41:3F:AA:65:D7
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 018991CEA8F0956CDAF1D0C5557938B71465
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/weRtoON5QnYOASdVVfriQT-qZdc.roa
Signing time: Wed 26 Jul 2023 10:46:27 +0000
ROA not before: Wed 26 Jul 2023 10:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51175
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.188.0/22 maxlen: 22
195.110.50.0/23 maxlen: 23
213.5.0.0/21 maxlen: 21
185.11.108.0/22 maxlen: 22
46.148.80.0/20 maxlen: 20
178.219.128.0/20 maxlen: 20
2a00:c020::/32 maxlen: 32
2a03:22c0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:91:ce:a8:f0:95:6c:da:f1:d0:c5:55:79:38:b7:14:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Jul 26 10:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1e46da0e37942760e01275555fae2413faa65d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cf:e6:66:da:29:ee:24:c5:dd:57:b7:5e:0e:
3c:b2:92:5f:58:9a:a8:69:c1:8c:3f:ca:a5:26:b2:
b2:fd:07:7f:83:24:08:89:42:f2:1b:59:ba:d6:7a:
42:dd:e2:12:12:e8:1e:98:c6:ef:31:12:10:11:e3:
92:b8:3c:86:ed:e4:5f:9d:85:e3:8a:33:17:ab:91:
d2:4d:fa:8c:4f:cf:a2:27:43:a4:94:1f:98:e4:01:
0a:c8:e9:c3:28:52:ce:0f:19:a5:7e:d4:cf:42:76:
fb:58:9d:fb:b1:c9:cd:92:0d:6c:6b:e9:75:24:16:
dc:0a:0a:5d:e2:a2:30:1e:f7:2a:aa:a3:6a:6e:79:
25:a2:33:b0:74:ea:5e:48:c4:b8:de:0a:92:c8:eb:
d9:68:a4:53:50:56:f5:78:31:56:82:c8:54:59:3e:
02:ee:6f:c9:fa:91:6f:48:1a:ce:8f:7c:fe:b8:a1:
29:7c:3e:e1:97:a1:c7:33:29:19:8a:13:19:28:5c:
e6:1c:b9:dc:0e:d9:c5:ee:c2:ca:af:b3:35:db:e5:
f2:5b:11:26:7b:3c:76:5b:21:27:57:dc:da:ed:5c:
22:e4:94:e9:97:0a:ac:f8:16:f1:38:78:da:0e:62:
5b:4d:e9:f5:e6:d9:0e:f0:16:5b:0d:ce:ee:16:b8:
52:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E4:6D:A0:E3:79:42:76:0E:01:27:55:55:FA:E2:41:3F:AA:65:D7
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/weRtoON5QnYOASdVVfriQT-qZdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.80.0/20
178.219.128.0/20
185.11.108.0/22
185.101.188.0/22
194.29.180.0/22
195.110.50.0/23
213.5.0.0/21
IPv6:
2a00:c020::/32
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
04:2c:17:d5:e6:8a:b1:91:25:ba:70:88:b3:e5:33:1c:e0:ea:
14:fc:5b:3a:42:4c:69:ea:7f:c8:29:17:b6:7a:16:f1:c8:dc:
11:d0:2d:47:55:07:5c:3a:26:5c:84:ca:79:ae:e8:76:de:a5:
07:b7:6a:51:d2:8c:1e:17:2d:51:48:a6:95:5b:c2:14:21:7d:
05:70:d3:46:8f:27:ab:a3:5a:8a:a9:ef:37:8b:91:6b:95:3d:
f8:e8:8f:99:c4:87:94:02:81:39:34:bf:86:d2:9a:d5:dc:42:
e5:ee:60:a2:d5:8a:38:44:57:b9:ae:0e:80:75:4e:14:fe:55:
58:f4:2a:c3:5a:3a:f8:26:b3:58:75:79:c8:10:19:94:40:95:
bc:9d:ae:e5:77:58:75:4a:c0:0a:52:ca:5a:70:50:9f:af:43:
8b:ec:c0:99:bf:3b:c9:6b:57:88:8d:ca:3d:8a:86:a3:d0:6a:
7d:8b:7a:b4:4d:17:b5:1c:60:d7:65:36:1a:b4:68:c7:9c:33:
29:e1:e2:e2:93:17:b0:4d:56:e6:d1:fd:cd:aa:c9:88:06:87:
90:26:6f:3d:71:d9:63:87:c0:30:39:7f:9c:23:05:cf:f2:d4:
3a:d1:a1:3d:62:ad:21:f8:5f:3f:7e:93:fd:56:85:e1:3e:ad:
99:20:2b:8a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYmRzqjwlWza8dDFVXk4txRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwNzI2MTA0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU0NmRhMGUzNzk0Mjc2MGUwMTI3NTU1NWZhZTI0MTNmYWE2NWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM/mZtop7iTF3Ve3Xg48spJfWJqo
acGMP8qlJrKy/Qd/gyQIiULyG1m61npC3eISEugemMbvMRIQEeOSuDyG7eRfnYXj
ijMXq5HSTfqMT8+iJ0OklB+Y5AEKyOnDKFLODxmlftTPQnb7WJ37scnNkg1sa+l1
JBbcCgpd4qIwHvcqqqNqbnklojOwdOpeSMS43gqSyOvZaKRTUFb1eDFWgshUWT4C
7m/J+pFvSBrOj3z+uKEpfD7hl6HHMykZihMZKFzmHLncDtnF7sLKr7M12+XyWxEm
ezx2WyEnV9za7Vwi5JTplwqs+BbxOHjaDmJbTen15tkO8BZbDc7uFrhSCQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMHkbaDjeUJ2DgEnVVX64kE/qmXXMB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvd2VSdG9PTjVRbllPQVNkVlZmcmlRVC1xWmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQELpRQAwQE
stuAAwQCuQtsAwQCuWW8AwQCwh20AwQBw24yAwQD1QUAMBQEAgACMA4DBQAqAMAg
AwUAKgMiwDANBgkqhkiG9w0BAQsFAAOCAQEABCwX1eaKsZElunCIs+UzHODqFPxb
OkJMaep/yCkXtnoW8cjcEdAtR1UHXDomXITKea7odt6lB7dqUdKMHhctUUimlVvC
FCF9BXDTRo8nq6NaiqnvN4uRa5U9+OiPmcSHlAKBOTS/htKa1dxC5e5gotWKOERX
ua4OgHVOFP5VWPQqw1o6+CazWHV5yBAZlECVvJ2u5XdYdUrAClLKWnBQn69Di+zA
mb87yWtXiI3KPYqGo9BqfYt6tE0XtRxg12U2GrRox5wzKeHi4pMXsE1W5tH9zarJ
iAaHkCZvPXHZY4fAMDl/nCMFz/LUOtGhPWKtIfhfP36T/VaF4T6tmSArig==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:38 2024 by rpki-client on console-ams.rpki-client.org