Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/0jqxHpS32fUPi06qRxeG6WizpCg.roa
File: 0jqxHpS32fUPi06qRxeG6WizpCg.roa (raw, json)
Hash identifier: 6cnFKNt5dqRLLMXGGmnr6sGzQPZYD/06wwEh1UmiZpg=
Subject key identifier: D2:3A:B1:1E:94:B7:D9:F5:0F:8B:4E:AA:47:17:86:E9:68:B3:A4:28
Certificate issuer: /CN=4ccbc5e045eaa5f762a9146244c19248b62ba976
Certificate serial: 01856CE5FECE37DC1F2CE723864B994C1D05
Authority key identifier: 4C:CB:C5:E0:45:EA:A5:F7:62:A9:14:62:44:C1:92:48:B6:2B:A9:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TMvF4EXqpfdiqRRiRMGSSLYrqXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/0jqxHpS32fUPi06qRxeG6WizpCg.roa
Signing time: Sun 01 Jan 2023 10:34:50 +0000
ROA not before: Sun 01 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48095
IP address blocks: 185.228.216.0/22 maxlen: 22
194.15.104.0/23 maxlen: 23
77.83.164.0/23 maxlen: 23
194.15.106.0/23 maxlen: 23
195.242.208.0/22 maxlen: 22
212.115.60.0/23 maxlen: 23
212.115.62.0/23 maxlen: 23
77.83.166.0/23 maxlen: 23
185.254.64.0/22 maxlen: 22
185.210.40.0/22 maxlen: 22
185.224.140.0/22 maxlen: 22
80.65.220.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:fe:ce:37:dc:1f:2c:e7:23:86:4b:99:4c:1d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ccbc5e045eaa5f762a9146244c19248b62ba976
Validity
Not Before: Jan 1 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d23ab11e94b7d9f50f8b4eaa471786e968b3a428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:77:b5:94:bd:ae:1c:b6:ae:ed:76:6d:39:61:
90:64:0b:cf:84:80:32:5f:a8:68:8d:ee:0e:2f:65:
99:0a:95:5f:f5:a5:f0:71:71:6c:e5:83:11:8d:0b:
04:5d:31:5e:7b:dd:2f:02:aa:3f:b0:c9:e6:2d:52:
46:d8:80:14:84:54:71:04:0a:60:69:94:91:df:df:
11:7c:12:c4:f5:bc:aa:e7:74:d1:da:7c:e8:fc:3f:
f2:78:cb:b3:db:f5:6f:89:5f:85:b5:fe:60:01:6a:
72:e5:46:16:f7:dd:da:4e:c0:82:f7:27:75:e5:65:
ad:04:f5:73:c9:4b:b2:c2:55:62:80:bc:9e:af:4b:
da:74:af:8a:5b:5f:52:1d:73:09:c9:95:7e:5e:59:
09:e1:43:85:14:1e:84:e7:72:a5:14:8a:cb:27:57:
da:74:92:73:90:cd:b7:92:7a:8c:a2:95:95:00:c9:
30:3e:49:aa:c5:d8:d7:85:70:e5:00:cb:1b:6e:86:
b5:ce:89:32:6d:69:f7:9c:04:61:39:e8:cf:1f:a3:
5c:41:5f:d6:b5:15:44:0c:09:ab:0f:1a:6f:52:6b:
25:e3:3d:db:2c:2f:1f:13:77:ca:88:4a:4b:c2:05:
b6:e8:17:bb:28:3f:45:46:02:0b:8f:92:68:34:75:
0a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3A:B1:1E:94:B7:D9:F5:0F:8B:4E:AA:47:17:86:E9:68:B3:A4:28
X509v3 Authority Key Identifier:
keyid:4C:CB:C5:E0:45:EA:A5:F7:62:A9:14:62:44:C1:92:48:B6:2B:A9:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TMvF4EXqpfdiqRRiRMGSSLYrqXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/0jqxHpS32fUPi06qRxeG6WizpCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/bf66dd-6237-48de-aed7-a7c59ddcf76b/1/TMvF4EXqpfdiqRRiRMGSSLYrqXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.164.0/22
80.65.220.0/22
185.210.40.0/22
185.224.140.0/22
185.228.216.0/22
185.254.64.0/22
194.15.104.0/22
195.242.208.0/22
212.115.60.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:91:52:e8:7f:4f:d5:d8:ad:23:be:c9:d7:46:e1:f6:1a:bc:
2d:d7:b9:b9:3a:1c:c1:5b:e0:79:3e:0c:c6:50:b7:a1:4d:84:
68:62:49:91:70:d4:a8:da:d0:5d:1c:1b:b5:6b:3b:f5:cb:be:
5c:3c:c2:e2:92:2c:f6:57:b9:24:68:30:39:6f:d1:f0:64:85:
24:14:ab:f7:04:9e:2f:46:04:cf:7d:a7:67:60:76:ad:8c:1e:
55:b5:69:b4:2b:27:a6:cb:e6:18:cc:6d:db:bf:26:0f:39:de:
c1:aa:a2:12:ec:1e:6b:ab:4d:b7:7a:fb:37:6b:34:6b:29:fc:
eb:fd:11:ee:cd:e9:cd:cb:8f:76:e0:c5:f0:78:3b:b7:b1:f2:
4d:e5:51:5c:7f:a5:99:4a:c6:9a:48:9c:11:d4:43:12:8d:53:
b5:7f:e1:7e:39:08:f8:87:4d:5a:f0:33:53:07:70:5e:f9:fa:
ea:da:81:e7:58:dd:98:23:90:ba:31:df:04:7d:96:c1:01:da:
71:f8:89:ea:a2:e5:ca:99:fd:2b:3f:7b:4e:24:29:ed:55:48:
1c:15:9f:8d:5c:e7:a3:98:4c:da:5e:df:fd:ee:a2:a7:46:a1:
7b:8e:6c:df:0d:20:4e:a6:c9:cd:9a:d1:a4:96:0f:31:9e:fd:
d7:5f:58:b3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVs5f7ON9wfLOcjhkuZTB0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjY2JjNWUwNDVlYWE1Zjc2MmE5MTQ2MjQ0YzE5MjQ4YjYy
YmE5NzYwHhcNMjMwMTAxMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjNhYjExZTk0YjdkOWY1MGY4YjRlYWE0NzE3ODZlOTY4YjNhNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAone1lL2uHLau7XZtOWGQZAvPhIAy
X6hoje4OL2WZCpVf9aXwcXFs5YMRjQsEXTFee90vAqo/sMnmLVJG2IAUhFRxBApg
aZSR398RfBLE9byq53TR2nzo/D/yeMuz2/VviV+Ftf5gAWpy5UYW993aTsCC9yd1
5WWtBPVzyUuywlVigLyer0vadK+KW19SHXMJyZV+XlkJ4UOFFB6E53KlFIrLJ1fa
dJJzkM23knqMopWVAMkwPkmqxdjXhXDlAMsbboa1zokybWn3nARhOejPH6NcQV/W
tRVEDAmrDxpvUmsl4z3bLC8fE3fKiEpLwgW26Be7KD9FRgILj5JoNHUKAQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNI6sR6Ut9n1D4tOqkcXhulos6QoMB8GA1UdIwQY
MBaAFEzLxeBF6qX3YqkUYkTBkki2K6l2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE12RjRFWHFwZmRpcVJSaVJNR1NTTFlycVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iZjY2ZGQtNjIzNy00OGRlLWFlZDct
YTdjNTlkZGNmNzZiLzEvMGpxeEhwUzMyZlVQaTA2cVJ4ZUc2V2l6cENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iZjY2ZGQtNjIzNy00OGRlLWFlZDctYTdjNTlkZGNmNzZi
LzEvVE12RjRFWHFwZmRpcVJSaVJNR1NTTFlycVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCTVOkAwQC
UEHcAwQCudIoAwQCueCMAwQCueTYAwQCuf5AAwQCwg9oAwQCw/LQAwQC1HM8MA0G
CSqGSIb3DQEBCwUAA4IBAQBOkVLof0/V2K0jvsnXRuH2Grwt17m5OhzBW+B5PgzG
ULehTYRoYkmRcNSo2tBdHBu1azv1y75cPMLikiz2V7kkaDA5b9HwZIUkFKv3BJ4v
RgTPfadnYHatjB5VtWm0Kyemy+YYzG3bvyYPOd7BqqIS7B5rq023evs3azRrKfzr
/RHuzenNy4924MXweDu3sfJN5VFcf6WZSsaaSJwR1EMSjVO1f+F+OQj4h01a8DNT
B3Be+frq2oHnWN2YI5C6Md8EfZbBAdpx+InqouXKmf0rP3tOJCntVUgcFZ+NXOej
mEzaXt/97qKnRqF7jmzfDSBOpsnNmtGklg8xnv3XX1iz
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:58 2024 by rpki-client on console-ams.rpki-client.org