Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/54KLtGsLOsFh_65dUGT7CbCgdb0.roa
File: 54KLtGsLOsFh_65dUGT7CbCgdb0.roa (raw, json)
Hash identifier: 8vGi/ceRjU7LGv3kK5ZE+vPVLqPMlZejPrm/oMDS+f0=
Subject key identifier: E7:82:8B:B4:6B:0B:3A:C1:61:FF:AE:5D:50:64:FB:09:B0:A0:75:BD
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 018AF0AD6C347E129DF6A97AE5A9E1621C3A
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/54KLtGsLOsFh_65dUGT7CbCgdb0.roa
Signing time: Mon 02 Oct 2023 13:56:51 +0000
ROA not before: Mon 02 Oct 2023 13:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201508
IP address blocks: 45.94.32.0/22 maxlen: 22
194.126.152.0/22 maxlen: 22
185.4.24.0/22 maxlen: 24
185.42.0.0/22 maxlen: 24
185.245.212.0/22 maxlen: 24
185.65.164.0/22 maxlen: 24
46.36.192.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:ad:6c:34:7e:12:9d:f6:a9:7a:e5:a9:e1:62:1c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Oct 2 13:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7828bb46b0b3ac161ffae5d5064fb09b0a075bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ff:0d:19:38:9e:d3:e5:0b:5d:39:04:de:fe:
46:ef:bd:48:bd:81:fe:70:4d:a8:04:c1:7c:a7:ae:
fe:42:b2:ea:ed:8b:d6:64:f6:2d:05:61:91:9e:f0:
ea:f2:3f:92:95:8d:04:c6:2f:ef:5f:01:9f:a1:7c:
ea:0e:0b:2a:1a:7c:20:09:bd:b5:12:5e:94:05:7b:
c9:cd:cf:a1:89:cf:aa:3f:2d:7b:92:77:25:22:a0:
d8:2a:95:bf:63:7a:b1:cb:75:14:29:cd:21:fe:9c:
29:fa:53:d1:fb:c5:ef:4b:02:02:f7:80:62:d5:9a:
4a:45:ba:27:b3:5c:e7:99:9a:ef:8f:be:a9:2c:80:
d4:68:e2:eb:32:77:c6:b6:d7:14:8e:bf:be:fd:5a:
32:69:e9:b1:a6:c3:ff:37:a6:5e:07:e2:43:15:fc:
b9:31:60:da:53:86:00:3b:a5:ca:a0:7c:bf:13:e7:
f5:f8:fd:dd:60:87:48:c0:7b:63:eb:ce:1e:dd:81:
f9:79:92:41:fb:21:73:d4:ef:6a:5c:54:f2:1a:83:
28:77:57:cc:f2:09:00:a8:92:ca:27:b4:05:65:f1:
9e:1b:f0:70:27:b7:c6:d5:01:48:e0:b0:89:d5:a6:
ac:5f:a5:21:2c:92:98:d5:aa:fc:f3:b3:25:bb:af:
d3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:82:8B:B4:6B:0B:3A:C1:61:FF:AE:5D:50:64:FB:09:B0:A0:75:BD
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/54KLtGsLOsFh_65dUGT7CbCgdb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.32.0/22
46.36.192.0/21
185.4.24.0/22
185.42.0.0/22
185.65.164.0/22
185.245.212.0/22
194.126.152.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:e5:1c:9b:09:ab:fc:32:8f:fc:8f:53:5b:4a:51:b1:b7:4f:
ba:2f:43:51:a0:96:bf:f5:83:2b:ac:1e:75:fc:68:64:c5:d0:
91:da:31:2d:fc:9c:bc:0c:70:b7:7e:eb:4b:83:56:bf:1b:28:
cd:b0:b0:9e:14:0d:da:ca:e5:42:ba:3c:b5:5e:f6:da:17:a3:
f6:28:2a:33:20:05:a3:48:73:aa:97:57:bd:c0:f2:b0:de:56:
66:b1:fd:2d:90:7f:12:80:3e:b2:db:d7:ec:4d:82:f7:61:3f:
67:b0:ac:02:a1:6b:a3:86:3a:b2:34:a1:f6:12:9c:cc:75:08:
24:ee:33:eb:d3:1a:26:54:e5:88:fc:2a:b8:79:f0:bd:77:c6:
50:10:a7:ac:1d:01:f6:ea:ed:7f:62:42:ff:d4:7d:18:3e:54:
67:af:eb:42:92:d9:2e:f6:ea:50:32:6d:1a:d6:bc:24:9f:19:
69:2e:2d:1a:99:49:ec:71:d4:6b:59:28:17:b3:c5:04:24:f1:
d5:92:b2:19:4b:12:11:d2:96:31:bb:95:38:e6:c5:c2:78:29:
3f:f1:05:08:7f:f3:8b:48:bc:c2:14:bb:ce:de:68:2f:ab:00:
35:23:dc:55:55:bf:64:a9:11:2d:d7:bd:a6:f7:ae:27:1a:69:
86:58:3a:0e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrwrWw0fhKd9ql65anhYhw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMxMDAyMTM1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzgyOGJiNDZiMGIzYWMxNjFmZmFlNWQ1MDY0ZmIwOWIwYTA3NWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf8NGTie0+ULXTkE3v5G771IvYH+
cE2oBMF8p67+QrLq7YvWZPYtBWGRnvDq8j+SlY0Exi/vXwGfoXzqDgsqGnwgCb21
El6UBXvJzc+hic+qPy17knclIqDYKpW/Y3qxy3UUKc0h/pwp+lPR+8XvSwIC94Bi
1ZpKRbons1znmZrvj76pLIDUaOLrMnfGttcUjr++/VoyaemxpsP/N6ZeB+JDFfy5
MWDaU4YAO6XKoHy/E+f1+P3dYIdIwHtj684e3YH5eZJB+yFz1O9qXFTyGoMod1fM
8gkAqJLKJ7QFZfGeG/BwJ7fG1QFI4LCJ1aasX6UhLJKY1ar887Mlu6/TYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOeCi7RrCzrBYf+uXVBk+wmwoHW9MB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvNTRLTHRHc0xPc0ZoXzY1ZFVHVDdDYkNnZGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLV4gAwQD
LiTAAwQCuQQYAwQCuSoAAwQCuUGkAwQCufXUAwQCwn6YMA0GCSqGSIb3DQEBCwUA
A4IBAQA85RybCav8Mo/8j1NbSlGxt0+6L0NRoJa/9YMrrB51/GhkxdCR2jEt/Jy8
DHC3futLg1a/GyjNsLCeFA3ayuVCujy1XvbaF6P2KCozIAWjSHOql1e9wPKw3lZm
sf0tkH8SgD6y29fsTYL3YT9nsKwCoWujhjqyNKH2EpzMdQgk7jPr0xomVOWI/Cq4
efC9d8ZQEKesHQH26u1/YkL/1H0YPlRnr+tCktku9upQMm0a1rwknxlpLi0amUns
cdRrWSgXs8UEJPHVkrIZSxIR0pYxu5U45sXCeCk/8QUIf/OLSLzCFLvO3mgvqwA1
I9xVVb9kqREt172m964nGmmGWDoO
-----END CERTIFICATE-----
Generated at Tue Oct 31 13:03:12 2023 by rpki-client on console-ams.rpki-client.org