Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/Rgm1T4knwPgpeh-gEjWYNM5v55g.roa
File: Rgm1T4knwPgpeh-gEjWYNM5v55g.roa (raw, json)
Hash identifier: ruolGP6iaQ0VtnZk5EXY2u/GCv2Ry0j5oogPBgbH/As=
Subject key identifier: 46:09:B5:4F:89:27:C0:F8:29:7A:1F:A0:12:35:98:34:CE:6F:E7:98
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 018B23A8538A0BDB33EFF035A189D4423777
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/Rgm1T4knwPgpeh-gEjWYNM5v55g.roa
Signing time: Thu 12 Oct 2023 11:31:55 +0000
ROA not before: Thu 12 Oct 2023 11:31:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205394
IP address blocks: 185.201.164.0/22 maxlen: 24
185.180.172.0/23 maxlen: 23
185.176.124.0/22 maxlen: 24
46.226.72.0/21 maxlen: 24
2a0a:c840::/29 maxlen: 32
2a00:5a00::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:a8:53:8a:0b:db:33:ef:f0:35:a1:89:d4:42:37:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Oct 12 11:31:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4609b54f8927c0f8297a1fa012359834ce6fe798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:13:79:93:9f:15:e8:d5:d6:97:8d:2a:b7:93:
d3:2f:8e:bc:8f:7f:8f:ce:6f:af:90:3a:38:d8:f4:
97:53:27:c6:25:d2:b2:9d:16:8e:18:ef:7d:0e:0e:
e4:d6:05:60:aa:51:20:cc:9e:85:49:1e:35:67:f7:
3d:dc:a4:35:96:a3:2e:a4:41:3a:fe:6c:ec:41:fd:
bf:9d:22:1c:3a:19:14:04:fc:a6:d6:50:8e:53:c5:
2a:0e:dd:f2:39:8d:fc:92:a7:85:39:da:27:d7:62:
e4:0a:66:57:11:b7:5d:03:fb:c1:dd:71:0a:df:81:
67:c9:23:9b:5d:d7:54:61:5d:cc:8f:b7:c7:7e:15:
c4:87:2e:3d:d5:28:6a:00:d7:10:f4:cf:b0:f5:7a:
3b:29:ff:d9:9b:db:9d:6e:73:4a:04:cb:75:d1:ac:
00:41:2f:0b:99:9c:14:f1:c5:9d:14:48:cc:8f:01:
81:df:7f:a4:00:c6:16:e7:e7:ba:02:0f:56:b4:4e:
c2:33:66:f7:6d:07:7d:f8:be:5d:41:6d:1f:f0:51:
d6:9b:00:b4:5c:3e:80:5e:d1:bb:5d:f4:d9:c0:05:
9e:b9:2b:18:40:c0:df:f2:80:cd:53:fe:75:21:f0:
2d:ec:5e:ab:5c:2f:a4:4e:3d:70:97:28:6b:66:2d:
da:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:09:B5:4F:89:27:C0:F8:29:7A:1F:A0:12:35:98:34:CE:6F:E7:98
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/Rgm1T4knwPgpeh-gEjWYNM5v55g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
185.176.124.0/22
185.180.172.0/23
185.201.164.0/22
IPv6:
2a00:5a00::/32
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
a7:3c:ea:5b:94:3f:0f:9a:99:5e:9d:3d:a5:25:c5:db:84:bc:
e6:32:91:a4:a0:d5:cc:b5:28:35:c9:0b:54:7b:dd:40:93:ce:
9b:9e:f4:a0:fe:72:da:9a:44:72:06:59:74:ca:9f:16:10:67:
38:7d:a1:49:aa:c8:2a:9e:b7:78:2e:ed:5e:c1:21:0c:3a:2d:
43:10:e2:6a:3d:4f:f3:5e:9d:24:48:79:ac:c4:6a:db:92:59:
26:0f:d0:56:9d:82:d8:dd:ed:4b:94:3a:37:fd:d0:83:62:11:
55:35:4d:49:1d:4d:5c:5e:63:ba:da:d9:57:ec:c2:70:9c:bf:
d4:31:54:2c:6e:ac:18:e4:f2:f4:4d:19:bb:71:b9:ed:5f:2a:
3c:2d:d2:73:0f:f3:f2:38:62:78:8c:7e:03:93:83:80:0d:d6:
96:53:fb:f0:62:af:dc:6e:f1:d8:1b:e3:26:e6:a3:cc:fe:31:
04:63:c7:f8:75:6f:52:71:34:a0:a5:24:80:f3:e2:5a:70:a9:
ee:73:be:dd:7b:cb:b0:05:6b:03:82:b7:a3:bb:28:04:18:5a:
52:9a:df:f6:ca:38:5b:a8:b9:d7:81:61:37:fc:27:e2:8b:c4:
be:35:51:c9:d8:3e:88:cc:7c:2c:d7:bb:ec:21:ce:35:2b:6d:
65:fe:0c:27
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYsjqFOKC9sz7/A1oYnUQjd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjMxMDEyMTEzMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjA5YjU0Zjg5MjdjMGY4Mjk3YTFmYTAxMjM1OTgzNGNlNmZlNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxN5k58V6NXWl40qt5PTL468j3+P
zm+vkDo42PSXUyfGJdKynRaOGO99Dg7k1gVgqlEgzJ6FSR41Z/c93KQ1lqMupEE6
/mzsQf2/nSIcOhkUBPym1lCOU8UqDt3yOY38kqeFOdon12LkCmZXEbddA/vB3XEK
34FnySObXddUYV3Mj7fHfhXEhy491ShqANcQ9M+w9Xo7Kf/Zm9udbnNKBMt10awA
QS8LmZwU8cWdFEjMjwGB33+kAMYW5+e6Ag9WtE7CM2b3bQd9+L5dQW0f8FHWmwC0
XD6AXtG7XfTZwAWeuSsYQMDf8oDNU/51IfAt7F6rXC+kTj1wlyhrZi3aNwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEYJtU+JJ8D4KXofoBI1mDTOb+eYMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvUmdtMVQ0a253UGdwZWgtZ0VqV1lOTTV2NTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLuJIAwQC
ubB8AwQBubSsAwQCucmkMBQEAgACMA4DBQAqAFoAAwUDKgrIQDANBgkqhkiG9w0B
AQsFAAOCAQEApzzqW5Q/D5qZXp09pSXF24S85jKRpKDVzLUoNckLVHvdQJPOm570
oP5y2ppEcgZZdMqfFhBnOH2hSarIKp63eC7tXsEhDDotQxDiaj1P816dJEh5rMRq
25JZJg/QVp2C2N3tS5Q6N/3Qg2IRVTVNSR1NXF5jutrZV+zCcJy/1DFULG6sGOTy
9E0Zu3G57V8qPC3Scw/z8jhieIx+A5ODgA3WllP78GKv3G7x2BvjJuajzP4xBGPH
+HVvUnE0oKUkgPPiWnCp7nO+3XvLsAVrA4K3o7soBBhaUprf9so4W6i514FhN/wn
4ovEvjVRydg+iMx8LNe77CHONSttZf4MJw==
-----END CERTIFICATE-----
Generated at Mon Oct 16 09:54:53 2023 by rpki-client on console-fra.rpki-client.org