Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1mMQ6UkcvYW8Sd1nkBuTbeRV_zs.roa
File: 1mMQ6UkcvYW8Sd1nkBuTbeRV_zs.roa (raw, json)
Hash identifier: f5YDS4oSL9FJ5d8tJTnsq4EP0vv/YhtSrBw0wyzQJQY=
Subject key identifier: D6:63:10:E9:49:1C:BD:85:BC:49:DD:67:90:1B:93:6D:E4:55:FF:3B
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0187F8A5C25903133C13101DFE67CF558970
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1mMQ6UkcvYW8Sd1nkBuTbeRV_zs.roa
Signing time: Sun 07 May 2023 23:57:05 +0000
ROA not before: Sun 07 May 2023 23:57:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.231.205.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
45.84.1.0/24 maxlen: 24
188.119.122.0/24 maxlen: 24
188.119.121.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
5.182.36.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
45.93.8.0/24 maxlen: 24
45.93.9.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f8:a5:c2:59:03:13:3c:13:10:1d:fe:67:cf:55:89:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: May 7 23:57:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d66310e9491cbd85bc49dd67901b936de455ff3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:6f:87:ec:e0:0a:8a:06:5b:b7:7b:20:bd:4a:
1c:a2:d6:a6:84:78:66:d1:4f:42:69:6b:c8:de:b1:
a5:23:00:36:fb:71:c7:f1:e0:51:2a:f7:09:4d:cd:
68:65:ff:68:0e:ab:c4:09:17:00:0a:ad:ab:52:39:
26:77:b8:a4:50:b8:9c:43:bb:ee:cd:ed:8a:a3:7a:
65:8b:6f:f8:d4:22:27:f0:d0:de:b6:53:05:c5:bb:
33:c8:4b:78:ac:52:9e:1d:c8:5f:74:1e:aa:67:1f:
b2:8b:83:10:4c:72:02:7f:31:ab:50:3f:dc:e5:71:
47:c4:78:20:f9:60:3a:e0:e8:60:ca:23:0c:98:07:
21:fb:3b:50:61:bc:58:02:d4:fa:7d:44:4a:9a:38:
de:ef:22:f6:06:77:04:26:72:a7:77:e9:27:be:b2:
af:41:d9:74:02:1a:85:45:31:b2:31:de:6c:c5:41:
0f:68:73:d2:78:93:41:9c:94:53:6d:e6:d1:99:46:
ba:c3:85:54:56:0b:d7:b9:4f:82:54:53:2e:51:2e:
40:2c:2d:86:78:e4:9a:99:71:b6:98:00:39:d2:da:
7c:63:d9:d9:56:1d:79:77:cb:bf:1b:8b:14:5e:39:
94:9c:e9:2a:54:b0:f2:b6:07:ed:fd:92:92:f1:0e:
bc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:63:10:E9:49:1C:BD:85:BC:49:DD:67:90:1B:93:6D:E4:55:FF:3B
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/1mMQ6UkcvYW8Sd1nkBuTbeRV_zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/24
5.182.38.0/23
45.8.144.0-45.8.146.255
45.67.35.0/24
45.84.0.0/23
45.87.152.0-45.87.154.255
45.89.52.0/24
45.89.54.0/24
45.93.8.0/23
45.159.248.0/22
93.185.166.0/24
141.98.168.0-141.98.170.255
185.231.204.0/22
188.119.121.0-188.119.123.255
193.43.147.0/24
193.46.56.0/23
193.57.136.0-193.57.138.255
194.4.48.0/22
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
58:c8:be:cb:dc:48:f7:ad:37:ba:9e:89:9e:4c:9d:8b:97:c8:
ea:6f:d8:22:66:63:4e:2a:ac:97:ce:85:22:09:46:1b:47:8f:
0f:fc:4e:9c:aa:a2:58:e9:80:fa:ef:bb:cd:b3:6f:52:b6:32:
a1:45:9b:c9:ad:e3:bb:4d:60:06:13:35:24:d6:c9:32:65:2c:
20:4d:90:40:ca:9a:5f:4c:5f:9a:91:26:db:ef:75:be:2d:7c:
12:24:96:32:73:b9:85:66:00:24:fc:2f:c6:75:10:2a:68:75:
2c:da:5a:88:e4:1b:a3:a8:7b:7f:ea:d0:30:e2:9b:b1:3a:56:
12:07:d8:45:78:8b:54:65:f4:65:61:f5:87:44:9c:43:b8:59:
39:90:07:4f:6c:96:56:00:bc:aa:25:23:12:b9:58:be:28:56:
61:c0:b6:44:28:1a:cb:10:80:9c:77:c1:a5:81:f6:b4:be:fd:
cc:83:24:c4:9b:96:b6:a0:3f:91:5b:94:3c:77:b9:8e:8e:db:
14:12:86:c8:34:23:c1:74:df:8a:0c:2e:4f:f3:8e:4a:8a:ef:
b6:ad:d0:ab:b7:0f:bd:ad:48:d4:fd:25:44:3f:8d:96:07:72:
6a:24:4b:6a:b6:5e:ba:da:a5:9b:0d:e8:94:20:6d:f8:36:bf:
f7:73:e9:40
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYf4pcJZAxM8ExAd/mfPVYlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwNTA3MjM1NzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjYzMTBlOTQ5MWNiZDg1YmM0OWRkNjc5MDFiOTM2ZGU0NTVmZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8W+H7OAKigZbt3sgvUocotamhHhm
0U9CaWvI3rGlIwA2+3HH8eBRKvcJTc1oZf9oDqvECRcACq2rUjkmd7ikULicQ7vu
ze2Ko3pli2/41CIn8NDetlMFxbszyEt4rFKeHchfdB6qZx+yi4MQTHICfzGrUD/c
5XFHxHgg+WA64OhgyiMMmAch+ztQYbxYAtT6fURKmjje7yL2BncEJnKnd+knvrKv
Qdl0AhqFRTGyMd5sxUEPaHPSeJNBnJRTbebRmUa6w4VUVgvXuU+CVFMuUS5ALC2G
eOSamXG2mAA50tp8Y9nZVh15d8u/G4sUXjmUnOkqVLDytgft/ZKS8Q68PQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFNZjEOlJHL2FvEndZ5Abk23kVf87MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMW1NUTZVa2N2WVc4U2QxbmtCdVRiZVJWX3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAAF
tiQDBAEFtiYwDAMEBC0IkAMEAC0IkgMEAC1DIwMEAS1UADAMAwQDLVeYAwQALVea
AwQALVk0AwQALVk2AwQBLV0IAwQCLZ/4AwQAXbmmMAwDBAONYqgDBACNYqoDBAK5
58wwDAMEALx3eQMEArx3eAMEAMErkwMEAcEuODAMAwQDwTmIAwQAwTmKAwQCwgQw
AwQBwnSsAwQBwnS+MA0GCSqGSIb3DQEBCwUAA4IBAQBYyL7L3Ej3rTe6nomeTJ2L
l8jqb9giZmNOKqyXzoUiCUYbR48P/E6cqqJY6YD677vNs29StjKhRZvJreO7TWAG
EzUk1skyZSwgTZBAyppfTF+akSbb73W+LXwSJJYyc7mFZgAk/C/GdRAqaHUs2lqI
5BujqHt/6tAw4puxOlYSB9hFeItUZfRlYfWHRJxDuFk5kAdPbJZWALyqJSMSuVi+
KFZhwLZEKBrLEICcd8Glgfa0vv3MgyTEm5a2oD+RW5Q8d7mOjtsUEobINCPBdN+K
DC5P845Kiu+2rdCrtw+9rUjU/SVEP42WB3JqJEtqtl662qWbDeiUIG34Nr/3c+lA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org