Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/3TSvGTcPGM0Juls_qSn8udEEeaU.roa
File: 3TSvGTcPGM0Juls_qSn8udEEeaU.roa (raw, json)
Hash identifier: JAMcGnS25RREks9FBYlQfR6vSGUbdajDE6uXgQ/uI8c=
Subject key identifier: DD:34:AF:19:37:0F:18:CD:09:BA:5B:3F:A9:29:FC:B9:D1:04:79:A5
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 01856B0A34C552C5D04DE18983579BDB4D14
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/3TSvGTcPGM0Juls_qSn8udEEeaU.roa
Signing time: Sun 01 Jan 2023 01:55:09 +0000
ROA not before: Sun 01 Jan 2023 01:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 193.202.80.0/23 maxlen: 23
193.202.82.0/23 maxlen: 23
45.145.130.0/23 maxlen: 23
83.142.52.0/23 maxlen: 23
83.142.54.0/23 maxlen: 23
45.80.104.0/23 maxlen: 23
212.119.44.0/23 maxlen: 23
212.119.46.0/23 maxlen: 23
45.140.206.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:34:c5:52:c5:d0:4d:e1:89:83:57:9b:db:4d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 1 01:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd34af19370f18cd09ba5b3fa929fcb9d10479a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:67:f1:60:c7:a7:91:23:76:30:de:0b:6e:34:
9e:4e:a8:f1:0f:6a:e1:d9:4a:91:0f:b6:b9:45:31:
0b:ea:43:2e:30:25:37:4e:61:65:b3:51:47:94:da:
a8:aa:1e:39:4b:50:d1:68:82:ca:70:7b:fb:4c:0b:
4f:6d:75:60:69:f1:84:93:0c:60:fd:a0:87:d2:d8:
a8:09:73:51:03:23:02:0d:45:25:c4:70:66:d4:5d:
94:e4:a0:7c:f9:99:43:d7:ab:d1:8d:fc:cf:a9:39:
0b:9b:e5:08:0d:5f:8d:d4:bd:96:fd:96:24:36:24:
23:28:8b:86:76:9a:74:25:a7:12:33:ec:05:00:de:
6d:c2:ec:79:86:b1:6d:85:78:ea:ee:98:06:92:0f:
ea:fb:ca:1f:2e:75:a6:ee:1c:53:fa:5c:d1:cf:d8:
15:64:18:55:bb:94:3d:97:f0:bb:35:71:9a:7e:58:
57:5d:78:a7:88:88:26:81:d9:48:67:81:c6:53:be:
02:02:ff:92:be:60:f9:44:e2:01:3a:48:b8:e0:9b:
fb:b1:f5:f9:eb:f3:27:18:92:43:88:ba:fe:1f:e0:
9d:bf:bd:67:27:25:fb:2c:7e:8f:cd:7b:c1:95:75:
77:01:0b:1b:53:42:97:f3:94:71:2d:b5:80:a1:9b:
0c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:34:AF:19:37:0F:18:CD:09:BA:5B:3F:A9:29:FC:B9:D1:04:79:A5
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/3TSvGTcPGM0Juls_qSn8udEEeaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.104.0/23
45.140.206.0/23
45.145.130.0/23
83.142.52.0/22
193.202.80.0/22
212.119.44.0/22
Signature Algorithm: sha256WithRSAEncryption
22:8a:53:6d:13:b1:69:39:33:db:14:fe:3b:cf:07:25:98:69:
b9:ec:5d:f9:01:a6:82:cb:a2:7e:77:80:6d:81:4f:fa:8e:72:
d8:ae:80:c0:e5:25:b7:41:da:cd:18:c0:af:d5:fe:14:21:26:
fe:5a:a4:7b:e0:81:6a:85:61:4f:d6:33:b5:0b:36:b9:90:a1:
e9:82:85:51:1d:56:66:55:7a:14:3b:25:4e:37:22:0f:62:25:
e3:3b:e7:5c:40:57:62:89:5f:4f:d8:3a:1a:c6:f0:89:be:1a:
03:3b:10:d2:76:ee:54:af:18:b8:eb:bb:d7:44:44:82:fd:60:
93:8d:c8:75:37:ed:3e:b7:fd:d8:49:21:80:bd:5b:da:06:bf:
61:86:94:dd:f6:81:48:f8:0c:0a:f6:55:8b:3c:bf:a4:0d:13:
16:e0:76:4a:ce:0d:95:f3:03:28:77:7c:99:2c:aa:67:34:0a:
c4:79:a5:23:de:d1:88:41:e1:fb:f0:ae:29:f6:ab:c5:08:53:
7f:94:52:8c:bf:ce:d6:a0:0e:99:2e:fa:1d:92:dc:7e:5f:7d:
df:f7:36:b6:f0:c7:93:fa:f7:5d:f6:d7:eb:28:c6:24:f3:c8:
d2:5e:77:78:43:34:86:b2:a1:bf:b4:d9:4f:26:39:ba:73:68:
e2:cb:e3:f3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVrCjTFUsXQTeGJg1eb200UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwMTAxMDE1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDM0YWYxOTM3MGYxOGNkMDliYTViM2ZhOTI5ZmNiOWQxMDQ3OWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2fxYMenkSN2MN4LbjSeTqjxD2rh
2UqRD7a5RTEL6kMuMCU3TmFls1FHlNqoqh45S1DRaILKcHv7TAtPbXVgafGEkwxg
/aCH0tioCXNRAyMCDUUlxHBm1F2U5KB8+ZlD16vRjfzPqTkLm+UIDV+N1L2W/ZYk
NiQjKIuGdpp0JacSM+wFAN5twux5hrFthXjq7pgGkg/q+8ofLnWm7hxT+lzRz9gV
ZBhVu5Q9l/C7NXGaflhXXXiniIgmgdlIZ4HGU74CAv+SvmD5ROIBOki44Jv7sfX5
6/MnGJJDiLr+H+Cdv71nJyX7LH6PzXvBlXV3AQsbU0KX85RxLbWAoZsMywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFN00rxk3DxjNCbpbP6kp/LnRBHmlMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xLzNUU3ZHVGNQR00wSnVsc19xU244dWRFRWVhVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAEtUGgD
BAEtjM4DBAEtkYIDBAJTjjQDBALBylADBALUdywwDQYJKoZIhvcNAQELBQADggEB
ACKKU20TsWk5M9sU/jvPByWYabnsXfkBpoLLon53gG2BT/qOctiugMDlJbdB2s0Y
wK/V/hQhJv5apHvggWqFYU/WM7ULNrmQoemChVEdVmZVehQ7JU43Ig9iJeM751xA
V2KJX0/YOhrG8Im+GgM7ENJ27lSvGLjru9dERIL9YJONyHU37T63/dhJIYC9W9oG
v2GGlN32gUj4DAr2VYs8v6QNExbgdkrODZXzAyh3fJksqmc0CsR5pSPe0YhB4fvw
rin2q8UIU3+UUoy/ztagDpku+h2S3H5ffd/3Nrbwx5P691321+soxiTzyNJed3hD
NIayob+02U8mObpzaOLL4/M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:42 2023 by rpki-client on console-ams.rpki-client.org