Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/6tRmwnRlQIL-APLZl4DbKw57-Ko.roa
File: 6tRmwnRlQIL-APLZl4DbKw57-Ko.roa (raw, json)
Hash identifier: o7jRfDfb9ZFwRztzNoNPXJ0XwERxAx2K9163BypuE88=
Subject key identifier: EA:D4:66:C2:74:65:40:82:FE:00:F2:D9:97:80:DB:2B:0E:7B:F8:AA
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 0185E95584114E07428FC06625FE527F5D21
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/6tRmwnRlQIL-APLZl4DbKw57-Ko.roa
Signing time: Wed 25 Jan 2023 14:29:33 +0000
ROA not before: Wed 25 Jan 2023 14:29:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26548
IP address blocks: 193.202.80.0/23 maxlen: 23
193.202.82.0/23 maxlen: 23
45.145.130.0/23 maxlen: 23
83.142.52.0/23 maxlen: 23
83.142.54.0/23 maxlen: 23
45.80.104.0/23 maxlen: 23
212.119.44.0/23 maxlen: 23
212.119.46.0/23 maxlen: 23
193.203.8.0/23 maxlen: 23
193.203.10.0/23 maxlen: 23
45.140.206.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:55:84:11:4e:07:42:8f:c0:66:25:fe:52:7f:5d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Jan 25 14:29:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ead466c274654082fe00f2d99780db2b0e7bf8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:41:d2:10:1c:5a:1d:fd:fe:52:ab:09:29:47:
1f:c9:b0:4c:5d:8f:bc:23:4f:38:8e:47:a1:03:a7:
d0:f3:72:7f:4d:83:e1:19:9e:55:15:a1:f7:13:7e:
51:3e:44:bb:a2:2a:24:e9:0d:e6:f8:bf:72:d2:f1:
49:89:a6:d1:71:e2:7f:76:af:72:cd:ac:59:8e:8a:
a4:cf:cf:85:d4:73:5f:a0:7a:0b:99:5c:21:c4:63:
ba:4b:70:e5:b8:9d:82:8a:da:7b:bf:5a:54:90:c2:
db:4b:ed:e4:e6:bb:a1:85:5a:63:a6:c9:18:51:9e:
de:17:b1:96:c6:13:25:f7:6b:d0:8a:ea:d8:6e:70:
01:8b:b6:56:e8:0c:ae:81:da:9e:ee:e1:49:07:b9:
1c:e7:25:b8:77:8d:b3:38:14:0e:67:ae:fc:fa:9d:
3f:d9:a4:3f:b0:e5:49:11:9b:35:b6:20:20:b3:71:
b0:94:06:0b:cd:72:83:c8:51:f4:2b:20:01:8b:b4:
bc:f7:03:46:6b:0c:fe:3b:ef:b9:03:5f:e9:23:e1:
4a:f2:09:70:3d:55:56:38:05:91:46:1a:57:0b:69:
bb:44:4e:7c:c2:0c:9a:4d:e1:7b:ba:c9:72:70:d7:
a4:99:b6:7a:8a:8f:04:35:40:89:71:39:0d:c7:66:
2e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D4:66:C2:74:65:40:82:FE:00:F2:D9:97:80:DB:2B:0E:7B:F8:AA
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/6tRmwnRlQIL-APLZl4DbKw57-Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.104.0/23
45.140.206.0/23
45.145.130.0/23
83.142.52.0/22
193.202.80.0/22
193.203.8.0/22
212.119.44.0/22
Signature Algorithm: sha256WithRSAEncryption
77:c8:9c:f1:37:8f:77:dc:bf:42:69:b6:e3:31:b5:22:6d:e5:
e8:61:84:b5:5a:84:68:6f:e9:70:0a:54:02:ec:c2:7f:c2:f6:
5c:b5:28:6c:11:ca:7b:29:12:bc:8e:b9:35:b3:66:5e:8a:b1:
20:96:f3:5f:9d:bb:f6:32:cf:82:65:6e:ab:31:91:93:1d:31:
ac:c0:91:a8:b5:f5:d7:60:cd:6d:47:5d:9b:cc:ad:d1:68:94:
cb:1a:e0:aa:f2:57:12:78:ad:0b:f8:92:47:91:55:92:db:e0:
2a:da:11:2b:09:e2:ca:85:20:8a:d0:c0:bb:70:6a:d9:2a:03:
b2:73:a0:fb:b3:ff:02:b8:41:d7:f6:d6:2b:cc:b2:ba:ef:b3:
18:f8:e3:f9:66:a0:27:29:a7:60:dd:5e:32:aa:a2:ad:77:f5:
17:93:24:08:e6:c9:b4:bd:81:5e:2a:1c:44:23:9a:72:70:ba:
c7:74:74:5d:7f:64:b0:d0:c9:56:fc:77:04:aa:f5:78:b1:41:
91:d4:7e:cf:f9:3b:9f:09:84:2b:5c:72:e0:37:db:a3:12:9e:
c6:7d:fb:51:9a:6f:34:e0:ce:a4:7f:f7:34:c2:d7:10:5c:25:
ed:82:f4:93:28:f7:2a:c3:f4:ef:29:7a:a8:f5:a2:13:00:ee:
2e:8e:a3:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYXpVYQRTgdCj8BmJf5Sf10hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwMTI1MTQyOTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQ0NjZjMjc0NjU0MDgyZmUwMGYyZDk5NzgwZGIyYjBlN2JmOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0HSEBxaHf3+UqsJKUcfybBMXY+8
I084jkehA6fQ83J/TYPhGZ5VFaH3E35RPkS7oiok6Q3m+L9y0vFJiabRceJ/dq9y
zaxZjoqkz8+F1HNfoHoLmVwhxGO6S3DluJ2Citp7v1pUkMLbS+3k5ruhhVpjpskY
UZ7eF7GWxhMl92vQiurYbnABi7ZW6Ayugdqe7uFJB7kc5yW4d42zOBQOZ678+p0/
2aQ/sOVJEZs1tiAgs3GwlAYLzXKDyFH0KyABi7S89wNGawz+O++5A1/pI+FK8glw
PVVWOAWRRhpXC2m7RE58wgyaTeF7uslycNekmbZ6io8ENUCJcTkNx2YudQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOrUZsJ0ZUCC/gDy2ZeA2ysOe/iqMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xLzZ0Um13blJsUUlMLUFQTFpsNERiS3c1Ny1Lby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAEtUGgD
BAEtjM4DBAEtkYIDBAJTjjQDBALBylADBALBywgDBALUdywwDQYJKoZIhvcNAQEL
BQADggEBAHfInPE3j3fcv0JptuMxtSJt5ehhhLVahGhv6XAKVALswn/C9ly1KGwR
ynspEryOuTWzZl6KsSCW81+du/Yyz4JlbqsxkZMdMazAkai19ddgzW1HXZvMrdFo
lMsa4KryVxJ4rQv4kkeRVZLb4CraESsJ4sqFIIrQwLtwatkqA7JzoPuz/wK4Qdf2
1ivMsrrvsxj44/lmoCcpp2DdXjKqoq139ReTJAjmybS9gV4qHEQjmnJwusd0dF1/
ZLDQyVb8dwSq9XixQZHUfs/5O58JhCtccuA326MSnsZ9+1GabzTgzqR/9zTC1xBc
Je2C9JMo9yrD9O8peqj1ohMA7i6Oo/E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:59 2023 by rpki-client on console-fra.rpki-client.org