Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/dDvLFBaW0aBvLDHu8DBk1xHMGmc.roa
File: dDvLFBaW0aBvLDHu8DBk1xHMGmc.roa (raw, json)
Hash identifier: Iu8lkNhIkBp+YeazIlfkHoBA3d3MkaJ9TjQewdOu3b4=
Subject key identifier: 74:3B:CB:14:16:96:D1:A0:6F:2C:31:EE:F0:30:64:D7:11:CC:1A:67
Certificate issuer: /CN=1232303d1638e0735240491aaa9e42b1887adaca
Certificate serial: 01856EAFCCC0686FA2B84A27ABBAAFA84295
Authority key identifier: 12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/dDvLFBaW0aBvLDHu8DBk1xHMGmc.roa
Signing time: Sun 01 Jan 2023 18:54:52 +0000
ROA not before: Sun 01 Jan 2023 18:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51440
IP address blocks: 46.28.136.0/24 maxlen: 24
46.28.140.0/24 maxlen: 24
95.215.130.0/24 maxlen: 24
95.215.129.0/24 maxlen: 24
195.35.85.0/24 maxlen: 24
46.32.222.0/24 maxlen: 24
5.34.160.0/24 maxlen: 24
2a03:2940::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:cc:c0:68:6f:a2:b8:4a:27:ab:ba:af:a8:42:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1232303d1638e0735240491aaa9e42b1887adaca
Validity
Not Before: Jan 1 18:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=743bcb141696d1a06f2c31eef03064d711cc1a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c6:e0:ef:a3:f9:25:58:11:f3:82:c9:4c:b1:
83:03:ee:be:4a:cc:3d:a7:18:70:a8:ef:3b:78:e8:
86:40:9a:a8:88:c6:f2:dd:41:9b:16:cc:47:3c:a5:
b9:0b:d3:a0:3e:76:f8:87:0e:6e:b7:df:64:96:cc:
47:cd:93:7d:fc:34:1d:25:ca:dc:bf:ab:bf:08:f3:
e0:dc:98:2c:af:4e:25:f4:5e:46:67:e4:da:e1:7f:
5f:7d:c9:98:f7:7c:ba:e4:a6:cf:5d:b4:f3:78:69:
44:c9:5e:fd:8e:42:c1:16:d1:59:b3:b5:be:91:22:
f2:a1:a6:ed:cc:70:db:76:7b:7e:cc:f6:74:aa:36:
bd:a5:16:f8:60:17:3b:fe:b8:6e:27:20:5c:3b:4c:
6a:bc:b1:88:24:43:48:44:6b:e9:db:67:f5:d8:6a:
2a:9f:bf:e7:5e:52:95:5a:8b:9f:cd:a5:7d:db:2f:
1d:5e:13:9b:f0:c9:7a:96:8f:58:46:e1:12:9a:c6:
70:da:4f:6b:1d:cf:e2:be:d3:73:01:91:e3:a7:71:
5a:36:fd:ee:9e:ad:1f:76:0f:0c:97:41:17:23:76:
cb:05:d7:7d:16:06:2e:bf:c7:74:6c:84:bb:46:f3:
f7:1b:10:ab:ea:a1:17:61:1d:b7:4f:cc:81:68:1a:
f9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3B:CB:14:16:96:D1:A0:6F:2C:31:EE:F0:30:64:D7:11:CC:1A:67
X509v3 Authority Key Identifier:
keyid:12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/dDvLFBaW0aBvLDHu8DBk1xHMGmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.160.0/24
46.28.136.0/24
46.28.140.0/24
46.32.222.0/24
95.215.129.0-95.215.130.255
195.35.85.0/24
IPv6:
2a03:2940::/32
Signature Algorithm: sha256WithRSAEncryption
78:15:7a:4f:31:58:aa:c6:b7:5f:cc:9b:fd:ab:5c:ad:ba:a5:
f8:a4:ed:d3:4c:0b:9d:91:fa:94:5e:c3:b8:a4:1e:bb:0b:61:
51:c6:07:a1:4e:07:18:08:5b:88:f9:69:69:bd:fb:9b:61:da:
29:02:85:77:23:6b:a2:0f:69:7b:f0:69:e5:61:e2:40:a3:48:
d7:31:2d:70:f8:74:41:e5:fe:b0:5d:b3:a7:c0:10:39:92:c7:
e7:55:d9:77:6c:3f:9b:b6:ad:7a:55:95:6e:5f:7f:a6:08:8c:
dd:a9:7c:d4:53:5c:7b:4f:90:9f:8c:5b:6b:ac:c0:d9:d1:c7:
c8:2e:3e:09:da:3b:15:cd:f3:da:e8:c6:b4:49:5a:9d:60:5b:
49:b3:ea:09:a1:3c:16:52:6c:6a:ea:da:ef:fb:21:80:ff:37:
30:d7:96:f6:e0:7f:07:0e:66:70:ae:53:b1:8b:a0:a6:3d:2a:
a8:02:0a:88:dd:1e:c9:a4:f7:88:3c:cf:0a:70:bd:81:2c:90:
b5:29:e1:64:fc:b6:5e:73:ec:9b:6a:93:bd:56:cc:1a:04:5e:
1b:de:a8:6c:2d:14:12:5f:29:80:0e:d5:34:b6:96:45:c9:d4:
10:b9:e1:ff:ff:8c:2e:6c:1b:36:4a:0b:22:c9:d0:f0:3d:fe:
2c:0c:ec:1b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVur8zAaG+iuEonq7qvqEKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzIzMDNkMTYzOGUwNzM1MjQwNDkxYWFhOWU0MmIxODg3
YWRhY2EwHhcNMjMwMTAxMTg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNiY2IxNDE2OTZkMWEwNmYyYzMxZWVmMDMwNjRkNzExY2MxYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsbg76P5JVgR84LJTLGDA+6+Ssw9
pxhwqO87eOiGQJqoiMby3UGbFsxHPKW5C9OgPnb4hw5ut99klsxHzZN9/DQdJcrc
v6u/CPPg3Jgsr04l9F5GZ+Ta4X9ffcmY93y65KbPXbTzeGlEyV79jkLBFtFZs7W+
kSLyoabtzHDbdnt+zPZ0qja9pRb4YBc7/rhuJyBcO0xqvLGIJENIRGvp22f12Goq
n7/nXlKVWoufzaV92y8dXhOb8Ml6lo9YRuESmsZw2k9rHc/ivtNzAZHjp3FaNv3u
nq0fdg8Ml0EXI3bLBdd9FgYuv8d0bIS7RvP3GxCr6qEXYR23T8yBaBr5DwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFHQ7yxQWltGgbywx7vAwZNcRzBpnMB8GA1UdIwQY
MBaAFBIyMD0WOOBzUkBJGqqeQrGIetrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEt
MDY0NDE0ZDAzNDBmLzEvZER2TEZCYVcwYUJ2TERIdThEQmsxeEhNR21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEtMDY0NDE0ZDAzNDBm
LzEvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQABSKgAwQA
LhyIAwQALhyMAwQALiDeMAwDBABf14EDBABf14IDBADDI1UwDQQCAAIwBwMFACoD
KUAwDQYJKoZIhvcNAQELBQADggEBAHgVek8xWKrGt1/Mm/2rXK26pfik7dNMC52R
+pRew7ikHrsLYVHGB6FOBxgIW4j5aWm9+5th2ikChXcja6IPaXvwaeVh4kCjSNcx
LXD4dEHl/rBds6fAEDmSx+dV2XdsP5u2rXpVlW5ff6YIjN2pfNRTXHtPkJ+MW2us
wNnRx8guPgnaOxXN89roxrRJWp1gW0mz6gmhPBZSbGrq2u/7IYD/NzDXlvbgfwcO
ZnCuU7GLoKY9KqgCCojdHsmk94g8zwpwvYEskLUp4WT8tl5z7Jtqk71WzBoEXhve
qGwtFBJfKYAO1TS2lkXJ1BC54f//jC5sGzZKCyLJ0PA9/iwM7Bs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:09 2024 by rpki-client on console-fra.rpki-client.org