Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0yx6J1Rrjd95JDGCLC5aQVgdYJs.roa
File: 0yx6J1Rrjd95JDGCLC5aQVgdYJs.roa (raw, json)
Hash identifier: J1Yh1VeJbMxfibrMmEgLJcd5MiEFNUpGFbZxKpBo0FI=
Subject key identifier: D3:2C:7A:27:54:6B:8D:DF:79:24:31:82:2C:2E:5A:41:58:1D:60:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0186A2DF070B964AF2DBCBCE208A3053AAEB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0yx6J1Rrjd95JDGCLC5aQVgdYJs.roa
Signing time: Thu 02 Mar 2023 15:09:30 +0000
ROA not before: Thu 02 Mar 2023 15:09:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:df:07:0b:96:4a:f2:db:cb:ce:20:8a:30:53:aa:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 2 15:09:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d32c7a27546b8ddf792431822c2e5a41581d609b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9e:d2:b0:42:c1:21:97:68:e9:ff:83:d1:b4:
f9:f2:95:a0:d1:97:fe:10:b2:7a:fe:1e:3a:44:40:
ff:f2:31:e5:ed:e9:e2:68:0a:8c:e5:01:88:c7:ba:
89:86:1a:84:90:53:1c:ed:5b:e3:a0:2a:46:1b:38:
75:5f:76:ef:ce:a0:4c:3d:65:93:02:3b:07:2f:96:
ba:d8:a3:ac:c3:d4:7a:5c:4b:a1:24:2d:e7:20:17:
1a:e8:e4:c0:2d:44:dc:c8:43:59:4a:82:66:97:40:
5a:5f:f7:23:99:53:56:8b:54:e1:10:cb:55:bd:74:
2e:93:9e:d0:48:31:1e:25:42:13:7a:56:6d:b8:72:
ef:d2:83:d8:32:d7:12:9e:32:7d:f7:53:9b:04:a1:
b7:ea:58:ea:02:fd:46:b2:d5:6c:cb:3d:86:76:fa:
90:da:01:36:b6:4e:ce:b6:e0:39:07:b2:2b:fc:89:
5e:96:b0:54:8c:ca:86:8d:12:62:eb:1c:14:43:12:
a7:e5:be:67:6e:2e:93:4a:da:30:e5:be:e3:d9:c9:
b1:23:f9:8e:48:5c:d4:49:44:61:c9:26:b1:38:a3:
69:3a:1c:c6:3e:fc:8d:3d:b6:27:58:7b:0a:8d:e5:
86:a1:2f:e3:eb:ae:0f:7b:e5:b7:28:09:6a:62:2a:
7c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2C:7A:27:54:6B:8D:DF:79:24:31:82:2C:2E:5A:41:58:1D:60:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0yx6J1Rrjd95JDGCLC5aQVgdYJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.119.0/24
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
ba:e8:24:70:a2:b4:48:b6:b7:14:50:48:d0:de:d6:5d:0d:c7:
ab:9d:99:67:db:f0:e1:a7:e7:c6:00:0b:1e:ed:55:64:e3:3d:
aa:c0:1d:88:0b:66:52:5d:ac:5a:c1:04:01:55:8e:80:d9:a3:
ab:5b:6c:45:9d:6c:64:58:38:86:2b:a0:83:6c:1c:c3:d5:d3:
3c:8c:59:c0:a1:36:72:c6:49:f6:96:4b:03:17:a8:33:2d:78:
2f:0e:20:6e:7f:d8:4d:0a:0e:e3:8c:f2:e5:e3:c0:5d:be:41:
c0:56:5c:a7:2b:4e:ba:25:f4:cf:2f:80:bb:f7:b6:1f:04:a2:
d9:47:e2:4f:02:89:01:e8:7a:6b:57:47:ee:97:8c:e7:68:da:
fb:51:59:04:dd:f9:d4:28:6b:13:c3:c9:94:cd:e5:2a:b5:49:
62:9a:d6:a9:00:2a:60:f7:ea:06:92:1f:5e:5d:b2:3c:91:c2:
60:5e:e7:0a:91:96:e1:1e:b8:54:4c:6a:6a:b8:9b:95:91:e4:
af:e7:8e:a7:43:60:84:e0:6d:91:87:b8:bf:85:e8:91:87:58:
08:c4:52:ea:56:27:bf:27:7c:4a:29:56:a2:eb:c9:69:83:cb:
1b:53:9f:fb:a3:e4:36:b3:b8:8e:5a:9f:38:ce:50:ae:2d:9c:
5c:62:1a:74
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYai3wcLlkry28vOIIowU6rrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAyMTUwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJjN2EyNzU0NmI4ZGRmNzkyNDMxODIyYzJlNWE0MTU4MWQ2MDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ7SsELBIZdo6f+D0bT58pWg0Zf+
ELJ6/h46RED/8jHl7eniaAqM5QGIx7qJhhqEkFMc7VvjoCpGGzh1X3bvzqBMPWWT
AjsHL5a62KOsw9R6XEuhJC3nIBca6OTALUTcyENZSoJml0BaX/cjmVNWi1ThEMtV
vXQuk57QSDEeJUITelZtuHLv0oPYMtcSnjJ991ObBKG36ljqAv1GstVsyz2GdvqQ
2gE2tk7OtuA5B7Ir/IlelrBUjMqGjRJi6xwUQxKn5b5nbi6TStow5b7j2cmxI/mO
SFzUSURhySaxOKNpOhzGPvyNPbYnWHsKjeWGoS/j664Pe+W3KAlqYip8pQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNMseidUa43feSQxgiwuWkFYHWCbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMHl4NkoxUnJqZDk1SkRHQ0xDNWFRVmdkWUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQA
LZR3AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQC66CRworRItrcUUEjQ3tZd
DcernZln2/Dhp+fGAAse7VVk4z2qwB2IC2ZSXaxawQQBVY6A2aOrW2xFnWxkWDiG
K6CDbBzD1dM8jFnAoTZyxkn2lksDF6gzLXgvDiBuf9hNCg7jjPLl48BdvkHAVlyn
K066JfTPL4C797YfBKLZR+JPAokB6HprV0ful4znaNr7UVkE3fnUKGsTw8mUzeUq
tUlimtapACpg9+oGkh9eXbI8kcJgXucKkZbhHrhUTGpquJuVkeSv546nQ2CE4G2R
h7i/heiRh1gIxFLqVie/J3xKKVai68lpg8sbU5/7o+Q2s7iOWp84zlCuLZxcYhp0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org