Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HNcFY7B6Z8goOw7hhVVbYbnLgGY.roa
File: HNcFY7B6Z8goOw7hhVVbYbnLgGY.roa (raw, json)
Hash identifier: Zav9w7NobXZVNe/PYzl/LbihCH8n8CoVXE/Wj35U7wc=
Subject key identifier: 1C:D7:05:63:B0:7A:67:C8:28:3B:0E:E1:85:55:5B:61:B9:CB:80:66
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01869444DCCA18D786F352CF31AC1886B668
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HNcFY7B6Z8goOw7hhVVbYbnLgGY.roa
Signing time: Mon 27 Feb 2023 19:06:26 +0000
ROA not before: Mon 27 Feb 2023 19:06:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:94:44:dc:ca:18:d7:86:f3:52:cf:31:ac:18:86:b6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 27 19:06:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cd70563b07a67c8283b0ee185555b61b9cb8066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5a:34:8e:0c:4f:7c:a3:51:ab:4d:d0:e2:63:
0a:da:b4:a3:11:fa:63:e5:bc:fa:95:26:71:ec:94:
ca:88:79:51:d9:19:79:9d:7c:08:c5:4a:a3:67:60:
a8:00:a8:3a:88:84:1e:e6:f5:06:8c:0e:38:37:8a:
10:61:34:20:8a:9a:3a:d1:e9:fb:aa:fc:37:02:f6:
9b:19:cf:55:d8:71:71:56:d3:c9:42:8d:bb:8a:73:
e3:af:37:b7:fd:09:07:ec:31:eb:b3:0a:f1:63:bb:
84:cd:67:2a:0b:35:3e:94:29:2f:49:bc:e0:e5:4f:
f4:f0:41:9d:53:c7:4e:27:81:c5:aa:60:83:ff:01:
f8:bd:38:a6:6f:70:5e:70:3d:db:cd:8f:56:d2:9c:
ae:59:e0:e8:b3:3a:fd:f1:20:65:f4:36:ac:cc:08:
1a:b8:e2:84:01:53:2d:e8:61:94:c3:46:d6:5e:b2:
9e:56:52:c7:26:58:bb:34:56:4e:8d:e1:b5:05:4d:
1f:ef:e2:e3:0f:74:f9:e3:3c:50:59:55:9c:5a:b4:
be:4d:bf:2e:23:45:24:06:fe:4d:8f:d5:aa:88:f9:
f1:6c:84:5c:1f:e8:53:42:90:0c:51:4e:2f:37:9c:
57:76:e1:35:90:b9:ff:3f:e2:4d:b3:90:d8:16:dc:
a8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D7:05:63:B0:7A:67:C8:28:3B:0E:E1:85:55:5B:61:B9:CB:80:66
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/HNcFY7B6Z8goOw7hhVVbYbnLgGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/24
45.148.119.0/24
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
1c:7e:99:ee:31:9a:7b:9e:20:d6:90:80:a9:dc:23:80:a6:50:
1c:21:a2:3f:24:f1:1e:52:c9:68:46:65:43:89:c8:1b:c5:a5:
ab:9f:7d:1c:50:e9:09:7a:d9:6a:bd:42:fc:ba:58:ce:59:89:
2c:29:56:a4:37:9c:79:55:f7:a3:b3:3d:21:dc:53:6e:7c:7c:
0a:64:47:f0:a5:60:66:b3:9c:5c:5a:f2:8a:b2:2e:7f:bf:c2:
2e:ef:ce:98:61:c4:7f:c7:8a:3b:98:cb:31:9d:c6:6e:e6:07:
e3:c7:49:6d:fa:39:33:2a:dc:c8:07:7c:92:d4:73:69:e7:53:
42:1b:ee:49:85:3a:d2:f7:f4:eb:88:12:4e:3c:91:fa:0c:cf:
28:5c:db:61:e3:1b:2b:72:6f:e9:4d:df:39:2e:16:40:de:59:
58:f4:4b:96:68:1c:62:b2:d5:eb:e3:d7:5d:66:78:67:fb:1c:
dc:d5:86:67:7a:97:77:9a:c2:cc:dc:46:03:d5:09:30:6d:87:
c6:a4:61:02:f5:94:42:c4:5c:a5:15:8d:3a:3d:cc:3f:f4:17:
7f:c6:50:5a:f1:39:04:03:a8:d5:ba:2e:6b:fe:51:4c:bf:4d:
9f:0e:d1:eb:89:77:34:d0:5c:b2:9a:85:bb:35:49:8c:25:1f:
51:41:60:3f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYaURNzKGNeG81LPMawYhrZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMjI3MTkwNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q3MDU2M2IwN2E2N2M4MjgzYjBlZTE4NTU1NWI2MWI5Y2I4MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVo0jgxPfKNRq03Q4mMK2rSjEfpj
5bz6lSZx7JTKiHlR2Rl5nXwIxUqjZ2CoAKg6iIQe5vUGjA44N4oQYTQgipo60en7
qvw3AvabGc9V2HFxVtPJQo27inPjrze3/QkH7DHrswrxY7uEzWcqCzU+lCkvSbzg
5U/08EGdU8dOJ4HFqmCD/wH4vTimb3BecD3bzY9W0pyuWeDoszr98SBl9DaszAga
uOKEAVMt6GGUw0bWXrKeVlLHJli7NFZOjeG1BU0f7+LjD3T54zxQWVWcWrS+Tb8u
I0UkBv5Nj9WqiPnxbIRcH+hTQpAMUU4vN5xXduE1kLn/P+JNs5DYFtyoPwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBzXBWOwemfIKDsO4YVVW2G5y4BmMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSE5jRlk3QjZaOGdvT3c3aGhWVmJZYm5MZ0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAYBAIAATASAwQALZR0AwQA
LZR3AwQAwjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDM
QAHQAwcEKhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQAcfpnuMZp7niDWkICp3COA
plAcIaI/JPEeUsloRmVDicgbxaWrn30cUOkJetlqvUL8uljOWYksKVakN5x5Vfej
sz0h3FNufHwKZEfwpWBms5xcWvKKsi5/v8Iu786YYcR/x4o7mMsxncZu5gfjx0lt
+jkzKtzIB3yS1HNp51NCG+5JhTrS9/TriBJOPJH6DM8oXNth4xsrcm/pTd85LhZA
3llY9EuWaBxistXr49ddZnhn+xzc1YZnepd3msLM3EYD1QkwbYfGpGEC9ZRCxFyl
FY06Pcw/9Bd/xlBa8TkEA6jVui5r/lFMv02fDtHriXc00FyymoW7NUmMJR9RQWA/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org