Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hx4KGNUWtSqMKVSqpe1mM7Igjfw.roa
File: Hx4KGNUWtSqMKVSqpe1mM7Igjfw.roa (raw, json)
Hash identifier: 6ifLdHwDDDrJlLZIGtil6GuUx7ykTTACIkug8Q3KhGA=
Subject key identifier: 1F:1E:0A:18:D5:16:B5:2A:8C:29:54:AA:A5:ED:66:33:B2:20:8D:FC
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187C36C867C46DFBCDAE727DE1D138698EE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hx4KGNUWtSqMKVSqpe1mM7Igjfw.roa
Signing time: Thu 27 Apr 2023 15:54:42 +0000
ROA not before: Thu 27 Apr 2023 15:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.117.0/24 maxlen: 24
45.148.118.0/24 maxlen: 24
45.148.116.0/22 maxlen: 24
45.148.116.0/24 maxlen: 24
45.148.119.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c3:6c:86:7c:46:df:bc:da:e7:27:de:1d:13:86:98:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 27 15:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f1e0a18d516b52a8c2954aaa5ed6633b2208dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:aa:8b:a4:b2:1a:80:c5:79:3a:e0:1d:14:c5:
b6:b1:3a:ca:9a:6a:1e:8d:3d:f1:de:db:6a:4b:46:
ed:c7:f4:dc:d9:a4:41:a3:9a:9f:74:4e:f4:57:2c:
ef:fb:2b:6d:c8:10:3f:5b:ef:9e:89:2f:31:73:f2:
04:cb:4f:98:d3:bc:ee:5a:17:ea:6a:9d:42:50:90:
72:4b:87:48:0c:eb:f9:00:78:aa:13:9b:f8:0d:8a:
2b:7c:9f:a3:56:ee:07:a8:df:8f:dc:71:3b:de:44:
1f:3b:34:79:67:b9:4b:6d:97:38:bc:40:36:b2:4a:
c7:70:0b:12:0e:37:98:fd:a3:fe:81:84:70:40:3e:
24:f0:47:e3:b8:9b:6f:16:3b:b4:7a:c2:f0:0e:75:
05:1f:26:74:97:b1:c4:81:d7:7b:43:d5:21:f8:e0:
7a:07:c5:be:cf:10:06:68:c9:69:70:da:aa:9e:32:
fa:cc:58:1b:9a:0a:3b:ab:14:c9:e8:10:47:99:71:
10:28:ec:d5:ac:19:a6:ed:7b:90:c9:7a:42:aa:94:
a4:60:62:c0:fb:ac:c3:64:9d:32:e4:43:e2:71:3a:
94:6f:30:96:a8:0d:d0:a6:56:6b:19:7a:1c:f7:d1:
ff:51:9b:ce:cd:b3:7d:5a:e8:07:32:f7:12:95:a8:
73:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1E:0A:18:D5:16:B5:2A:8C:29:54:AA:A5:ED:66:33:B2:20:8D:FC
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hx4KGNUWtSqMKVSqpe1mM7Igjfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
7f:67:8d:8b:2a:b9:24:e9:63:e8:62:62:c2:95:68:12:e3:59:
24:57:a6:86:d3:df:ee:f3:70:e2:f0:5f:fe:8d:51:18:e4:4d:
a5:9f:5c:6a:19:37:8b:69:0b:06:5e:c9:4f:31:c9:7a:31:9f:
80:85:7e:b6:fe:44:3e:1a:b3:a5:02:0c:1a:0b:4f:d8:88:30:
8b:c7:de:72:b2:49:78:59:3a:1f:ed:21:a7:e7:db:80:db:ab:
b4:b0:76:ee:89:fa:69:6e:55:b4:09:3d:73:a8:a5:cd:f3:cb:
b3:94:41:7a:85:12:ef:61:ce:34:47:d2:6a:93:8d:5f:8c:08:
c6:55:98:32:1d:36:68:70:1a:1c:7a:e8:c2:32:81:e3:69:a3:
de:27:72:10:9b:eb:a3:06:2c:10:42:b2:32:ee:5f:17:a5:2a:
cf:7f:b3:ad:81:39:18:31:76:32:ba:08:40:45:24:88:23:8e:
b8:b4:be:72:eb:49:67:52:3d:a3:2f:b6:96:5f:9a:9e:dc:72:
6a:5a:5f:3d:37:0e:82:dc:57:20:01:5b:f4:a4:5c:7d:77:55:
d7:aa:2c:99:52:03:44:b2:01:cd:ba:af:9d:78:f9:67:c0:ce:
37:91:d4:4f:61:b4:f6:e9:58:10:67:a2:d0:67:9b:30:cf:cb:
59:0b:99:f8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYfDbIZ8Rt+82ucn3h0ThpjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNDI3MTU1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjFlMGExOGQ1MTZiNTJhOGMyOTU0YWFhNWVkNjYzM2IyMjA4ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqqLpLIagMV5OuAdFMW2sTrKmmoe
jT3x3ttqS0btx/Tc2aRBo5qfdE70Vyzv+yttyBA/W++eiS8xc/IEy0+Y07zuWhfq
ap1CUJByS4dIDOv5AHiqE5v4DYorfJ+jVu4HqN+P3HE73kQfOzR5Z7lLbZc4vEA2
skrHcAsSDjeY/aP+gYRwQD4k8EfjuJtvFju0esLwDnUFHyZ0l7HEgdd7Q9Uh+OB6
B8W+zxAGaMlpcNqqnjL6zFgbmgo7qxTJ6BBHmXEQKOzVrBmm7XuQyXpCqpSkYGLA
+6zDZJ0y5EPicTqUbzCWqA3QplZrGXoc99H/UZvOzbN9WugHMvcSlahzdwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFB8eChjVFrUqjClUqqXtZjOyII38MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSHg0S0dOVVd0U3FNS1ZTcXBlMW1NN0lnamZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzASBAIAATAMAwQCLZR0AwQA
wjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDMQAHQAwcE
KhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQB/Z42LKrkk6WPoYmLClWgS41kkV6aG
09/u83Di8F/+jVEY5E2ln1xqGTeLaQsGXslPMcl6MZ+AhX62/kQ+GrOlAgwaC0/Y
iDCLx95yskl4WTof7SGn59uA26u0sHbuifppblW0CT1zqKXN88uzlEF6hRLvYc40
R9Jqk41fjAjGVZgyHTZocBoceujCMoHjaaPeJ3IQm+ujBiwQQrIy7l8XpSrPf7Ot
gTkYMXYyughARSSII464tL5y60lnUj2jL7aWX5qe3HJqWl89Nw6C3FcgAVv0pFx9
d1XXqiyZUgNEsgHNuq+dePlnwM43kdRPYbT26VgQZ6LQZ5swz8tZC5n4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:57 2023 by rpki-client on console-ams.rpki-client.org