Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TI-Ny49zyNrGr5ZWKI3i9lzws04.roa
File: TI-Ny49zyNrGr5ZWKI3i9lzws04.roa (raw, json)
Hash identifier: EtDResbSU+SS19Bx1pVOj8D5TwAKrystVGZ+nxAfhsQ=
Subject key identifier: 4C:8F:8D:CB:8F:73:C8:DA:C6:AF:96:56:28:8D:E2:F6:5C:F0:B3:4E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BCC29292D7C85C4EC8A3B786B19171
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TI-Ny49zyNrGr5ZWKI3i9lzws04.roa
Signing time: Tue 02 Jan 2024 10:34:00 +0000
ROA not before: Tue 02 Jan 2024 10:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.148.116.0/22 maxlen: 24
185.238.188.0/22 maxlen: 24
2a0e:b107:1870::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a10:ccc0:110::/44 maxlen: 48
2a06:de01:d0::/44 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a10:ccc3:ccce::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
2a06:de01:400::/48 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c2:92:92:d7:c8:5c:4e:c8:a3:b7:86:b1:91:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c8f8dcb8f73c8dac6af9656288de2f65cf0b34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6f:47:1b:d9:28:70:4a:9b:08:06:81:2c:ea:
30:13:81:2d:41:61:de:69:3b:f5:8d:79:1b:ff:37:
a1:3b:34:32:1d:bf:3c:87:a9:5a:89:2a:1d:32:b6:
00:58:80:20:53:88:2b:f8:80:e2:e4:ee:43:8d:f5:
d4:d5:9a:3e:8e:02:0d:9a:a6:8a:6d:8c:5d:9f:d2:
f4:56:0a:cb:cc:0a:c2:44:eb:80:08:f2:f5:21:50:
c2:1f:ce:08:de:30:c3:34:01:f7:e8:f9:d7:c4:0b:
52:33:e8:13:e1:9d:cf:2b:a7:6f:d4:b7:78:e0:aa:
ad:a7:d0:3f:ba:df:59:a8:c1:91:e7:67:ff:a8:8f:
9c:57:2e:55:69:de:3f:b9:42:0e:9e:74:3f:85:e7:
35:48:2c:fc:05:c2:b4:81:2d:81:75:27:e1:df:00:
75:a4:70:26:45:be:75:80:cc:88:c1:53:28:ac:f6:
60:5c:0c:db:24:99:15:96:07:79:ce:2c:9e:70:07:
55:be:71:af:4b:a0:6a:fb:5c:b7:49:97:2b:5f:8a:
65:ab:ba:92:e5:a7:d2:eb:93:2d:26:74:61:f6:a9:
5b:f8:c4:63:90:6d:eb:eb:b5:e3:64:d5:e4:ac:bd:
42:72:f7:f1:08:8e:73:44:f2:8f:c6:f9:bb:92:5e:
95:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8F:8D:CB:8F:73:C8:DA:C6:AF:96:56:28:8D:E2:F6:5C:F0:B3:4E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/TI-Ny49zyNrGr5ZWKI3i9lzws04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
185.238.188.0/22
IPv6:
2a06:de01:d0::/44
2a06:de01:400::/48
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc0:110::/44
2a10:ccc3:ccce::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
4c:ef:d0:4f:65:b8:bf:e8:f2:07:4f:d9:23:f2:2d:2a:71:b2:
93:e2:ff:62:e0:ba:da:ad:90:da:01:0b:3c:47:e2:fa:e5:83:
c0:8c:8a:15:11:fb:9e:f9:34:0f:c8:a3:de:dc:d1:9c:60:8f:
95:05:8e:83:f0:d8:b2:97:da:8d:c4:1d:76:57:45:4f:af:48:
fc:96:71:e5:01:b7:bd:29:4f:1b:7a:b7:bc:be:3b:b3:5a:ea:
4a:f1:51:6a:77:b5:7d:72:fb:bd:46:f7:25:d6:4d:13:35:6f:
0f:3d:cc:3c:a9:17:e1:fc:00:66:0d:66:57:4b:96:c1:94:30:
c5:87:15:27:77:d3:c4:80:61:24:c3:f4:2e:04:be:37:6d:fb:
18:0a:54:17:f6:00:a5:33:11:5e:89:89:d6:bf:9a:7f:25:49:
9a:ee:87:24:bf:09:cb:a8:f5:2f:c1:65:cb:8f:9a:53:12:92:
82:96:a3:16:32:76:22:07:e0:6d:3b:84:05:8b:e3:8f:ba:48:
80:42:50:31:1e:08:41:49:5b:dd:8a:f3:18:7a:36:fb:c1:bf:
16:4d:25:f4:33:0a:88:df:fd:72:f1:a3:db:5e:fe:3d:f9:42:
46:db:d5:8e:ac:e1:11:38:94:da:b6:ca:7c:7a:b6:6f:d8:da:
d4:6d:0e:60
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYzJvMKSktfIXE7Io7eGsZFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhmOGRjYjhmNzNjOGRhYzZhZjk2NTYyODhkZTJmNjVjZjBiMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAym9HG9kocEqbCAaBLOowE4EtQWHe
aTv1jXkb/zehOzQyHb88h6laiSodMrYAWIAgU4gr+IDi5O5DjfXU1Zo+jgINmqaK
bYxdn9L0VgrLzArCROuACPL1IVDCH84I3jDDNAH36PnXxAtSM+gT4Z3PK6dv1Ld4
4Kqtp9A/ut9ZqMGR52f/qI+cVy5Vad4/uUIOnnQ/hec1SCz8BcK0gS2BdSfh3wB1
pHAmRb51gMyIwVMorPZgXAzbJJkVlgd5ziyecAdVvnGvS6Bq+1y3SZcrX4plq7qS
5afS65MtJnRh9qlb+MRjkG3r67XjZNXkrL1CcvfxCI5zRPKPxvm7kl6V0wIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFEyPjcuPc8jaxq+WViiN4vZc8LNOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvVEktTnk0OXp5TnJHcjVaV0tJM2k5bHp3czA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTASBAIAATAMAwQCLZR0
AwQCue68MIGWBAIAAjCBjwMHBCoG3gEA0AMHACoG3gEEAAMGACoMO4f/AwcAKg6X
wAdQMBIDBwAqDpfAB5EDBwAqDpfAB5IDBgIqDpfErAMHACoOsQcJ9AMHACoOsQcJ
9gMHACoOsQcN8gMHACoOsQcYcAMHACoOsQcbngMHACoOsQcniwMHBCoQzMABEAMH
ACoQzMPMzgMGAioQzMeQMA0GCSqGSIb3DQEBCwUAA4IBAQBM79BPZbi/6PIHT9kj
8i0qcbKT4v9i4LrarZDaAQs8R+L65YPAjIoVEfue+TQPyKPe3NGcYI+VBY6D8Niy
l9qNxB12V0VPr0j8lnHlAbe9KU8bere8vjuzWupK8VFqd7V9cvu9Rvcl1k0TNW8P
Pcw8qRfh/ABmDWZXS5bBlDDFhxUnd9PEgGEkw/QuBL43bfsYClQX9gClMxFeiYnW
v5p/JUma7ockvwnLqPUvwWXLj5pTEpKClqMWMnYiB+BtO4QFi+OPukiAQlAxHghB
SVvdivMYejb7wb8WTSX0MwqI3/1y8aPbXv49+UJG29WOrOEROJTatsp8erZv2NrU
bQ5g
-----END CERTIFICATE-----
Generated at Sat Jan 6 01:52:19 2024 by rpki-client on console-ams.rpki-client.org