Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Yd2BWiRqSEOodMgiMDW6Qz8F9nU.roa
File: Yd2BWiRqSEOodMgiMDW6Qz8F9nU.roa (raw, json)
Hash identifier: f2qyh+KeXNovPX1ypy2FRTJFxPrI5ZwaXivlX92fnQA=
Subject key identifier: 61:DD:81:5A:24:6A:48:43:A8:74:C8:22:30:35:BA:43:3F:05:F6:75
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187DA2495DE525AF1F805E69C95AB034791
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Yd2BWiRqSEOodMgiMDW6Qz8F9nU.roa
Signing time: Tue 02 May 2023 01:47:23 +0000
ROA not before: Tue 02 May 2023 01:47:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 45.148.117.0/24 maxlen: 24
45.148.116.0/22 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:da:24:95:de:52:5a:f1:f8:05:e6:9c:95:ab:03:47:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 2 01:47:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61dd815a246a4843a874c8223035ba433f05f675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:70:96:6e:eb:27:94:96:6f:7c:c4:56:fa:ce:
2f:9e:2e:e0:45:46:43:30:e8:e0:d4:30:2a:67:c1:
c8:0f:51:1f:34:e5:42:9f:7c:26:05:f3:35:09:ef:
27:76:02:58:93:c0:d1:da:96:2d:e0:86:22:b2:b0:
cb:e8:50:d8:e0:f0:57:43:b9:04:81:d3:91:92:9a:
3a:c4:f5:2b:3b:fa:69:af:c1:ba:b6:9f:ad:75:ed:
1c:11:07:85:9e:a3:59:aa:89:8e:61:19:c8:60:42:
90:aa:2f:8d:a9:66:50:b8:5c:15:ab:8b:5d:6f:92:
59:26:ff:fd:72:ea:8f:bc:f5:2e:d6:78:8c:ec:c6:
fa:3b:d1:ce:77:6f:d9:78:a9:34:d5:aa:c8:30:78:
ad:8a:e5:3a:bb:86:ac:57:5b:f9:c7:a8:2b:08:04:
9a:cf:1f:02:2e:3c:41:8c:ef:b5:d8:9c:2d:bd:c5:
ca:31:b4:59:8b:ea:fd:15:90:00:15:d1:b6:dc:6f:
04:28:08:88:de:50:61:ba:55:5e:5c:60:60:28:12:
65:1b:5c:e3:44:c8:41:36:a2:97:ac:d8:09:5f:4f:
b0:bd:3c:b3:f3:27:a1:bc:91:11:ad:15:20:f5:0d:
57:59:1c:b0:b1:ce:4f:7a:d1:42:a7:fa:ed:38:14:
ea:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DD:81:5A:24:6A:48:43:A8:74:C8:22:30:35:BA:43:3F:05:F6:75
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Yd2BWiRqSEOodMgiMDW6Qz8F9nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
4e:db:9b:d8:af:a3:99:92:09:6c:db:43:9e:fe:1f:01:2b:ca:
ec:e6:4e:bc:5b:4b:8a:7b:df:2f:0b:cd:bb:91:10:50:19:b8:
5f:97:99:5b:d0:28:e3:9e:c9:24:b9:de:ae:81:2a:1e:79:53:
7c:b0:a1:45:ef:22:a3:14:f8:99:07:81:ff:51:f1:de:fa:42:
02:e5:55:aa:e5:f6:d8:38:4d:62:d9:b0:74:08:8c:ea:ae:58:
88:c8:88:5d:ab:41:21:63:8c:ae:4d:96:69:cc:16:c5:eb:51:
74:03:36:fb:85:5c:92:80:97:2c:24:ac:a0:50:7b:a9:c4:cb:
1b:d8:8b:dc:09:6f:53:71:9d:43:4b:13:b3:83:db:04:53:73:
11:1e:06:2d:b1:f8:57:e4:3c:63:a9:ed:b8:53:93:f2:49:6d:
9b:61:12:ae:20:c1:d5:80:85:9b:dc:bc:bf:eb:65:8a:6c:5d:
bd:2c:5e:49:c0:8e:7d:ae:f7:86:bd:70:70:f2:12:fe:bf:15:
77:3b:50:15:ec:84:d3:40:c0:7f:43:bb:44:bd:00:b0:7f:47:
40:c9:e8:1d:1a:4d:9c:aa:fa:02:a3:ce:55:aa:cf:f6:4b:2e:
1e:36:04:f0:e4:68:df:51:49:91:e5:2e:92:63:d6:4d:c2:ef:
73:dd:80:df
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYfaJJXeUlrx+AXmnJWrA0eRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTAyMDE0NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRkODE1YTI0NmE0ODQzYTg3NGM4MjIzMDM1YmE0MzNmMDVmNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnCWbusnlJZvfMRW+s4vni7gRUZD
MOjg1DAqZ8HID1EfNOVCn3wmBfM1Ce8ndgJYk8DR2pYt4IYisrDL6FDY4PBXQ7kE
gdORkpo6xPUrO/ppr8G6tp+tde0cEQeFnqNZqomOYRnIYEKQqi+NqWZQuFwVq4td
b5JZJv/9cuqPvPUu1niM7Mb6O9HOd2/ZeKk01arIMHitiuU6u4asV1v5x6grCASa
zx8CLjxBjO+12JwtvcXKMbRZi+r9FZAAFdG23G8EKAiI3lBhulVeXGBgKBJlG1zj
RMhBNqKXrNgJX0+wvTyz8yehvJERrRUg9Q1XWRywsc5PetFCp/rtOBTq8QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGHdgVokakhDqHTIIjA1ukM/BfZ1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWWQyQldpUnFTRU9vZE1naU1EVzZRejhGOW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzASBAIAATAMAwQCLZR0AwQA
wjJvMDEEAgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDMQAHQAwcE
KhDMQQEQMA0GCSqGSIb3DQEBCwUAA4IBAQBO25vYr6OZkgls20Oe/h8BK8rs5k68
W0uKe98vC827kRBQGbhfl5lb0Cjjnskkud6ugSoeeVN8sKFF7yKjFPiZB4H/UfHe
+kIC5VWq5fbYOE1i2bB0CIzqrliIyIhdq0EhY4yuTZZpzBbF61F0Azb7hVySgJcs
JKygUHupxMsb2IvcCW9TcZ1DSxOzg9sEU3MRHgYtsfhX5Dxjqe24U5PySW2bYRKu
IMHVgIWb3Ly/62WKbF29LF5JwI59rveGvXBw8hL+vxV3O1AV7ITTQMB/Q7tEvQCw
f0dAyegdGk2cqvoCo85Vqs/2Sy4eNgTw5GjfUUmR5S6SY9ZNwu9z3YDf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:00 2023 by rpki-client on console-ams.rpki-client.org