Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xcuW__pZXE_estMgNeNy0QUdye4.roa
File: xcuW__pZXE_estMgNeNy0QUdye4.roa (raw, json)
Hash identifier: u6VK2wjqYQ1Pb/RRoIX4V6JxrCJpUV/o+YKaakjYEfY=
Subject key identifier: C5:CB:96:FF:FA:59:5C:4F:DE:B2:D3:20:35:E3:72:D1:05:1D:C9:EE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CABD7D8644DABC0D5CF02064A804B5D98
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xcuW__pZXE_estMgNeNy0QUdye4.roa
Signing time: Wed 27 Dec 2023 15:14:58 +0000
ROA not before: Wed 27 Dec 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.148.116.0/22 maxlen: 24
185.238.188.0/22 maxlen: 24
2a0e:b107:1870::/48 maxlen: 48
2a0c:3b87:ff00::/40 maxlen: 48
2a0e:b107:9f4::/48 maxlen: 48
2a0c:3b87:ffff::/48 maxlen: 48
2a0e:97c0:791::/48 maxlen: 48
2a10:ccc0:110::/44 maxlen: 48
2a06:de01:d0::/44 maxlen: 48
2a0e:b107:1b9e::/48 maxlen: 48
2a10:ccc3:ccce::/48 maxlen: 48
2a0e:97c4:ac00::/38 maxlen: 48
2a0e:97c0:792::/48 maxlen: 48
2a0e:97c0:750::/48 maxlen: 48
2a0e:b107:df2::/48 maxlen: 48
2a10:ccc7:9000::/38 maxlen: 48
2a06:de01:400::/38 maxlen: 48
2a0e:b107:9f6::/48 maxlen: 48
2a0e:b107:278b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:d7:d8:64:4d:ab:c0:d5:cf:02:06:4a:80:4b:5d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 27 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5cb96fffa595c4fdeb2d32035e372d1051dc9ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:49:e4:07:43:c0:ff:f1:f2:37:21:67:1e:14:
4c:22:92:37:18:be:5c:f0:25:70:81:84:70:c4:dc:
a2:0d:c4:e6:42:8b:ed:8f:47:a3:db:fa:c8:ba:4e:
60:99:75:8a:a3:bd:14:b3:f4:c6:06:b3:23:59:64:
c2:43:d0:47:c9:b0:c9:2d:ed:a1:c8:d4:df:b7:7a:
9d:28:70:92:88:c4:78:95:27:70:e1:89:b6:a2:e2:
f3:a6:f4:f1:f7:e5:d1:df:8c:ea:bf:f0:2b:74:ab:
b4:61:fe:53:38:6d:a6:77:4c:8c:5b:7d:b5:02:c5:
6a:63:f5:ad:4c:b0:23:2d:fd:0f:b9:ec:c8:98:9a:
ba:0d:0f:cd:9c:61:e6:a6:a9:9b:83:aa:8a:e5:71:
4e:0f:46:1b:fe:bc:52:e1:02:87:ee:80:0b:c4:03:
9b:70:11:ef:79:0c:79:2d:dd:81:cd:dd:4e:29:86:
5b:a4:4d:20:9e:65:d6:73:cc:3d:0e:fd:5d:d9:8c:
27:91:ab:c1:92:53:d5:15:6f:8e:02:75:8c:f2:06:
b6:b2:65:e5:cd:95:21:0a:19:f5:1f:17:83:6e:0e:
ca:e5:28:83:f3:3b:31:b5:46:ca:73:e1:fe:9d:d7:
b6:ec:71:b1:c1:43:b9:d2:89:15:0a:f8:7f:de:21:
b0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CB:96:FF:FA:59:5C:4F:DE:B2:D3:20:35:E3:72:D1:05:1D:C9:EE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/xcuW__pZXE_estMgNeNy0QUdye4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.116.0/22
185.238.188.0/22
IPv6:
2a06:de01:d0::/44
2a06:de01:400::/38
2a0c:3b87:ff00::/40
2a0e:97c0:750::/48
2a0e:97c0:791::-2a0e:97c0:792:ffff:ffff:ffff:ffff:ffff
2a0e:97c4:ac00::/38
2a0e:b107:9f4::/48
2a0e:b107:9f6::/48
2a0e:b107:df2::/48
2a0e:b107:1870::/48
2a0e:b107:1b9e::/48
2a0e:b107:278b::/48
2a10:ccc0:110::/44
2a10:ccc3:ccce::/48
2a10:ccc7:9000::/38
Signature Algorithm: sha256WithRSAEncryption
97:d4:53:f3:21:b5:3e:98:99:df:de:96:f5:7d:5d:d0:fe:37:
71:b8:b5:31:14:e5:47:d1:e4:58:f3:7d:ca:3a:e4:54:c0:d2:
a6:15:38:46:fb:ab:4b:84:ce:36:22:38:5d:56:07:a4:25:63:
56:71:bf:c9:f7:5f:0a:7c:9c:16:ee:66:26:82:9f:72:6f:ee:
e4:12:94:36:69:51:22:0b:45:1d:56:de:6e:91:3d:d9:cc:68:
61:e4:68:3a:fb:36:00:01:b4:a7:1f:e4:35:fa:3e:be:bb:eb:
0d:7a:39:91:13:c5:ed:83:e6:d3:d3:5f:ad:a1:a7:67:3f:cb:
02:3e:f4:ea:bf:2e:e6:8d:53:45:55:a8:05:aa:dc:c1:33:a4:
b1:08:9f:70:c8:30:74:2d:ad:97:07:9a:0b:91:27:47:20:3f:
53:06:b0:ed:77:cc:a6:70:4e:f5:27:32:b6:23:ea:fd:e7:0c:
91:4c:e9:5d:ad:42:23:2d:1b:df:57:05:54:0e:7f:dd:61:a7:
cb:f8:7a:e0:23:1f:58:3c:75:1b:46:ae:0c:cd:f5:3f:f1:ae:
b4:7f:8e:cb:32:4d:31:ea:3a:1c:21:ac:71:7b:35:ae:a2:9b:
5b:b2:c3:89:09:38:89:df:49:30:69:98:a1:f7:46:7d:e9:81:
d6:cc:9d:bd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYyr19hkTavA1c8CBkqAS12YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI3MTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNiOTZmZmZhNTk1YzRmZGViMmQzMjAzNWUzNzJkMTA1MWRjOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UnkB0PA//HyNyFnHhRMIpI3GL5c
8CVwgYRwxNyiDcTmQovtj0ej2/rIuk5gmXWKo70Us/TGBrMjWWTCQ9BHybDJLe2h
yNTft3qdKHCSiMR4lSdw4Ym2ouLzpvTx9+XR34zqv/ArdKu0Yf5TOG2md0yMW321
AsVqY/WtTLAjLf0PuezImJq6DQ/NnGHmpqmbg6qK5XFOD0Yb/rxS4QKH7oALxAOb
cBHveQx5Ld2Bzd1OKYZbpE0gnmXWc8w9Dv1d2YwnkavBklPVFW+OAnWM8ga2smXl
zZUhChn1HxeDbg7K5SiD8zsxtUbKc+H+nde27HGxwUO50okVCvh/3iGw5wIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFMXLlv/6WVxP3rLTIDXjctEFHcnuMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveGN1V19fcFpYRV9lc3RNZ05lTnkwUVVkeWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDASBAIAATAMAwQCLZR0
AwQCue68MIGVBAIAAjCBjgMHBCoG3gEA0AMGAioG3gEEAwYAKgw7h/8DBwAqDpfA
B1AwEgMHACoOl8AHkQMHACoOl8AHkgMGAioOl8SsAwcAKg6xBwn0AwcAKg6xBwn2
AwcAKg6xBw3yAwcAKg6xBxhwAwcAKg6xBxueAwcAKg6xByeLAwcEKhDMwAEQAwcA
KhDMw8zOAwYCKhDMx5AwDQYJKoZIhvcNAQELBQADggEBAJfUU/MhtT6Ymd/elvV9
XdD+N3G4tTEU5UfR5Fjzfco65FTA0qYVOEb7q0uEzjYiOF1WB6QlY1Zxv8n3Xwp8
nBbuZiaCn3Jv7uQSlDZpUSILRR1W3m6RPdnMaGHkaDr7NgABtKcf5DX6Pr676w16
OZETxe2D5tPTX62hp2c/ywI+9Oq/LuaNU0VVqAWq3MEzpLEIn3DIMHQtrZcHmguR
J0cgP1MGsO13zKZwTvUnMrYj6v3nDJFM6V2tQiMtG99XBVQOf91hp8v4euAjH1g8
dRtGrgzN9T/xrrR/jssyTTHqOhwhrHF7Na6im1uyw4kJOInfSTBpmKH3Rn3pgdbM
nb0=
-----END CERTIFICATE-----
Generated at Thu Dec 28 02:44:27 2023 by rpki-client on console-fra.rpki-client.org