Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/AZvDBUroIq-w15csrZy29VsVlKY.roa
File: AZvDBUroIq-w15csrZy29VsVlKY.roa (raw, json)
Hash identifier: 6NBAfYG7yHHwrALbzL87XXUvAtAU4GjYXHLyTRQQ9Ek=
Subject key identifier: 01:9B:C3:05:4A:E8:22:AF:B0:D7:97:2C:AD:9C:B6:F5:5B:15:94:A6
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018AEF5D8BF503C297AD57C1A190EAE3F559
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/AZvDBUroIq-w15csrZy29VsVlKY.roa
Signing time: Mon 02 Oct 2023 07:49:59 +0000
ROA not before: Mon 02 Oct 2023 07:49:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 89.44.240.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
188.212.96.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:5d:8b:f5:03:c2:97:ad:57:c1:a1:90:ea:e3:f5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 2 07:49:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=019bc3054ae822afb0d7972cad9cb6f55b1594a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:fd:74:c2:7c:e8:4b:6c:59:70:fa:a2:da:
d4:a5:21:7b:f0:6d:8b:a3:ab:f8:0a:74:87:a5:49:
a8:de:45:52:94:9f:64:79:1c:ad:73:5e:7a:8d:bd:
e9:24:f3:a9:af:48:87:4c:62:07:6e:75:0f:c1:a7:
2b:fc:b0:53:57:8f:e4:6c:ca:a5:6b:d4:0c:c2:2e:
43:be:df:a1:17:61:ec:5e:45:f3:be:d3:be:1d:f1:
c7:2d:bc:92:29:5f:4d:22:f9:4f:b7:af:cc:9f:d3:
a7:39:5f:97:f7:3d:ea:c1:30:7c:0a:e1:bb:89:15:
15:70:13:96:94:5e:1f:dd:48:fa:2a:11:cf:81:56:
10:51:ec:b2:3c:bf:27:70:10:c1:17:83:18:c9:fa:
7a:93:9a:9b:25:5b:06:e7:27:a9:71:d8:59:e1:89:
e0:d3:9a:f1:9a:ba:7d:96:0d:90:e0:38:b1:ee:cc:
20:d2:9d:ea:ab:13:77:c3:bc:26:3e:ba:51:54:d5:
e2:69:be:87:ed:fc:2a:68:67:b6:33:30:51:b9:e7:
cb:c8:18:dd:ce:9a:5a:35:4f:4a:eb:97:66:91:73:
d0:0a:bb:b7:07:a0:e6:71:0d:3a:1c:d7:46:34:8e:
90:04:86:00:e4:f8:81:99:34:37:fa:31:d3:f6:b5:
3f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9B:C3:05:4A:E8:22:AF:B0:D7:97:2C:AD:9C:B6:F5:5B:15:94:A6
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/AZvDBUroIq-w15csrZy29VsVlKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/24
89.42.44.0/22
89.44.240.0/24
185.3.200.0/24
188.212.96.0/24
Signature Algorithm: sha256WithRSAEncryption
30:00:75:ea:9d:08:f2:01:f5:32:69:cc:e6:13:d1:0c:4d:a6:
d8:35:c0:3a:ab:f4:c6:60:17:4d:aa:13:20:ce:3e:81:4d:4e:
bf:b3:c2:08:f4:f8:76:2b:41:04:db:67:11:ef:f9:c8:4e:05:
d9:a6:5b:46:ee:72:f5:51:fa:6e:ec:f5:c3:15:87:d6:b8:3b:
53:f6:ae:11:80:d9:9c:e9:0a:46:c9:69:5c:44:41:2b:d3:e8:
4c:3f:c2:30:db:c2:c9:36:17:2d:82:52:16:fc:5b:16:70:cc:
b0:eb:d8:87:4a:0e:02:45:9c:cc:12:53:76:ef:b3:36:39:09:
dc:6f:15:1f:fc:69:a1:3e:97:86:30:e9:8b:7c:78:96:8f:55:
28:f1:15:6e:c5:f8:7e:17:83:59:6c:86:35:7d:aa:83:0c:aa:
c4:2d:c1:bb:a7:22:d7:1b:82:26:d6:65:b0:eb:a7:38:ea:67:
92:60:14:c4:c7:76:36:09:5e:5d:16:fe:13:c5:55:44:fe:16:
74:94:3a:f8:6a:4d:89:4c:d5:c1:72:35:24:e7:e5:23:52:f1:
27:a1:8d:52:89:61:1e:85:4a:2c:9c:04:62:dc:35:ad:70:6d:
55:6c:67:9f:b0:49:11:9c:87:47:08:67:fd:20:27:df:03:b9:
ea:77:87:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrvXYv1A8KXrVfBoZDq4/VZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMDAyMDc0OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTliYzMwNTRhZTgyMmFmYjBkNzk3MmNhZDljYjZmNTViMTU5NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt39dMJ86EtsWXD6otrUpSF78G2L
o6v4CnSHpUmo3kVSlJ9keRytc156jb3pJPOpr0iHTGIHbnUPwacr/LBTV4/kbMql
a9QMwi5Dvt+hF2HsXkXzvtO+HfHHLbySKV9NIvlPt6/Mn9OnOV+X9z3qwTB8CuG7
iRUVcBOWlF4f3Uj6KhHPgVYQUeyyPL8ncBDBF4MYyfp6k5qbJVsG5yepcdhZ4Yng
05rxmrp9lg2Q4Dix7swg0p3qqxN3w7wmPrpRVNXiab6H7fwqaGe2MzBRuefLyBjd
zppaNU9K65dmkXPQCru3B6DmcQ06HNdGNI6QBIYA5PiBmTQ3+jHT9rU/iQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAGbwwVK6CKvsNeXLK2ctvVbFZSmMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvQVp2REJVcm9JcS13MTVjc3JaeTI5VnNWbEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV7WAwQC
WSosAwQAWSzwAwQAuQPIAwQAvNRgMA0GCSqGSIb3DQEBCwUAA4IBAQAwAHXqnQjy
AfUyaczmE9EMTabYNcA6q/TGYBdNqhMgzj6BTU6/s8II9Ph2K0EE22cR7/nITgXZ
pltG7nL1Ufpu7PXDFYfWuDtT9q4RgNmc6QpGyWlcREEr0+hMP8Iw28LJNhctglIW
/FsWcMyw69iHSg4CRZzMElN277M2OQncbxUf/GmhPpeGMOmLfHiWj1Uo8RVuxfh+
F4NZbIY1faqDDKrELcG7pyLXG4Im1mWw66c46meSYBTEx3Y2CV5dFv4TxVVE/hZ0
lDr4ak2JTNXBcjUk5+UjUvEnoY1SiWEehUosnARi3DWtcG1VbGefsEkRnIdHCGf9
ICffA7nqd4eX
-----END CERTIFICATE-----
Generated at Mon Oct 2 09:40:08 2023 by rpki-client on console-ams.rpki-client.org