Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4YaA8uQOPI1PHl6GooKe1OsUqWg.roa
File: 4YaA8uQOPI1PHl6GooKe1OsUqWg.roa (raw, json)
Hash identifier: ZVML6vnTLDFA3h2vLHDMv1KqZKLwzK8XguaVf7E7tCU=
Subject key identifier: E1:86:80:F2:E4:0E:3C:8D:4F:1E:5E:86:A2:82:9E:D4:EB:14:A9:68
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018BAF410B518D5A74CC144695BDFDD5F5E2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4YaA8uQOPI1PHl6GooKe1OsUqWg.roa
Signing time: Wed 08 Nov 2023 14:05:57 +0000
ROA not before: Wed 08 Nov 2023 14:05:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 194.31.104.0/22 maxlen: 22
185.28.51.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
31.15.4.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
89.190.152.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
89.190.152.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
45.133.61.0/24 maxlen: 24
45.133.60.0/22 maxlen: 22
178.19.40.0/22 maxlen: 22
45.81.124.0/22 maxlen: 22
45.137.12.0/23 maxlen: 23
45.145.132.0/22 maxlen: 22
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
185.244.228.0/23 maxlen: 23
185.229.216.0/22 maxlen: 22
2.59.192.0/22 maxlen: 22
92.118.180.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
194.32.112.0/22 maxlen: 22
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
45.81.104.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:41:0b:51:8d:5a:74:cc:14:46:95:bd:fd:d5:f5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 8 14:05:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e18680f2e40e3c8d4f1e5e86a2829ed4eb14a968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1c:d7:a6:ad:76:d3:74:6e:fe:d3:cc:98:e1:
97:e3:93:31:65:50:e7:0e:e0:f4:6a:60:d7:c5:f2:
f6:e3:22:9b:6f:98:75:93:5d:e2:2e:fa:a1:25:0d:
a6:1a:32:32:91:ec:69:bb:57:04:1f:14:2a:43:0c:
47:9b:55:a3:bd:d6:1e:be:60:ff:fe:bf:f2:f2:cf:
1c:78:a0:5a:80:20:27:bd:23:0d:59:53:74:ea:18:
57:80:f3:de:d1:18:79:81:b5:c1:03:48:ed:83:27:
30:4a:30:0c:0d:35:01:62:b3:94:5e:67:27:15:07:
11:65:f8:e7:61:09:6d:09:6e:90:7e:70:6d:98:cf:
4f:56:42:34:7a:ba:6f:b7:bd:cd:1d:52:ad:bf:a1:
0e:9d:fb:be:31:a4:d0:17:b7:90:8e:4e:db:d0:e5:
57:36:40:ad:99:ce:13:36:3e:37:e9:56:00:ff:20:
21:1b:e4:13:6b:ad:23:6d:df:b0:58:03:f4:08:75:
2a:60:9b:8c:7c:40:39:dd:2a:10:7a:a3:52:31:ab:
0c:b3:72:80:da:3e:b7:36:8d:9d:0d:da:f5:42:da:
f9:a1:db:25:f3:b4:1f:d2:51:48:f7:a2:9f:fb:3e:
8e:b7:54:94:94:7c:59:ea:05:d7:86:88:3f:db:f6:
b6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:86:80:F2:E4:0E:3C:8D:4F:1E:5E:86:A2:82:9E:D4:EB:14:A9:68
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4YaA8uQOPI1PHl6GooKe1OsUqWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0/21
45.81.104.0/22
45.81.124.0/22
45.133.60.0/22
45.137.12.0/23
45.145.132.0/22
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/22
178.19.40.0/22
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
09:29:74:d9:2f:f9:ca:00:ee:b3:67:9d:f1:e2:d3:b4:0b:71:
c5:b5:68:6e:c7:f7:d0:28:30:bc:4c:f8:e4:f7:bc:d6:ad:53:
85:27:88:3f:df:72:a3:40:7a:50:df:64:30:40:03:c6:a6:b5:
62:00:9d:b0:5e:38:8f:75:d9:95:b7:d9:98:44:b2:c2:a8:60:
08:aa:f2:91:1f:50:68:8d:33:d9:3c:05:78:48:3f:3b:31:14:
34:24:27:94:2c:74:55:c6:30:d2:4c:7c:d3:10:b8:be:62:f2:
fa:e1:7d:9b:0c:09:fe:bd:4a:ff:ce:d5:9e:4b:4e:b6:3c:c2:
e4:22:69:68:8e:fa:7d:70:2a:42:04:23:3f:2e:66:63:18:d5:
70:b9:f5:3a:d2:da:ae:2c:8b:ad:e2:09:b1:b9:db:b8:64:cc:
f2:44:46:69:82:f6:b8:e4:74:33:fd:cb:f6:ef:79:1b:89:23:
f9:ef:43:04:d6:23:9e:eb:7d:4b:d7:9e:d9:b0:93:35:df:33:
ca:78:49:c5:82:21:53:88:6a:f6:b8:b8:12:77:f4:84:e2:3f:
ff:2e:c8:5b:e3:e3:31:0f:33:db:ce:6b:49:b1:db:18:d3:bc:
81:b2:a6:a8:77:66:d2:c5:d9:00:ac:00:8f:b4:91:2a:27:61:
b0:6e:c6:d9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuvQQtRjVp0zBRGlb391fXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTA4MTQwNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTg2ODBmMmU0MGUzYzhkNGYxZTVlODZhMjgyOWVkNGViMTRhOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxzXpq1203Ru/tPMmOGX45MxZVDn
DuD0amDXxfL24yKbb5h1k13iLvqhJQ2mGjIykexpu1cEHxQqQwxHm1WjvdYevmD/
/r/y8s8ceKBagCAnvSMNWVN06hhXgPPe0Rh5gbXBA0jtgycwSjAMDTUBYrOUXmcn
FQcRZfjnYQltCW6QfnBtmM9PVkI0erpvt73NHVKtv6EOnfu+MaTQF7eQjk7b0OVX
NkCtmc4TNj436VYA/yAhG+QTa60jbd+wWAP0CHUqYJuMfEA53SoQeqNSMasMs3KA
2j63No2dDdr1Qtr5odsl87Qf0lFI96Kf+z6Ot1SUlHxZ6gXXhog/2/a2IQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFOGGgPLkDjyNTx5ehqKCntTrFKloMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNFlhQTh1UU9QSTFQSGw2R29vS2UxT3NVcVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEACSl0
2S/5ygDus2ed8eLTtAtxxbVobsf30CgwvEz45Pe81q1ThSeIP99yo0B6UN9kMEAD
xqa1YgCdsF44j3XZlbfZmESywqhgCKrykR9QaI0z2TwFeEg/OzEUNCQnlCx0VcYw
0kx80xC4vmLy+uF9mwwJ/r1K/87VnktOtjzC5CJpaI76fXAqQgQjPy5mYxjVcLn1
OtLariyLreIJsbnbuGTM8kRGaYL2uOR0M/3L9u95G4kj+e9DBNYjnut9S9ee2bCT
Nd8zynhJxYIhU4hq9ri4Enf0hOI//y7IW+PjMQ8z285rSbHbGNO8gbKmqHdm0sXZ
AKwAj7SRKidhsG7G2Q==
-----END CERTIFICATE-----
Generated at Wed Nov 8 16:53:14 2023 by rpki-client on console-ams.rpki-client.org