Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gdU678vs4grDXM9BNB1scNssYDw.roa
File: gdU678vs4grDXM9BNB1scNssYDw.roa (raw, json)
Hash identifier: voWIkRG6XeyJ3iGyefsXNX+3Q4Jbr2B6322lctjcunc=
Subject key identifier: 81:D5:3A:EF:CB:EC:E2:0A:C3:5C:CF:41:34:1D:6C:70:DB:2C:60:3C
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018B8CA0479623C61AE62FA32078FE746BA0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gdU678vs4grDXM9BNB1scNssYDw.roa
Signing time: Wed 01 Nov 2023 20:43:16 +0000
ROA not before: Wed 01 Nov 2023 20:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.28.51.0/24 maxlen: 24
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
31.15.4.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
89.190.152.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
89.190.152.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
178.19.40.0/22 maxlen: 22
45.137.12.0/23 maxlen: 23
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
185.244.228.0/23 maxlen: 23
185.229.216.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
194.32.112.0/22 maxlen: 22
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:a0:47:96:23:c6:1a:e6:2f:a3:20:78:fe:74:6b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 1 20:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=81d53aefcbece20ac35ccf41341d6c70db2c603c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:2c:ae:6c:d8:e2:20:a1:41:3b:39:bb:d7:
94:0f:73:26:5f:e5:28:54:4d:1a:1c:70:1e:05:98:
b0:20:a3:39:3c:b3:22:63:e9:ed:60:fb:a8:a9:d6:
a7:bc:db:09:8f:36:cd:ce:85:72:43:6b:82:54:66:
cb:dd:9f:27:92:5f:14:87:ec:49:c3:44:91:87:e6:
18:7b:df:f7:f0:98:ba:d4:c0:61:75:8d:26:8c:bc:
55:e2:69:19:b5:de:52:5f:db:11:18:3e:67:00:64:
5f:77:e1:c7:e7:f8:c2:bf:0f:be:60:8f:4d:e3:4e:
7f:8f:17:93:8e:4b:73:ec:c4:bd:f3:68:d7:07:30:
e0:26:60:4c:bc:83:73:00:6a:9c:66:29:5c:48:31:
0f:82:49:8d:5a:fe:03:d6:77:2f:e7:d4:83:9a:1d:
27:40:1c:9c:59:da:ce:38:18:91:91:6f:2e:18:16:
04:18:ba:c4:b2:0e:10:48:3f:a6:e1:53:f6:8b:7c:
14:e5:49:07:45:0e:f7:49:08:05:20:ee:eb:f3:dd:
07:64:3b:ff:87:a3:a7:e4:47:42:9d:8d:00:50:24:
97:e4:40:21:c0:24:b4:79:e1:ad:d1:f4:34:5c:f9:
fc:3c:b5:cd:5f:2e:fd:1b:7f:7c:aa:db:28:34:d6:
e4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D5:3A:EF:CB:EC:E2:0A:C3:5C:CF:41:34:1D:6C:70:DB:2C:60:3C
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gdU678vs4grDXM9BNB1scNssYDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.4.0/22
45.137.12.0/23
89.190.152.0/22
178.19.40.0/22
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:28:31:18:3a:cd:eb:d6:8f:81:ae:3f:39:9b:76:5e:db:d4:
c5:a8:5d:ff:ac:c2:83:84:5c:e9:4f:f1:b6:43:7c:55:17:3c:
fb:54:e1:0f:df:21:93:9b:1f:30:13:b9:41:5b:13:ba:a6:7e:
c6:ed:82:d1:8f:0f:de:ce:7d:2f:7d:5f:32:35:96:be:16:e4:
82:19:84:f8:40:f9:5d:eb:2a:58:9a:ba:01:9b:80:90:3d:84:
f9:0a:c7:3f:31:11:04:99:f8:8d:2f:fb:a0:45:bc:2e:67:73:
a5:49:cd:03:d9:37:84:f0:c8:5d:08:82:5b:61:ab:fc:66:d1:
64:9a:5a:df:15:c0:b0:69:e7:c9:d6:5a:7d:32:66:2d:39:1c:
55:a1:5e:09:0f:96:94:80:9c:91:99:ee:3d:c5:68:e0:a4:0c:
4b:a8:c1:30:00:55:cd:96:f2:10:ce:4f:e8:b3:92:8b:d0:2b:
41:97:1a:f1:61:3d:f5:aa:ba:39:bd:fe:9d:1f:b4:78:85:5d:
4f:66:81:19:3f:84:03:86:a1:18:18:76:09:00:51:18:06:39:
40:cf:7a:a4:30:d6:01:e2:7f:bb:98:b5:ec:da:53:7f:4a:58:
48:3d:1c:1a:b5:06:48:a8:9c:92:33:26:cb:bc:fe:82:57:b0:
12:19:f4:53
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYuMoEeWI8Ya5i+jIHj+dGugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTAxMjA0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQ1M2FlZmNiZWNlMjBhYzM1Y2NmNDEzNDFkNmM3MGRiMmM2MDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGQsrmzY4iChQTs5u9eUD3MmX+Uo
VE0aHHAeBZiwIKM5PLMiY+ntYPuoqdanvNsJjzbNzoVyQ2uCVGbL3Z8nkl8Uh+xJ
w0SRh+YYe9/38Ji61MBhdY0mjLxV4mkZtd5SX9sRGD5nAGRfd+HH5/jCvw++YI9N
405/jxeTjktz7MS982jXBzDgJmBMvINzAGqcZilcSDEPgkmNWv4D1ncv59SDmh0n
QBycWdrOOBiRkW8uGBYEGLrEsg4QSD+m4VP2i3wU5UkHRQ73SQgFIO7r890HZDv/
h6On5EdCnY0AUCSX5EAhwCS0eeGt0fQ0XPn8PLXNXy79G398qtsoNNbkBQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIHVOu/L7OIKw1zPQTQdbHDbLGA8MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZ2RVNjc4dnM0Z3JEWE05Qk5CMXNjTnNzWUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCHw8EAwQB
LYkMAwQCWb6YAwQCshMoAwQAuRwzAwQCueH0AwQCueXYAwQBuee6AwQCufTkAwQC
ufYMAwQCwiBwMA0GCSqGSIb3DQEBCwUAA4IBAQCtKDEYOs3r1o+Brj85m3Ze29TF
qF3/rMKDhFzpT/G2Q3xVFzz7VOEP3yGTmx8wE7lBWxO6pn7G7YLRjw/ezn0vfV8y
NZa+FuSCGYT4QPld6ypYmroBm4CQPYT5Csc/MREEmfiNL/ugRbwuZ3OlSc0D2TeE
8MhdCIJbYav8ZtFkmlrfFcCwaefJ1lp9MmYtORxVoV4JD5aUgJyRme49xWjgpAxL
qMEwAFXNlvIQzk/os5KL0CtBlxrxYT31qro5vf6dH7R4hV1PZoEZP4QDhqEYGHYJ
AFEYBjlAz3qkMNYB4n+7mLXs2lN/SlhIPRwatQZIqJySMybLvP6CV7ASGfRT
-----END CERTIFICATE-----
Generated at Wed Nov 8 11:30:08 2023 by rpki-client on console-fra.rpki-client.org