Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/higMS0Vc0cD-PvyI75SmptzkEyI.roa
File: higMS0Vc0cD-PvyI75SmptzkEyI.roa (raw, json)
Hash identifier: ivEGavZKDUZX3BmS0u8vz+hhrLmHNJ7F5kGOApqPEjM=
Subject key identifier: 86:28:0C:4B:45:5C:D1:C0:FE:3E:FC:88:EF:94:A6:A6:DC:E4:13:22
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018BAFE5D5AC005AB05770937A2D31500AED
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/higMS0Vc0cD-PvyI75SmptzkEyI.roa
Signing time: Wed 08 Nov 2023 17:05:57 +0000
ROA not before: Wed 08 Nov 2023 17:05:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
89.190.152.0/24 maxlen: 24
89.190.152.0/22 maxlen: 22
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
45.133.63.0/24 maxlen: 24
45.133.62.0/24 maxlen: 24
45.133.61.0/24 maxlen: 24
45.133.60.0/24 maxlen: 24
45.133.60.0/22 maxlen: 22
178.19.40.0/22 maxlen: 22
178.19.43.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
178.19.41.0/24 maxlen: 24
178.19.40.0/24 maxlen: 24
45.137.12.0/23 maxlen: 23
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
185.244.228.0/23 maxlen: 23
2.59.192.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
194.32.112.0/22 maxlen: 22
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
194.31.104.0/22 maxlen: 22
185.28.51.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
31.15.4.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
185.225.244.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
45.81.124.0/22 maxlen: 22
45.145.132.0/22 maxlen: 22
185.229.216.0/22 maxlen: 22
92.118.180.0/22 maxlen: 22
45.81.104.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:e5:d5:ac:00:5a:b0:57:70:93:7a:2d:31:50:0a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 8 17:05:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86280c4b455cd1c0fe3efc88ef94a6a6dce41322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f3:c7:f3:df:8d:27:9a:ee:b0:83:08:d5:3b:
d2:46:8f:f7:e3:7a:9b:67:95:31:26:ff:46:30:d0:
3e:de:e5:40:c1:a9:eb:a8:27:cf:9c:f8:7a:a2:e6:
13:1c:be:47:1d:95:98:b3:e9:be:64:5c:7b:c6:9e:
b0:0f:7e:36:7e:9c:cd:fa:73:1f:3f:97:7f:cc:ca:
01:e7:08:ae:b7:87:5f:ad:bf:da:6f:8c:14:24:01:
46:7f:a6:0a:93:03:c6:2e:3a:8c:13:1f:81:4e:a8:
72:cd:25:5d:c6:2b:c3:87:23:f4:c0:60:80:32:6e:
1b:85:95:cf:0b:a0:0e:7e:5e:71:9f:f5:e9:65:7b:
8e:c5:0a:ab:ef:b5:4e:97:c6:85:38:60:97:fb:3e:
5c:ce:f5:66:42:bd:25:98:c9:d0:6e:42:37:95:d8:
9e:e6:8b:90:3d:7a:7a:7f:22:12:8c:6b:97:84:ba:
c2:4d:1e:c8:0e:61:33:c5:2a:43:fd:13:b7:e7:b5:
37:3f:b7:39:50:1e:49:73:de:6e:cf:f1:62:8f:f9:
b4:14:3e:d1:34:f4:dc:f3:88:c2:6c:72:06:31:13:
fc:7e:9e:85:fe:1f:27:46:42:cd:03:70:95:29:07:
04:f0:87:4e:0b:0c:f7:a9:bc:c5:07:57:bd:1e:ff:
b4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:28:0C:4B:45:5C:D1:C0:FE:3E:FC:88:EF:94:A6:A6:DC:E4:13:22
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/higMS0Vc0cD-PvyI75SmptzkEyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0/21
45.81.104.0/22
45.81.124.0/22
45.133.60.0/22
45.137.12.0/23
45.145.132.0/22
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/22
178.19.40.0/22
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:75:01:fc:1a:53:dd:ff:b1:5d:57:04:8c:25:56:8c:e5:a6:
42:d0:73:26:4b:c5:28:75:8a:2b:7e:48:f9:d1:57:a5:40:10:
62:42:ed:c6:5b:fa:4e:73:1e:f9:b1:48:01:f2:22:a2:fe:52:
51:e7:e9:42:d8:d9:c4:0d:c6:e1:b8:1b:d1:aa:bc:ac:02:f9:
b9:9a:09:c7:0e:0a:18:f8:e0:45:91:52:45:80:64:27:0d:75:
70:1f:14:94:1a:90:26:25:33:81:ba:66:5d:78:68:51:0a:ed:
af:2d:6c:d4:9c:56:ee:5c:db:06:86:ab:9b:af:27:87:57:80:
ab:8d:b5:34:4b:05:f5:da:8d:32:79:c9:55:6b:f7:69:19:35:
20:d1:b0:1c:c2:a5:93:a6:c2:fa:aa:39:d3:69:cd:8a:54:88:
00:57:b0:8f:22:42:a0:26:0c:af:6d:83:1f:54:2b:e9:18:ca:
31:3a:9b:35:9c:8c:7e:e6:64:45:8b:6b:e4:d4:70:00:6e:62:
ee:06:20:58:42:2d:fa:1c:1e:f1:02:37:05:ac:d5:8b:86:51:
d2:6e:69:45:49:92:eb:f0:32:46:02:9b:1d:7e:96:23:02:8c:
1e:51:aa:3a:d4:0b:9e:26:cd:f4:90:08:3e:6a:d2:ff:d3:bb:
8d:61:17:d6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuv5dWsAFqwV3CTei0xUArtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTA4MTcwNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI4MGM0YjQ1NWNkMWMwZmUzZWZjODhlZjk0YTZhNmRjZTQxMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPPH89+NJ5rusIMI1TvSRo/343qb
Z5UxJv9GMNA+3uVAwanrqCfPnPh6ouYTHL5HHZWYs+m+ZFx7xp6wD342fpzN+nMf
P5d/zMoB5wiut4dfrb/ab4wUJAFGf6YKkwPGLjqMEx+BTqhyzSVdxivDhyP0wGCA
Mm4bhZXPC6AOfl5xn/XpZXuOxQqr77VOl8aFOGCX+z5czvVmQr0lmMnQbkI3ldie
5ouQPXp6fyISjGuXhLrCTR7IDmEzxSpD/RO357U3P7c5UB5Jc95uz/Fij/m0FD7R
NPTc84jCbHIGMRP8fp6F/h8nRkLNA3CVKQcE8IdOCwz3qbzFB1e9Hv+0SwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFIYoDEtFXNHA/j78iO+Upqbc5BMiMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvaGlnTVMwVmMwY0QtUHZ5STc1U21wdHprRXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEArnUB
/BpT3f+xXVcEjCVWjOWmQtBzJkvFKHWKK35I+dFXpUAQYkLtxlv6TnMe+bFIAfIi
ov5SUefpQtjZxA3G4bgb0aq8rAL5uZoJxw4KGPjgRZFSRYBkJw11cB8UlBqQJiUz
gbpmXXhoUQrtry1s1JxW7lzbBoarm68nh1eAq421NEsF9dqNMnnJVWv3aRk1INGw
HMKlk6bC+qo502nNilSIAFewjyJCoCYMr22DH1Qr6RjKMTqbNZyMfuZkRYtr5NRw
AG5i7gYgWEIt+hwe8QI3BazVi4ZR0m5pRUmS6/AyRgKbHX6WIwKMHlGqOtQLnibN
9JAIPmrS/9O7jWEX1g==
-----END CERTIFICATE-----
Generated at Wed Nov 8 18:38:19 2023 by rpki-client on console-ams.rpki-client.org