Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rApwMehow8DY6M7tUdmcGRhdFMA.roa
File: rApwMehow8DY6M7tUdmcGRhdFMA.roa (raw, json)
Hash identifier: bgeN1i7usPDLFHBCxoafErNcUQvmfBPjliRgDl6pS6M=
Subject key identifier: AC:0A:70:31:E8:68:C3:C0:D8:E8:CE:ED:51:D9:9C:19:18:5D:14:C0
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018A4FF7CED8ED9C344CB00F265A993BEEF5
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rApwMehow8DY6M7tUdmcGRhdFMA.roa
Signing time: Fri 01 Sep 2023 08:59:14 +0000
ROA not before: Fri 01 Sep 2023 08:59:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 185.28.51.0/24 maxlen: 24
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
31.15.4.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
89.190.152.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
89.190.152.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
194.32.112.0/24 maxlen: 24
194.32.112.0/22 maxlen: 22
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4f:f7:ce:d8:ed:9c:34:4c:b0:0f:26:5a:99:3b:ee:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 1 08:59:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac0a7031e868c3c0d8e8ceed51d99c19185d14c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:2c:a0:a1:b7:0f:cf:0f:b3:06:50:a2:b5:
da:ea:fe:5b:21:21:3b:bd:43:c9:9b:aa:9a:ad:3d:
1f:89:ca:a0:d4:75:ef:f5:05:a2:d9:99:15:5a:28:
de:4d:5c:4a:36:a4:48:9d:62:b9:5a:5e:6f:c1:4c:
bc:06:7a:7c:7a:c9:bb:b8:34:38:6b:fb:d4:af:2e:
15:1a:37:78:a0:c1:96:f1:7b:c4:a4:52:44:b7:39:
45:50:fb:29:cc:45:e0:6f:47:81:6e:0d:38:0d:e7:
11:77:d3:ef:de:ec:e2:a3:8f:6e:73:cb:a7:db:74:
93:87:2b:dc:a3:ed:e0:b4:72:4b:15:2c:aa:a6:80:
ab:20:ee:d1:af:ce:1d:8c:87:15:e6:92:da:86:c6:
da:22:1a:ba:da:fd:ea:2f:37:1e:8d:37:01:f9:b7:
39:b6:4d:85:1a:d8:59:d9:76:25:c3:84:60:b0:88:
a9:8d:f2:ec:9f:9e:06:ad:0a:6d:2a:89:77:98:78:
6d:93:5e:0c:2f:f0:6f:bb:49:b6:a5:ab:b1:d0:18:
80:cd:5f:32:3c:26:b1:fb:86:2a:5e:62:f3:40:53:
88:7d:9c:6c:62:bf:d6:a3:18:78:ab:0d:ac:eb:51:
af:8d:a6:51:0d:2f:a8:85:51:75:8d:8e:ab:0a:05:
47:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0A:70:31:E8:68:C3:C0:D8:E8:CE:ED:51:D9:9C:19:18:5D:14:C0
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/rApwMehow8DY6M7tUdmcGRhdFMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.4.0/22
89.190.152.0/22
185.28.51.0/24
185.225.244.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
04:5c:93:14:20:7a:b3:18:cb:31:f1:2f:e3:d0:5b:15:85:3f:
ac:02:46:56:e2:7b:68:17:db:dd:a4:0b:e2:a7:e3:d3:3b:e2:
c6:f1:6b:0c:7d:43:18:d8:49:51:d6:64:bd:79:ff:24:55:35:
45:62:41:b4:16:1b:bc:a5:66:ee:b7:87:ff:87:6e:0e:dd:76:
bf:56:1d:8a:60:51:b0:11:3e:12:f7:4a:84:23:96:e8:b3:91:
4e:af:1c:06:ab:9f:fb:0d:b0:37:02:3c:8b:1d:8c:41:8b:29:
99:c3:01:51:88:a9:f1:d5:ed:e8:30:54:2a:f2:54:ed:7a:64:
98:6b:15:c1:51:ee:f2:9c:41:10:23:7c:9a:93:3e:49:6c:09:
f8:fe:41:8f:3c:52:c5:52:9e:1d:91:e5:f8:f7:71:bf:d2:ab:
cf:1e:a9:a2:14:05:f8:ba:ff:51:5b:92:98:03:f3:05:40:44:
8e:8b:f1:9b:24:16:68:fe:ae:1f:0d:76:62:45:41:ce:9e:07:
8e:d1:bd:c6:ee:2e:3b:91:f1:29:db:e5:3f:53:43:46:e2:1a:
c3:22:0d:cc:ab:33:50:47:cb:b0:5a:60:0b:96:bf:d0:da:22:
5d:c3:4f:3b:1c:5f:20:a3:de:3e:1f:9b:27:19:96:f0:e8:23:
96:9d:69:01
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYpP987Y7Zw0TLAPJlqZO+71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwOTAxMDg1OTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBhNzAzMWU4NjhjM2MwZDhlOGNlZWQ1MWQ5OWMxOTE4NWQxNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLQsoKG3D88PswZQorXa6v5bISE7
vUPJm6qarT0ficqg1HXv9QWi2ZkVWijeTVxKNqRInWK5Wl5vwUy8Bnp8esm7uDQ4
a/vUry4VGjd4oMGW8XvEpFJEtzlFUPspzEXgb0eBbg04DecRd9Pv3uzio49uc8un
23SThyvco+3gtHJLFSyqpoCrIO7Rr84djIcV5pLahsbaIhq62v3qLzcejTcB+bc5
tk2FGthZ2XYlw4RgsIipjfLsn54GrQptKol3mHhtk14ML/Bvu0m2paux0BiAzV8y
PCax+4YqXmLzQFOIfZxsYr/Woxh4qw2s61GvjaZRDS+ohVF1jY6rCgVH0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKwKcDHoaMPA2OjO7VHZnBkYXRTAMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvckFwd01laG93OERZNk03dFVkbWNHUmhkRk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCHw8EAwQC
Wb6YAwQAuRwzAwQCueH0AwQBuee6AwQCufTkAwQCufYMAwQCwiBwMA0GCSqGSIb3
DQEBCwUAA4IBAQAEXJMUIHqzGMsx8S/j0FsVhT+sAkZW4ntoF9vdpAvip+PTO+LG
8WsMfUMY2ElR1mS9ef8kVTVFYkG0Fhu8pWbut4f/h24O3Xa/Vh2KYFGwET4S90qE
I5bos5FOrxwGq5/7DbA3AjyLHYxBiymZwwFRiKnx1e3oMFQq8lTtemSYaxXBUe7y
nEEQI3yakz5JbAn4/kGPPFLFUp4dkeX493G/0qvPHqmiFAX4uv9RW5KYA/MFQESO
i/GbJBZo/q4fDXZiRUHOngeO0b3G7i47kfEp2+U/U0NG4hrDIg3MqzNQR8uwWmAL
lr/Q2iJdw087HF8go94+H5snGZbw6COWnWkB
-----END CERTIFICATE-----
Generated at Wed Nov 1 21:11:17 2023 by rpki-client on console-ams.rpki-client.org