Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/IVCjoX81YwYD1oZmzRITVmiXaQ0.roa
File: IVCjoX81YwYD1oZmzRITVmiXaQ0.roa (raw, json)
Hash identifier: UXmo0AltunzwAlOf64L1Z5HecBclfVG8DFT5AVD6IZk=
Subject key identifier: 21:50:A3:A1:7F:35:63:06:03:D6:86:66:CD:12:13:56:68:97:69:0D
Certificate issuer: /CN=4b25df8620374243e3c5eab25550af24e0eff48c
Certificate serial: 01856C13799EED477AE03905E3133757E2DF
Authority key identifier: 4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/IVCjoX81YwYD1oZmzRITVmiXaQ0.roa
Signing time: Sun 01 Jan 2023 06:44:53 +0000
ROA not before: Sun 01 Jan 2023 06:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49284
IP address blocks: 46.29.104.0/21 maxlen: 21
185.208.232.0/23 maxlen: 23
185.208.232.0/22 maxlen: 22
185.208.233.0/24 maxlen: 24
185.208.234.0/24 maxlen: 24
185.208.234.0/23 maxlen: 23
185.208.235.0/24 maxlen: 24
188.92.184.0/21 maxlen: 21
37.209.200.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:79:9e:ed:47:7a:e0:39:05:e3:13:37:57:e2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b25df8620374243e3c5eab25550af24e0eff48c
Validity
Not Before: Jan 1 06:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2150a3a17f35630603d68666cd1213566897690d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:68:17:57:86:13:5e:3f:38:3b:58:00:db:
56:24:be:d5:a2:a6:00:2e:30:52:e5:c9:47:8b:6b:
f1:89:e5:d2:4d:fd:23:33:ff:77:5a:a3:37:63:41:
aa:a5:26:6f:24:0d:a9:0e:7b:e6:2d:f9:13:7a:5a:
bc:80:d8:d5:95:b3:0d:f6:97:57:d5:26:af:ac:d1:
7e:e0:4a:e1:d9:1f:cb:10:c9:a2:2e:01:f3:34:67:
6f:eb:20:d7:7e:2d:98:9e:6c:f6:14:2c:88:0b:df:
07:6f:b9:e7:45:86:af:70:7d:2b:21:89:f4:07:43:
e3:81:34:37:b6:ba:46:b5:28:45:3b:87:99:95:c7:
12:24:fc:88:59:a5:4c:c7:9a:bc:ee:d7:c9:71:fc:
c1:09:06:c5:bc:10:db:25:ba:50:72:8b:9d:1c:a4:
06:6d:62:a3:a0:cf:e9:5b:82:46:d6:52:4f:67:b9:
b3:a8:fa:60:d0:22:74:92:1f:05:60:c6:2a:c4:34:
ce:2c:55:f5:47:7c:2f:f8:63:b4:38:cb:95:6c:d0:
7c:6c:ee:77:44:4b:78:e9:e6:9f:28:9f:6d:36:a6:
3e:72:89:9e:ff:cf:76:f3:ac:8e:ca:bc:33:7f:af:
55:db:0d:c8:a5:fa:4c:d4:21:74:a3:78:f6:36:1c:
bb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:50:A3:A1:7F:35:63:06:03:D6:86:66:CD:12:13:56:68:97:69:0D
X509v3 Authority Key Identifier:
keyid:4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/IVCjoX81YwYD1oZmzRITVmiXaQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.200.0/21
46.29.104.0/21
185.208.232.0/22
188.92.184.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:b0:e4:94:17:51:59:a7:40:11:1f:43:48:30:9b:7b:6c:fb:
57:c2:1b:8d:91:01:7c:df:a0:7d:cc:c5:fa:c8:b1:21:74:11:
2a:b6:a6:c1:13:50:74:5f:df:0a:b8:40:b0:31:0a:fc:5a:8a:
1c:6f:45:76:d8:58:ce:4c:a3:3c:44:79:38:c1:92:e4:e8:0e:
7f:4b:0e:f9:1c:7a:81:54:33:11:d6:1c:ac:e9:ac:4e:25:a5:
28:1d:b6:73:2d:f5:8b:18:0c:af:61:e0:15:16:b6:5b:bb:f0:
6d:c7:aa:b4:8c:de:2a:a7:65:02:5c:84:a5:84:bb:22:d1:66:
09:b5:56:52:46:91:51:3d:65:38:08:c8:b3:4e:92:c3:5e:5b:
05:73:b4:64:b1:bb:48:1f:ba:a4:c8:d5:be:a8:f7:1e:99:99:
e7:a7:d0:5e:6a:2e:64:d7:32:0e:3f:9b:f5:1c:bd:d1:5c:06:
72:37:18:65:8d:c5:6c:a2:28:19:7a:64:40:1f:8b:ea:33:48:
9d:e8:66:61:78:18:0c:df:e9:3b:4c:48:fa:4e:cf:d1:9b:55:
ee:5d:4c:38:d3:c7:0b:3f:82:6e:bb:f7:08:46:c0:2f:4f:37:
f6:11:56:96:55:be:51:6a:a3:86:15:a7:90:38:f3:77:1b:90:
78:c5:fd:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsE3me7Ud64DkF4xM3V+LfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjVkZjg2MjAzNzQyNDNlM2M1ZWFiMjU1NTBhZjI0ZTBl
ZmY0OGMwHhcNMjMwMTAxMDY0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUwYTNhMTdmMzU2MzA2MDNkNjg2NjZjZDEyMTM1NjY4OTc2OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ5oF1eGE14/ODtYANtWJL7VoqYA
LjBS5clHi2vxieXSTf0jM/93WqM3Y0GqpSZvJA2pDnvmLfkTelq8gNjVlbMN9pdX
1SavrNF+4Erh2R/LEMmiLgHzNGdv6yDXfi2Ynmz2FCyIC98Hb7nnRYavcH0rIYn0
B0PjgTQ3trpGtShFO4eZlccSJPyIWaVMx5q87tfJcfzBCQbFvBDbJbpQcoudHKQG
bWKjoM/pW4JG1lJPZ7mzqPpg0CJ0kh8FYMYqxDTOLFX1R3wv+GO0OMuVbNB8bO53
REt46eafKJ9tNqY+come/89286yOyrwzf69V2w3IpfpM1CF0o3j2Nhy7lQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCFQo6F/NWMGA9aGZs0SE1Zol2kNMB8GA1UdIwQY
MBaAFEsl34YgN0JD48XqslVQryTg7/SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2Yt
YTQxYjUwYWEyNzJkLzEvSVZDam9YODFZd1lEMW9abXpSSVRWbWlYYVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2YtYTQxYjUwYWEyNzJk
LzEvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJdHIAwQD
Lh1oAwQCudDoAwQDvFy4MA0GCSqGSIb3DQEBCwUAA4IBAQCcsOSUF1FZp0ARH0NI
MJt7bPtXwhuNkQF836B9zMX6yLEhdBEqtqbBE1B0X98KuECwMQr8Woocb0V22FjO
TKM8RHk4wZLk6A5/Sw75HHqBVDMR1hys6axOJaUoHbZzLfWLGAyvYeAVFrZbu/Bt
x6q0jN4qp2UCXISlhLsi0WYJtVZSRpFRPWU4CMizTpLDXlsFc7RksbtIH7qkyNW+
qPcemZnnp9Beai5k1zIOP5v1HL3RXAZyNxhljcVsoigZemRAH4vqM0id6GZheBgM
3+k7TEj6Ts/Rm1XuXUw408cLP4Juu/cIRsAvTzf2EVaWVb5RaqOGFaeQOPN3G5B4
xf2f
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:46 2024 by rpki-client on console-ams.rpki-client.org