Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/Y_R81poWf8rQDCrt3ZN13OKDQT8.roa
File: Y_R81poWf8rQDCrt3ZN13OKDQT8.roa (raw, json)
Hash identifier: OK1Di930kZHcc2x65BtWLscFTA7HzV+hb2RlN3hCKts=
Subject key identifier: 63:F4:7C:D6:9A:16:7F:CA:D0:0C:2A:ED:DD:93:75:DC:E2:83:41:3F
Certificate issuer: /CN=dbc8f2ff98f610fe83830d18918f4c9037272411
Certificate serial: 0186316A7E6EF03A9B195E07AE554233A65C
Authority key identifier: DB:C8:F2:FF:98:F6:10:FE:83:83:0D:18:91:8F:4C:90:37:27:24:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28jy_5j2EP6Dgw0YkY9MkDcnJBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/Y_R81poWf8rQDCrt3ZN13OKDQT8.roa
Signing time: Wed 08 Feb 2023 14:25:07 +0000
ROA not before: Wed 08 Feb 2023 14:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210079
IP address blocks: 185.154.53.0/24 maxlen: 24
185.154.52.0/24 maxlen: 24
185.154.55.0/24 maxlen: 24
185.154.54.0/24 maxlen: 24
95.142.44.0/24 maxlen: 24
46.30.44.0/24 maxlen: 24
46.30.43.0/24 maxlen: 24
46.30.42.0/24 maxlen: 24
46.30.41.0/24 maxlen: 24
46.30.40.0/24 maxlen: 24
46.30.45.0/24 maxlen: 24
46.30.47.0/24 maxlen: 24
46.30.46.0/24 maxlen: 24
2a06:78c0:db::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:6a:7e:6e:f0:3a:9b:19:5e:07:ae:55:42:33:a6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc8f2ff98f610fe83830d18918f4c9037272411
Validity
Not Before: Feb 8 14:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63f47cd69a167fcad00c2aeddd9375dce283413f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c9:fa:81:38:07:8d:b0:c3:80:fe:fe:76:6c:
fd:29:02:e2:4b:06:80:34:b0:fb:ea:00:a1:d0:6e:
ed:d3:b2:f5:74:53:5e:3a:47:d6:5e:68:bf:b0:7d:
79:91:af:2e:64:16:b7:44:4f:76:8e:42:65:e6:d1:
97:e9:ef:9e:b0:33:49:56:fd:8d:85:09:e7:c5:18:
ce:44:18:39:11:09:8d:ab:58:b0:8f:12:70:d8:f3:
65:98:76:5b:50:57:5b:4a:eb:7a:cb:82:86:06:39:
0b:bd:c1:4f:53:0b:6d:e8:e3:15:d7:98:4a:4c:4a:
54:b6:f9:46:0b:b3:1f:48:ee:c6:fa:ae:7a:ad:85:
6f:d3:dc:03:4d:d7:f3:d9:66:bf:b6:f5:f6:25:57:
d4:ad:3d:e6:51:f4:9d:bd:38:5f:e8:8b:71:88:b1:
38:8b:eb:82:09:96:ec:9f:86:15:27:6e:72:58:fa:
fc:46:ed:4b:d0:e9:f4:d2:98:81:e9:8c:30:0f:2c:
13:b8:0a:95:1a:c2:94:a3:ed:2c:e1:5c:a5:12:3b:
f0:2e:13:42:21:6e:75:f9:6e:22:fc:17:fd:91:ad:
07:e0:49:11:b0:d5:89:1f:f4:b3:73:80:e0:42:15:
9d:32:8f:9e:54:eb:51:6f:c4:7a:1e:22:46:fb:86:
5d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F4:7C:D6:9A:16:7F:CA:D0:0C:2A:ED:DD:93:75:DC:E2:83:41:3F
X509v3 Authority Key Identifier:
keyid:DB:C8:F2:FF:98:F6:10:FE:83:83:0D:18:91:8F:4C:90:37:27:24:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28jy_5j2EP6Dgw0YkY9MkDcnJBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/Y_R81poWf8rQDCrt3ZN13OKDQT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/feeef5-c96f-4652-94e0-ed38f649e39f/1/28jy_5j2EP6Dgw0YkY9MkDcnJBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.40.0/21
95.142.44.0/24
185.154.52.0/22
IPv6:
2a06:78c0:db::/48
Signature Algorithm: sha256WithRSAEncryption
05:5e:b5:98:d8:a6:98:e6:6a:a5:4c:2b:49:6b:2f:05:6e:de:
55:5c:22:bf:02:c8:38:ec:d7:53:78:12:ac:8f:6a:e4:78:a4:
61:c7:13:df:d6:60:0b:15:0e:fc:b9:37:4c:48:d9:88:24:eb:
03:af:01:7a:bc:aa:e5:19:f4:04:f0:07:f3:1f:6c:8f:e7:6b:
72:5a:36:da:e9:88:0f:a9:9a:c4:02:5b:4b:b4:3c:d3:83:a0:
a8:4a:6e:ab:09:99:71:d2:c8:6d:fc:16:3b:49:0d:62:6b:a4:
ab:94:b5:02:62:55:78:ec:24:16:e6:73:4d:6b:a4:74:7c:52:
44:8d:db:f0:bb:cc:b6:ff:15:1f:aa:01:d6:b1:70:2e:c2:20:
ba:ec:6b:ed:c0:e7:f5:e5:1e:13:29:66:38:fc:ab:d5:b2:b4:
81:de:85:10:d4:ed:28:82:12:c5:49:05:9f:82:7a:1a:4b:b0:
6a:a5:6a:7e:d5:6f:c6:07:a7:17:be:e6:ee:93:cd:b2:27:0d:
2e:22:b9:18:60:e1:5e:4f:43:7f:be:04:27:91:09:ac:f1:ee:
94:d4:d2:b5:8f:c3:6d:3e:81:8a:71:c9:e0:78:e3:dd:49:f3:
90:27:77:10:4a:80:05:28:12:78:1c:07:e1:82:02:27:bd:48:
41:c7:9a:ae
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYYxan5u8DqbGV4HrlVCM6ZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzhmMmZmOThmNjEwZmU4MzgzMGQxODkxOGY0YzkwMzcy
NzI0MTEwHhcNMjMwMjA4MTQyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y0N2NkNjlhMTY3ZmNhZDAwYzJhZWRkZDkzNzVkY2UyODM0MTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18n6gTgHjbDDgP7+dmz9KQLiSwaA
NLD76gCh0G7t07L1dFNeOkfWXmi/sH15ka8uZBa3RE92jkJl5tGX6e+esDNJVv2N
hQnnxRjORBg5EQmNq1iwjxJw2PNlmHZbUFdbSut6y4KGBjkLvcFPUwtt6OMV15hK
TEpUtvlGC7MfSO7G+q56rYVv09wDTdfz2Wa/tvX2JVfUrT3mUfSdvThf6ItxiLE4
i+uCCZbsn4YVJ25yWPr8Ru1L0On00piB6YwwDywTuAqVGsKUo+0s4VylEjvwLhNC
IW51+W4i/Bf9ka0H4EkRsNWJH/Szc4DgQhWdMo+eVOtRb8R6HiJG+4ZdmwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGP0fNaaFn/K0Awq7d2Tddzig0E/MB8GA1UdIwQY
MBaAFNvI8v+Y9hD+g4MNGJGPTJA3JyQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhqeV81ajJFUDZEZ3cwWWtZOU1rRGNuSkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mZWVlZjUtYzk2Zi00NjUyLTk0ZTAt
ZWQzOGY2NDllMzlmLzEvWV9SODFwb1dmOHJRRENydDNaTjEzT0tEUVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mZWVlZjUtYzk2Zi00NjUyLTk0ZTAtZWQzOGY2NDllMzlm
LzEvMjhqeV81ajJFUDZEZ3cwWWtZOU1rRGNuSkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDLh4oAwQA
X44sAwQCuZo0MA8EAgACMAkDBwAqBnjAANswDQYJKoZIhvcNAQELBQADggEBAAVe
tZjYppjmaqVMK0lrLwVu3lVcIr8CyDjs11N4EqyPauR4pGHHE9/WYAsVDvy5N0xI
2Ygk6wOvAXq8quUZ9ATwB/MfbI/na3JaNtrpiA+pmsQCW0u0PNODoKhKbqsJmXHS
yG38FjtJDWJrpKuUtQJiVXjsJBbmc01rpHR8UkSN2/C7zLb/FR+qAdaxcC7CILrs
a+3A5/XlHhMpZjj8q9WytIHehRDU7SiCEsVJBZ+CehpLsGqlan7Vb8YHpxe+5u6T
zbInDS4iuRhg4V5PQ3++BCeRCazx7pTU0rWPw20+gYpxyeB4491J85AndxBKgAUo
EngcB+GCAie9SEHHmq4=
Generated at Mon Oct 23 07:19:12 2023 by rpki-client on console-fra.rpki-client.org