Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/OAA4jCK2J3rZNrbg6qomvQfmq0s.roa
File: OAA4jCK2J3rZNrbg6qomvQfmq0s.roa (raw, json)
Hash identifier: zo9GiicyUPaV5K79XAT3vVW8Yh9RjYC6JWr0Uywsc9c=
Subject key identifier: 38:00:38:8C:22:B6:27:7A:D9:36:B6:E0:EA:AA:26:BD:07:E6:AB:4B
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 01884DA1BA705FC3B7A0C25F49952D74126A
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/OAA4jCK2J3rZNrbg6qomvQfmq0s.roa
Signing time: Wed 24 May 2023 12:00:24 +0000
ROA not before: Wed 24 May 2023 12:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51295
IP address blocks: 185.179.156.0/22 maxlen: 22
185.248.196.0/22 maxlen: 22
194.165.26.0/24 maxlen: 24
45.153.88.0/24 maxlen: 24
2a0a:8880:1::/48 maxlen: 48
2a0a:8880:2::/48 maxlen: 48
2a0a:8880:aaaa::/48 maxlen: 48
2a0f:4440:aaaa::/48 maxlen: 48
2a0f:4440:abcd::/48 maxlen: 48
2a0a:8880::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:a1:ba:70:5f:c3:b7:a0:c2:5f:49:95:2d:74:12:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: May 24 12:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3800388c22b6277ad936b6e0eaaa26bd07e6ab4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:da:28:dd:44:f1:9b:90:cf:69:8e:8b:f7:a3:
6e:d9:45:bb:4f:d7:19:b9:52:d6:9c:02:07:bc:5b:
88:85:dc:26:fa:99:14:bf:f6:4a:ff:e1:d0:cd:71:
e7:f4:09:bc:df:ea:fe:9e:61:9f:b6:db:7c:b2:5f:
06:de:3e:f5:53:ee:93:74:55:9c:b9:c1:cf:43:77:
08:d7:a7:95:09:7b:df:6d:49:0f:aa:3a:4d:40:da:
d1:59:4c:9d:cc:16:6a:c8:19:42:26:c0:72:a4:2c:
94:ef:2f:e3:25:87:67:da:27:be:26:26:e0:df:de:
bd:3c:62:df:1e:91:25:57:a3:1c:44:f1:f8:33:62:
6f:d0:0e:b0:1c:01:09:a4:cb:ae:4c:f6:f8:0a:29:
66:ed:b4:d9:e4:6e:62:dd:85:09:d2:7c:8b:c9:ec:
8d:91:4c:b9:b9:cf:fd:cb:15:0b:bc:ec:af:c7:f6:
2b:5e:00:f8:ce:ef:fb:ba:b4:d5:d3:10:2c:f9:f5:
ad:93:0b:31:fa:aa:f5:14:33:59:85:29:11:d9:ee:
71:dd:0c:d6:cc:3f:8f:e2:b6:44:94:00:fe:b5:27:
9b:f4:6d:bf:54:20:02:ba:38:2f:5c:70:20:07:25:
c1:2d:93:9a:18:36:6c:47:bc:1f:aa:14:c4:53:9d:
31:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:00:38:8C:22:B6:27:7A:D9:36:B6:E0:EA:AA:26:BD:07:E6:AB:4B
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/OAA4jCK2J3rZNrbg6qomvQfmq0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.88.0/24
185.179.156.0/22
185.248.196.0/22
194.165.26.0/24
IPv6:
2a0a:8880::-2a0a:8880:2:ffff:ffff:ffff:ffff:ffff
2a0a:8880:aaaa::/48
2a0f:4440:aaaa::/48
2a0f:4440:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
47:0f:ed:85:9b:da:e0:6e:48:d0:02:50:6f:29:4e:ec:25:8a:
05:df:19:9c:7f:9b:a5:c8:74:59:28:41:f1:c7:c1:da:d3:d3:
c6:b9:99:41:e3:ec:0d:64:42:9c:ae:0f:4e:31:2a:33:bd:9f:
fa:36:75:c4:91:df:cc:4e:9f:67:d8:fb:c8:3c:46:8d:36:b1:
fe:eb:ee:94:cd:99:85:8d:03:cb:96:44:0b:db:90:55:b8:03:
ed:96:aa:be:d9:10:ea:5c:07:35:93:85:08:b6:89:d8:c8:5c:
38:73:0f:70:30:be:ba:70:27:98:24:35:73:5a:ae:0c:8b:4b:
99:c4:89:9b:ce:54:c8:56:30:34:34:49:85:38:a8:c4:00:2b:
94:2f:39:95:64:fb:6c:55:85:82:98:76:08:cc:78:c5:ee:d3:
9a:e3:77:e9:ce:f8:ae:40:15:e1:b8:ba:dd:2a:c0:ea:dc:a9:
d3:28:47:e4:69:df:d5:c3:01:df:b0:82:65:ed:71:83:d2:24:
45:4f:f6:d6:28:35:30:c6:06:0e:89:66:e9:83:de:d6:f9:f2:
d6:d3:1d:b1:94:f6:21:eb:9f:75:12:97:40:ae:5f:b0:b9:f9:
b1:63:8d:df:40:3c:7b:00:43:58:40:e9:50:16:e8:c7:b1:ef:
a7:4a:47:59
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYhNobpwX8O3oMJfSZUtdBJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjMwNTI0MTIwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODAwMzg4YzIyYjYyNzdhZDkzNmI2ZTBlYWFhMjZiZDA3ZTZhYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNoo3UTxm5DPaY6L96Nu2UW7T9cZ
uVLWnAIHvFuIhdwm+pkUv/ZK/+HQzXHn9Am83+r+nmGfttt8sl8G3j71U+6TdFWc
ucHPQ3cI16eVCXvfbUkPqjpNQNrRWUydzBZqyBlCJsBypCyU7y/jJYdn2ie+Jibg
3969PGLfHpElV6McRPH4M2Jv0A6wHAEJpMuuTPb4Cilm7bTZ5G5i3YUJ0nyLyeyN
kUy5uc/9yxULvOyvx/YrXgD4zu/7urTV0xAs+fWtkwsx+qr1FDNZhSkR2e5x3QzW
zD+P4rZElAD+tSeb9G2/VCACujgvXHAgByXBLZOaGDZsR7wfqhTEU50xOwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDgAOIwitid62Ta24OqqJr0H5qtLMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvT0FBNGpDSzJKM3JaTnJiZzZxb212UWZtcTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAeBAIAATAYAwQALZlYAwQC
ubOcAwQCufjEAwQAwqUaMDMEAgACMC0wEAMFByoKiIADBwAqCoiAAAIDBwAqCoiA
qqoDBwAqD0RAqqoDBwAqD0RAq80wDQYJKoZIhvcNAQELBQADggEBAEcP7YWb2uBu
SNACUG8pTuwligXfGZx/m6XIdFkoQfHHwdrT08a5mUHj7A1kQpyuD04xKjO9n/o2
dcSR38xOn2fY+8g8Ro02sf7r7pTNmYWNA8uWRAvbkFW4A+2Wqr7ZEOpcBzWThQi2
idjIXDhzD3AwvrpwJ5gkNXNargyLS5nEiZvOVMhWMDQ0SYU4qMQAK5QvOZVk+2xV
hYKYdgjMeMXu05rjd+nO+K5AFeG4ut0qwOrcqdMoR+Rp39XDAd+wgmXtcYPSJEVP
9tYoNTDGBg6JZumD3tb58tbTHbGU9iHrn3USl0CuX7C5+bFjjd9APHsAQ1hA6VAW
6Mex76dKR1k=
-----END CERTIFICATE-----
Generated at Wed Aug 9 19:47:33 2023 by rpki-client on console-ams.rpki-client.org