Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/AbWgSfva0le4_SEMEh63YaDCG4U.roa
File: AbWgSfva0le4_SEMEh63YaDCG4U.roa (raw, json)
Hash identifier: RssmBoPBhwW1PI8163bGs1mqYtEDPj6moFi1HsrhpIQ=
Subject key identifier: 01:B5:A0:49:FB:DA:D2:57:B8:FD:21:0C:12:1E:B7:61:A0:C2:1B:85
Certificate issuer: /CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Certificate serial: 01856BC1259A70FBBB89C0C94DD087C136F6
Authority key identifier: DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/AbWgSfva0le4_SEMEh63YaDCG4U.roa
Signing time: Sun 01 Jan 2023 05:14:58 +0000
ROA not before: Sun 01 Jan 2023 05:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28756
IP address blocks: 145.64.248.0/21 maxlen: 21
145.64.248.0/22 maxlen: 22
145.64.250.0/24 maxlen: 24
145.64.252.0/22 maxlen: 22
145.64.160.0/20 maxlen: 20
145.64.160.0/24 maxlen: 24
145.64.161.0/24 maxlen: 24
145.64.162.0/24 maxlen: 24
145.64.170.0/24 maxlen: 24
145.64.130.0/24 maxlen: 24
145.64.132.0/22 maxlen: 22
145.64.128.0/21 maxlen: 21
145.64.128.0/22 maxlen: 22
145.64.134.0/24 maxlen: 24
145.64.144.0/23 maxlen: 23
145.64.144.0/20 maxlen: 20
145.64.146.0/24 maxlen: 24
145.64.148.0/24 maxlen: 24
145.64.149.0/24 maxlen: 24
145.64.157.0/24 maxlen: 24
145.64.158.0/24 maxlen: 24
145.64.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:25:9a:70:fb:bb:89:c0:c9:4d:d0:87:c1:36:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc377b5d022bf0be4a6224b47eea6ca0b81bf037
Validity
Not Before: Jan 1 05:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01b5a049fbdad257b8fd210c121eb761a0c21b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:18:21:4a:68:d8:1b:31:d3:e1:b7:43:6d:12:
af:1a:58:ea:ce:ba:45:a8:60:91:61:6f:69:8f:40:
99:5b:5c:33:06:21:78:42:5b:27:42:90:7a:08:37:
53:be:0a:22:58:7a:52:39:23:bc:79:96:d3:ae:5b:
26:c7:c3:0b:37:e5:95:8f:7d:5c:27:1c:ff:81:ab:
6f:38:c0:be:5f:6a:85:71:20:68:31:23:a5:2f:02:
ba:71:81:65:dc:de:df:d5:eb:63:96:97:4d:03:f8:
9a:94:6a:6d:28:f5:f9:b5:0d:c5:11:02:69:21:35:
01:ef:2d:13:ae:1b:24:06:70:57:9a:37:34:23:3e:
9f:28:8c:73:ca:1f:7e:14:92:e0:92:0f:25:6c:21:
b5:7d:b4:d8:0f:25:2d:44:56:22:3e:34:09:d1:2c:
96:b3:ee:68:a0:13:68:5d:35:c7:67:f3:d0:ed:b0:
3c:60:91:09:7e:1b:67:a5:da:b8:a8:9d:ad:b0:b2:
02:67:dc:a3:08:1a:16:0f:cc:21:70:89:50:e1:b2:
10:b1:02:a1:65:8e:1c:b8:ff:7a:b5:73:6d:a6:2d:
b3:0f:01:d6:76:f0:48:78:39:45:3f:66:15:24:71:
38:84:d9:4c:df:c6:20:52:1a:c7:c8:56:9b:4d:bf:
9f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B5:A0:49:FB:DA:D2:57:B8:FD:21:0C:12:1E:B7:61:A0:C2:1B:85
X509v3 Authority Key Identifier:
keyid:DC:37:7B:5D:02:2B:F0:BE:4A:62:24:B4:7E:EA:6C:A0:B8:1B:F0:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/AbWgSfva0le4_SEMEh63YaDCG4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/cc558c-35e5-4dd6-867b-8b05b778e0d5/1/3Dd7XQIr8L5KYiS0fupsoLgb8Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.64.128.0/21
145.64.144.0-145.64.175.255
145.64.248.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:1d:68:05:ea:0b:3a:94:1b:a5:51:49:2b:8c:26:9f:6d:da:
6d:1b:d1:15:44:ec:a1:e9:72:e4:50:76:4f:c4:a2:13:73:9c:
5e:84:37:c7:eb:8a:7d:ec:76:99:93:d7:2f:9f:34:57:37:af:
0f:ec:6f:f0:eb:42:26:78:b5:c4:53:9e:6f:5d:b9:b2:01:43:
c8:87:cd:a6:fe:95:80:44:48:94:4c:9e:a4:42:67:22:6d:75:
ee:2c:f4:8a:75:86:91:49:7b:8e:f0:2b:16:3d:bf:fa:48:8d:
43:af:57:c6:b0:a0:9e:b2:f4:7c:08:99:b1:8a:09:4a:16:1d:
5d:39:ea:27:2c:2f:ec:ea:7f:3f:62:f9:3c:f3:e3:e4:b5:3e:
a2:ea:e6:54:b8:c3:63:db:24:af:37:65:90:ff:72:65:b3:fe:
8e:4a:2d:34:87:45:14:7b:7d:98:60:bf:74:ad:ba:a9:67:99:
c9:b4:d0:a5:d1:29:f8:4f:6c:64:d6:a7:76:e2:c7:ce:64:90:
5c:d9:08:f6:a9:84:1a:b6:f1:98:e6:a8:da:73:82:40:ca:c2:
9a:31:6a:80:0b:53:4b:e3:da:ea:19:1e:07:63:70:13:af:33:
fd:85:03:e4:ee:42:52:eb:fe:3d:fc:48:e2:a7:80:ab:44:09:
09:99:00:26
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVrwSWacPu7icDJTdCHwTb2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzc3YjVkMDIyYmYwYmU0YTYyMjRiNDdlZWE2Y2EwYjgx
YmYwMzcwHhcNMjMwMTAxMDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWI1YTA0OWZiZGFkMjU3YjhmZDIxMGMxMjFlYjc2MWEwYzIxYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hghSmjYGzHT4bdDbRKvGljqzrpF
qGCRYW9pj0CZW1wzBiF4QlsnQpB6CDdTvgoiWHpSOSO8eZbTrlsmx8MLN+WVj31c
Jxz/gatvOMC+X2qFcSBoMSOlLwK6cYFl3N7f1etjlpdNA/ialGptKPX5tQ3FEQJp
ITUB7y0TrhskBnBXmjc0Iz6fKIxzyh9+FJLgkg8lbCG1fbTYDyUtRFYiPjQJ0SyW
s+5ooBNoXTXHZ/PQ7bA8YJEJfhtnpdq4qJ2tsLICZ9yjCBoWD8whcIlQ4bIQsQKh
ZY4cuP96tXNtpi2zDwHWdvBIeDlFP2YVJHE4hNlM38YgUhrHyFabTb+fiwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAG1oEn72tJXuP0hDBIet2GgwhuFMB8GA1UdIwQY
MBaAFNw3e10CK/C+SmIktH7qbKC4G/A3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2It
OGIwNWI3NzhlMGQ1LzEvQWJXZ1NmdmEwbGU0X1NFTUVoNjNZYURDRzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jYzU1OGMtMzVlNS00ZGQ2LTg2N2ItOGIwNWI3NzhlMGQ1
LzEvM0RkN1hRSXI4TDVLWWlTMGZ1cHNvTGdiOERjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDkUCAMAwD
BASRQJADBASRQKADBAORQPgwDQYJKoZIhvcNAQELBQADggEBAAsdaAXqCzqUG6VR
SSuMJp9t2m0b0RVE7KHpcuRQdk/EohNznF6EN8frin3sdpmT1y+fNFc3rw/sb/Dr
QiZ4tcRTnm9dubIBQ8iHzab+lYBESJRMnqRCZyJtde4s9Ip1hpFJe47wKxY9v/pI
jUOvV8awoJ6y9HwImbGKCUoWHV056icsL+zqfz9i+Tzz4+S1PqLq5lS4w2PbJK83
ZZD/cmWz/o5KLTSHRRR7fZhgv3Stuqlnmcm00KXRKfhPbGTWp3bix85kkFzZCPap
hBq28ZjmqNpzgkDKwpoxaoALU0vj2uoZHgdjcBOvM/2FA+TuQlLr/j38SOKngKtE
CQmZACY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:27 2024 by rpki-client on console-ams.rpki-client.org