Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/SdRPsV8Y55bREhxABI4YiTBNxC4.roa
File: SdRPsV8Y55bREhxABI4YiTBNxC4.roa (raw, json)
Hash identifier: 4ZdrfYsnnZ0R46hGfAtUU12RiUfM++53uVIXv3l1E68=
Subject key identifier: 49:D4:4F:B1:5F:18:E7:96:D1:12:1C:40:04:8E:18:89:30:4D:C4:2E
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 018571BA052A532EECCA61134564E9FB3449
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/SdRPsV8Y55bREhxABI4YiTBNxC4.roa
Signing time: Mon 02 Jan 2023 09:04:54 +0000
ROA not before: Mon 02 Jan 2023 09:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 85.209.206.0/24 maxlen: 24
85.209.205.0/24 maxlen: 24
85.209.204.0/24 maxlen: 24
45.150.223.0/24 maxlen: 24
45.150.222.0/24 maxlen: 24
45.150.220.0/24 maxlen: 24
85.209.207.0/24 maxlen: 24
45.150.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:05:2a:53:2e:ec:ca:61:13:45:64:e9:fb:34:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Jan 2 09:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49d44fb15f18e796d1121c40048e1889304dc42e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:df:f1:ca:3f:04:0c:1c:75:ed:7a:32:b7:
e5:7a:b9:42:8a:a3:c4:f0:10:0d:c9:1f:0b:38:0a:
37:0f:60:1b:d3:55:1e:9f:5e:f1:99:6d:54:5c:cf:
a1:66:3d:c9:53:dd:31:80:be:25:66:22:5d:ad:05:
1f:1c:c0:b4:bb:a9:14:49:73:63:22:d0:e4:d8:d9:
12:e0:2f:0e:23:9a:b9:5e:61:46:33:2b:71:39:a1:
53:e6:ae:e6:65:33:4a:b6:ef:e3:65:21:26:b6:c5:
59:dd:a7:05:57:a1:d0:a3:e9:e6:e7:1f:1c:9c:38:
ff:bb:bb:83:42:54:83:7b:48:b2:e2:c9:65:67:ba:
3e:35:ac:aa:49:57:ba:3b:88:bf:4b:0d:89:15:2b:
09:49:d0:a5:a5:b2:21:dd:61:2b:c1:4d:55:93:d3:
9d:71:73:10:76:c9:90:32:9a:0e:bb:18:bb:20:30:
63:d3:6f:dc:b3:a0:8c:11:b6:9a:f0:b6:3a:ef:07:
1c:1f:02:64:1e:82:35:00:d2:db:7c:1e:70:df:94:
13:0b:b5:a2:7f:62:f5:f7:07:b2:10:af:56:a3:27:
de:c1:b2:b8:e0:a8:3c:91:0e:f4:9d:b4:ce:a7:5e:
a2:9d:d5:e1:14:c8:67:b2:cf:ce:fc:19:8f:82:f9:
d7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:D4:4F:B1:5F:18:E7:96:D1:12:1C:40:04:8E:18:89:30:4D:C4:2E
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/SdRPsV8Y55bREhxABI4YiTBNxC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.220.0/22
85.209.204.0/22
Signature Algorithm: sha256WithRSAEncryption
09:8e:3b:64:24:4e:84:3f:71:11:c3:6f:eb:08:13:8a:41:5d:
86:66:6e:1a:ad:f4:65:73:21:38:27:d1:68:32:5e:bb:b3:04:
e0:ab:94:23:23:dd:1d:c6:7a:29:16:68:b9:f6:48:59:17:f1:
f7:5c:eb:9b:43:12:8d:d7:64:10:fb:4b:e1:3b:22:14:79:59:
89:b3:37:0b:04:3d:64:93:f4:8c:bf:88:ba:f5:6c:db:a0:fd:
6a:44:2b:a4:39:5f:53:53:43:73:6b:ac:39:64:a5:c1:22:0a:
86:78:ea:f0:ee:bd:1c:5a:00:5b:fa:8f:cf:0f:39:2b:4a:9c:
60:cb:25:eb:a6:c2:ea:ad:cc:46:f9:37:a2:9f:e3:dd:cd:ee:
c5:5f:98:cc:50:15:e5:df:c5:fc:6d:2b:1d:fa:ef:dd:97:dd:
22:87:49:47:79:fa:10:c8:cc:48:03:e8:1c:91:e0:4d:02:23:
ac:48:77:be:70:b3:c7:9c:62:e3:46:84:b6:d1:bf:53:a0:4e:
61:ad:06:10:86:2c:a9:95:0f:5d:e0:65:4a:8a:45:73:de:ef:
69:4c:a0:ba:5c:27:4c:99:d4:e7:5d:04:2e:81:3d:88:4c:a2:
48:2b:b1:2b:f5:6f:93:2b:fc:e6:df:20:fd:b1:4c:84:17:e2:
17:fd:ff:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxugUqUy7symETRWTp+zRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjMwMTAyMDkwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWQ0NGZiMTVmMThlNzk2ZDExMjFjNDAwNDhlMTg4OTMwNGRjNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVXf8co/BAwcde16MrflerlCiqPE
8BANyR8LOAo3D2Ab01Uen17xmW1UXM+hZj3JU90xgL4lZiJdrQUfHMC0u6kUSXNj
ItDk2NkS4C8OI5q5XmFGMytxOaFT5q7mZTNKtu/jZSEmtsVZ3acFV6HQo+nm5x8c
nDj/u7uDQlSDe0iy4sllZ7o+NayqSVe6O4i/Sw2JFSsJSdClpbIh3WErwU1Vk9Od
cXMQdsmQMpoOuxi7IDBj02/cs6CMEbaa8LY67wccHwJkHoI1ANLbfB5w35QTC7Wi
f2L19weyEK9WoyfewbK44Kg8kQ70nbTOp16indXhFMhnss/O/BmPgvnX6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEnUT7FfGOeW0RIcQASOGIkwTcQuMB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvU2RSUHNWOFk1NWJSRWh4QUJJNFlpVEJOeEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZbcAwQC
VdHMMA0GCSqGSIb3DQEBCwUAA4IBAQAJjjtkJE6EP3ERw2/rCBOKQV2GZm4arfRl
cyE4J9FoMl67swTgq5QjI90dxnopFmi59khZF/H3XOubQxKN12QQ+0vhOyIUeVmJ
szcLBD1kk/SMv4i69WzboP1qRCukOV9TU0Nza6w5ZKXBIgqGeOrw7r0cWgBb+o/P
DzkrSpxgyyXrpsLqrcxG+Tein+Pdze7FX5jMUBXl38X8bSsd+u/dl90ih0lHefoQ
yMxIA+gckeBNAiOsSHe+cLPHnGLjRoS20b9ToE5hrQYQhiyplQ9d4GVKikVz3u9p
TKC6XCdMmdTnXQQugT2ITKJIK7Er9W+TK/zm3yD9sUyEF+IX/f8s
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:32 2023 by rpki-client on console-ams.rpki-client.org