Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0QwGGheSjrs7FxEdXVdDoLxlOEU.roa
File: 0QwGGheSjrs7FxEdXVdDoLxlOEU.roa (raw, json)
Hash identifier: APLFQVT3KTWZFkt2FRL/HkB8yBAEORGWpSbirV12mAg=
Subject key identifier: D1:0C:06:1A:17:92:8E:BB:3B:17:11:1D:5D:57:43:A0:BC:65:38:45
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DC801F66DD828C9A3BD0ECD711E89
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0QwGGheSjrs7FxEdXVdDoLxlOEU.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 80.66.199.0/24 maxlen: 24
194.104.144.0/24 maxlen: 24
45.87.92.0/24 maxlen: 24
45.87.93.0/24 maxlen: 24
95.214.166.0/24 maxlen: 24
95.214.167.0/24 maxlen: 24
45.139.192.0/24 maxlen: 24
45.139.194.0/24 maxlen: 24
45.139.195.0/24 maxlen: 24
45.141.44.0/24 maxlen: 24
45.141.46.0/24 maxlen: 24
45.141.45.0/24 maxlen: 24
45.141.47.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c8:01:f6:6d:d8:28:c9:a3:bd:0e:cd:71:1e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d10c061a17928ebb3b17111d5d5743a0bc653845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e3:2c:81:90:73:a8:fd:d4:07:a1:ac:e7:32:
df:52:99:13:3f:18:a7:53:ed:f2:47:d8:89:59:a6:
dd:01:a3:29:3d:84:33:7c:df:36:bc:0b:60:08:63:
89:6d:9c:af:f8:36:84:7d:79:b2:df:31:b0:2e:d8:
0a:ec:6a:72:49:e3:e4:3b:4b:9d:ea:1f:24:0b:20:
93:d6:a4:09:28:5d:70:ca:7c:e6:10:55:aa:b6:85:
06:9a:29:28:d5:f2:11:cc:d3:6c:6b:ca:8b:37:98:
ab:12:86:30:f0:51:2a:35:86:fe:50:53:c1:5c:2c:
47:fe:81:45:71:6f:6c:cb:83:bc:a6:76:0b:0c:66:
96:78:84:2a:9a:7a:41:10:ff:93:c8:99:f1:26:e9:
e9:f4:40:93:e2:d5:83:68:17:6c:d9:2f:b7:29:8e:
4d:9b:51:00:16:95:5a:da:ee:6a:74:51:86:25:a5:
78:8e:eb:99:ca:42:cc:74:d6:ed:81:7a:d6:1f:20:
6d:6e:87:ce:d7:14:9d:5a:2c:a4:47:6a:b6:c3:81:
80:67:79:d3:db:b1:33:e6:c9:e9:a9:d3:43:9c:be:
bf:d8:04:c3:48:db:04:b8:75:71:1a:cd:48:62:3b:
e0:09:ac:76:4a:4d:c8:b3:bb:0b:f1:ff:dc:5b:18:
25:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:0C:06:1A:17:92:8E:BB:3B:17:11:1D:5D:57:43:A0:BC:65:38:45
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/0QwGGheSjrs7FxEdXVdDoLxlOEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.92.0/23
45.139.192.0/24
45.139.194.0/23
45.141.44.0/22
80.66.199.0/24
95.214.166.0/23
194.104.144.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ca:e0:d8:f2:39:5b:b1:36:ea:fe:96:0b:39:04:87:49:be:
1c:80:15:df:aa:93:d2:84:2c:d8:e1:75:ec:b4:50:c7:6c:6f:
d3:e1:f4:13:35:31:11:5b:88:31:21:ef:ac:eb:ad:9b:37:b0:
ff:3d:0a:ce:22:35:28:4c:00:db:03:49:58:fd:3a:1a:33:18:
30:ce:f5:92:6e:bf:ef:b9:1c:11:2d:30:2a:9d:25:d2:44:1c:
47:8d:78:c9:f1:ed:d1:27:f5:71:af:e8:7f:d9:f9:3a:56:e8:
eb:8d:50:2d:69:42:f7:aa:61:f6:19:06:c8:d0:b4:74:76:cb:
7d:6e:ce:2e:76:2f:f0:29:54:a0:b5:56:5f:16:0a:24:35:64:
6d:65:d9:04:f5:7d:8e:13:1f:42:80:b7:49:c5:d6:9e:67:22:
10:1a:19:52:18:bb:53:e5:94:8f:4c:b7:a7:40:cc:ee:25:da:
4f:5f:71:1d:c0:fc:16:3c:67:5d:15:ec:ea:a6:ba:9b:45:2f:
31:f1:a4:b5:00:54:2a:eb:b6:a7:7e:d2:9d:86:6b:5f:5b:26:
c7:ff:98:02:09:27:39:d6:ce:50:7c:9d:1a:68:3f:bb:3b:04:
b6:12:e5:2f:0f:f8:ef:a6:f8:e0:d0:1d:be:02:f0:f3:ae:33:
59:ab:b4:0f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvHcgB9m3YKMmjvQ7NcR6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTBjMDYxYTE3OTI4ZWJiM2IxNzExMWQ1ZDU3NDNhMGJjNjUzODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueMsgZBzqP3UB6Gs5zLfUpkTPxin
U+3yR9iJWabdAaMpPYQzfN82vAtgCGOJbZyv+DaEfXmy3zGwLtgK7GpySePkO0ud
6h8kCyCT1qQJKF1wynzmEFWqtoUGmiko1fIRzNNsa8qLN5irEoYw8FEqNYb+UFPB
XCxH/oFFcW9sy4O8pnYLDGaWeIQqmnpBEP+TyJnxJunp9ECT4tWDaBds2S+3KY5N
m1EAFpVa2u5qdFGGJaV4juuZykLMdNbtgXrWHyBtbofO1xSdWiykR2q2w4GAZ3nT
27Ez5snpqdNDnL6/2ATDSNsEuHVxGs1IYjvgCax2Sk3Is7sL8f/cWxgl5QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNEMBhoXko67OxcRHV1XQ6C8ZThFMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMFF3R0doZVNqcnM3RnhFZFhWZERvTHhsT0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLVdcAwQA
LYvAAwQBLYvCAwQCLY0sAwQAUELHAwQBX9amAwQAwmiQMA0GCSqGSIb3DQEBCwUA
A4IBAQAXyuDY8jlbsTbq/pYLOQSHSb4cgBXfqpPShCzY4XXstFDHbG/T4fQTNTER
W4gxIe+s662bN7D/PQrOIjUoTADbA0lY/ToaMxgwzvWSbr/vuRwRLTAqnSXSRBxH
jXjJ8e3RJ/Vxr+h/2fk6VujrjVAtaUL3qmH2GQbI0LR0dst9bs4udi/wKVSgtVZf
FgokNWRtZdkE9X2OEx9CgLdJxdaeZyIQGhlSGLtT5ZSPTLenQMzuJdpPX3EdwPwW
PGddFezqprqbRS8x8aS1AFQq67anftKdhmtfWybH/5gCCSc51s5QfJ0aaD+7OwS2
EuUvD/jvpvjg0B2+AvDzrjNZq7QP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org