Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/G0i2fz7QlMCyw0kufLSOEIs260c.roa
File: G0i2fz7QlMCyw0kufLSOEIs260c.roa (raw, json)
Hash identifier: qZCstXCw1fINr0bOmVj0ae7z8FhXAE+m8fPuKzG4imk=
Subject key identifier: 1B:48:B6:7F:3E:D0:94:C0:B2:C3:49:2E:7C:B4:8E:10:8B:36:EB:47
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DCC7D5061984552E675AB0CAEFC19
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/G0i2fz7QlMCyw0kufLSOEIs260c.roa
Signing time: Sun 01 Jan 2023 20:55:01 +0000
ROA not before: Sun 01 Jan 2023 20:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
92.60.43.0/24 maxlen: 24
94.124.119.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
45.130.21.0/24 maxlen: 24
176.119.148.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
45.147.48.0/24 maxlen: 24
45.147.51.0/24 maxlen: 24
45.147.49.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
194.36.27.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.194.54.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
91.200.243.0/24 maxlen: 24
193.32.148.0/22 maxlen: 24
141.98.196.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.197.0/24 maxlen: 24
45.159.48.0/22 maxlen: 24
45.142.125.0/24 maxlen: 24
45.142.127.0/24 maxlen: 24
45.142.126.0/24 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/24 maxlen: 24
149.62.44.0/24 maxlen: 24
185.200.66.0/24 maxlen: 24
149.62.46.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
213.232.112.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.155.0/24 maxlen: 24
194.104.153.0/24 maxlen: 24
194.104.154.0/24 maxlen: 24
45.14.64.0/22 maxlen: 24
194.169.54.0/24 maxlen: 24
2a09:7::/36 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:cc:7d:50:61:98:45:52:e6:75:ab:0c:ae:fc:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b48b67f3ed094c0b2c3492e7cb48e108b36eb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:84:37:72:65:89:a5:bc:95:98:84:d8:c8:b5:
a3:11:13:fc:79:dd:81:d7:25:8a:36:8c:da:4e:ca:
26:a7:8d:bf:cb:8a:a7:97:ab:9f:42:38:8a:4d:99:
19:55:c9:fe:53:da:2d:95:1d:c4:31:9f:02:48:6e:
e4:da:ca:8a:dc:fc:92:e5:6a:33:5f:4d:3f:d7:54:
9f:df:7b:3e:28:ce:84:58:25:78:75:bc:8e:e1:f3:
ea:c2:24:22:dd:b2:3d:c0:04:36:cf:fc:7b:00:a7:
aa:52:d0:d1:ee:b9:a0:da:f4:7e:df:d6:7f:d6:a6:
ad:62:ff:51:3f:4e:b9:9e:94:0c:fd:8f:a4:a1:ab:
8d:23:10:15:04:00:3d:c7:a8:d6:8b:42:ec:0c:01:
51:b9:e5:99:c4:9d:57:e1:cb:b8:21:9c:7a:69:12:
42:f1:22:81:58:a2:38:73:bd:14:e8:cf:09:ca:89:
0b:83:ac:f2:d3:2e:ca:52:13:80:9e:3f:01:be:8d:
cb:1b:39:6d:51:85:67:fb:34:94:57:69:37:6c:78:
b9:8e:4c:eb:43:72:64:8d:f2:78:75:07:19:af:5d:
83:bd:5c:39:a7:40:e8:78:86:04:90:c8:07:5b:f2:
bc:7d:3a:f5:bd:1d:41:4d:0f:85:1b:5b:6c:ce:7d:
74:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:48:B6:7F:3E:D0:94:C0:B2:C3:49:2E:7C:B4:8E:10:8B:36:EB:47
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/G0i2fz7QlMCyw0kufLSOEIs260c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.66.128.0/22
45.66.216.0/22
45.130.21.0/24
45.142.125.0-45.142.127.255
45.143.233.0-45.143.235.255
45.147.48.0/23
45.147.51.0/24
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/23
92.60.43.0/24
94.124.119.0/24
95.214.164.0/23
141.98.196.0-141.98.198.255
147.78.240.0/21
149.62.44.0/24
149.62.46.0/23
176.119.148.0/22
185.194.54.0/24
185.200.64.0/24
185.200.66.0/24
193.32.148.0/22
193.111.30.0/23
194.36.24.0/24
194.36.27.0/24
194.104.153.0-194.104.155.255
194.169.54.0/24
195.245.219.0/24
195.245.241.0-195.245.242.255
213.232.112.0/22
IPv6:
2a09:7::/36
2a0d:c7c1::/32
Signature Algorithm: sha256WithRSAEncryption
92:8a:cc:8e:36:44:13:40:11:42:3b:8c:6d:ad:80:4f:b6:bf:
c0:6f:95:70:ba:9f:35:e6:73:22:2e:6d:00:f8:b0:e9:07:06:
b3:1d:12:23:8a:0c:92:55:7c:a5:9d:88:fe:7c:1e:b0:15:de:
a0:8f:f2:cd:3e:be:f3:b2:63:29:81:06:0c:47:71:39:7e:4c:
e7:8c:93:64:9e:33:ce:39:58:38:cd:6b:c2:16:e9:30:32:03:
2d:df:dc:b7:6d:db:8d:d5:db:1c:27:25:db:17:11:73:d9:09:
75:c0:d4:c7:35:fb:cc:a8:d5:98:36:3d:38:01:8d:51:88:d4:
b3:4f:70:15:a0:9d:05:20:20:f9:47:af:6f:1e:75:7b:af:1b:
74:2e:e5:80:da:6b:ac:6c:8a:ad:2f:0d:27:54:ff:81:4b:31:
fc:b0:8f:a8:71:a0:8a:d4:e0:ad:14:25:79:cf:db:d7:81:c5:
12:94:68:42:c9:87:d2:8a:3d:97:2c:1b:57:dd:b3:22:ed:d8:
01:b2:7f:3b:89:74:24:66:ea:d2:72:71:fa:39:66:88:2b:ff:
0a:e6:ad:98:4e:f2:62:3d:f0:f5:c2:4c:86:e6:ab:5d:c1:02:
11:86:12:f6:e0:7e:ce:d1:21:2d:ab:26:08:13:b8:2c:9c:cf:
23:5c:a6:9c
-----BEGIN CERTIFICATE-----
MIIGCjCCBPKgAwIBAgISAYVvHcx9UGGYRVLmdasMrvwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQ4YjY3ZjNlZDA5NGMwYjJjMzQ5MmU3Y2I0OGUxMDhiMzZlYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYQ3cmWJpbyVmITYyLWjERP8ed2B
1yWKNozaTsomp42/y4qnl6ufQjiKTZkZVcn+U9otlR3EMZ8CSG7k2sqK3PyS5Woz
X00/11Sf33s+KM6EWCV4dbyO4fPqwiQi3bI9wAQ2z/x7AKeqUtDR7rmg2vR+39Z/
1qatYv9RP065npQM/Y+koauNIxAVBAA9x6jWi0LsDAFRueWZxJ1X4cu4IZx6aRJC
8SKBWKI4c70U6M8JyokLg6zy0y7KUhOAnj8Bvo3LGzltUYVn+zSUV2k3bHi5jkzr
Q3JkjfJ4dQcZr12DvVw5p0DoeIYEkMgHW/K8fTr1vR1BTQ+FG1tszn10cQIDAQAB
o4IDFjCCAxIwHQYDVR0OBBYEFBtItn8+0JTAssNJLny0jhCLNutHMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvRzBpMmZ6N1FsTUN5dzBrdWZMU09FSXMyNjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKgYIKwYBBQUHAQcBAf8EggEZMIIBFTCB+wQCAAEwgfQD
BAItDkADBAItQoADBAItQtgDBAAtghUwDAMEAC2OfQMEBy2OADAMAwQALY/pAwQC
LY/oAwQBLZMwAwQALZMzAwQCLZWcAwQCLZ8wAwQCTo7kAwQCWNYUAwQAW8jwAwQB
W8jyAwQAXDwrAwQAXnx3AwQBX9akMAwDBAKNYsQDBACNYsYDBAOTTvADBACVPiwD
BAGVPi4DBAKwd5QDBAC5wjYDBAC5yEADBAC5yEIDBALBIJQDBAHBbx4DBADCJBgD
BADCJBswDAMEAMJomQMEAsJomAMEAMKpNgMEAMP12zAMAwQAw/XxAwQAw/XyAwQC
1ehwMBUEAgACMA8DBgQqCQAHAAMFACoNx8EwDQYJKoZIhvcNAQELBQADggEBAJKK
zI42RBNAEUI7jG2tgE+2v8BvlXC6nzXmcyIubQD4sOkHBrMdEiOKDJJVfKWdiP58
HrAV3qCP8s0+vvOyYymBBgxHcTl+TOeMk2SeM845WDjNa8IW6TAyAy3f3Ldt243V
2xwnJdsXEXPZCXXA1Mc1+8yo1Zg2PTgBjVGI1LNPcBWgnQUgIPlHr28edXuvG3Qu
5YDaa6xsiq0vDSdU/4FLMfywj6hxoIrU4K0UJXnP29eBxRKUaELJh9KKPZcsG1fd
syLt2AGyfzuJdCRm6tJycfo5Zogr/wrmrZhO8mI98PXCTIbmq13BAhGGEvbgfs7R
IS2rJggTuCyczyNcppw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:58 2023 by rpki-client on console-fra.rpki-client.org