Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfr6mIZKjgtI-B4sUwU92Bz1QR4.roa
File: dfr6mIZKjgtI-B4sUwU92Bz1QR4.roa (raw, json)
Hash identifier: 3f36OBmoyEJq8mduawvqIug18pRtZX3AcIaif3SXd4Q=
Subject key identifier: 75:FA:FA:98:86:4A:8E:0B:48:F8:1E:2C:53:05:3D:D8:1C:F5:41:1E
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DCAA19310F412CCE20675264D673D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfr6mIZKjgtI-B4sUwU92Bz1QR4.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9312
IP address blocks: 149.62.46.0/24 maxlen: 24
45.90.210.0/24 maxlen: 24
45.90.208.0/24 maxlen: 24
149.62.47.0/24 maxlen: 24
45.90.211.0/24 maxlen: 24
45.90.209.0/24 maxlen: 24
194.36.243.0/24 maxlen: 24
95.214.165.0/24 maxlen: 24
95.214.164.0/24 maxlen: 24
194.169.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:ca:a1:93:10:f4:12:cc:e2:06:75:26:4d:67:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75fafa98864a8e0b48f81e2c53053dd81cf5411e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:04:60:a1:43:53:2a:5f:d4:7f:af:70:60:4f:
17:ac:26:65:25:c7:78:b0:fd:cf:71:e3:85:b8:a4:
05:57:50:14:28:15:85:44:34:66:24:35:17:f4:6c:
3a:83:78:aa:33:e2:7e:e9:67:5e:00:f3:33:c3:33:
70:52:0f:61:4d:53:a7:c1:15:25:8c:8e:be:0e:4c:
95:d3:41:1b:91:1c:10:ea:5b:38:ba:51:a3:a6:38:
92:94:bf:59:6a:ac:1f:44:43:55:f8:54:d1:a4:67:
e3:47:35:4a:09:cf:3a:55:1b:49:b0:24:7f:6f:46:
52:67:6f:c0:5a:b5:79:9c:4c:74:3d:2a:4b:37:57:
7c:ac:5a:8c:6c:8b:f7:19:3b:64:bb:dc:c0:24:0a:
4f:07:02:43:19:9f:b3:a6:1b:24:23:58:34:73:32:
1c:a5:68:d1:92:19:b2:7b:76:3c:23:5b:05:94:f0:
a6:f5:4e:59:a9:c4:e2:a8:e6:08:2f:f6:5b:5d:82:
8a:2c:5b:bc:36:59:8d:b7:1b:00:43:23:03:ca:57:
41:f4:4c:49:d9:71:5c:ad:59:6a:c0:85:7c:8e:98:
cf:b1:73:66:61:3f:46:0e:10:cc:a1:f6:b8:85:a1:
c6:14:95:74:2d:41:76:33:a6:6d:24:bc:dd:7e:94:
86:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FA:FA:98:86:4A:8E:0B:48:F8:1E:2C:53:05:3D:D8:1C:F5:41:1E
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/dfr6mIZKjgtI-B4sUwU92Bz1QR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.208.0/22
95.214.164.0/23
149.62.46.0/23
194.36.243.0/24
194.169.55.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ce:31:89:78:8e:a8:12:d3:dc:91:3b:9d:1a:24:dc:e9:69:
5a:46:7d:aa:eb:97:1b:7f:9f:2b:e2:c3:8e:59:72:22:27:01:
40:f2:d0:61:eb:f0:4a:e1:01:b0:14:34:99:6c:40:70:96:2c:
7a:6d:96:42:6c:9c:8a:5b:79:57:df:99:d8:57:2c:71:a4:73:
a9:e5:ed:54:11:1a:80:e1:60:1d:7f:24:56:bd:1b:67:ef:0d:
94:b7:ef:30:45:df:6a:1c:a1:1d:1f:4e:39:2f:ea:35:98:15:
f7:47:93:19:ff:6e:5e:1c:aa:d7:db:4b:69:0b:72:dd:ba:96:
6b:8f:9c:9f:11:8f:59:cc:59:07:94:b1:5c:9c:e6:e4:38:2a:
46:80:46:df:95:ee:8e:c7:01:7e:9e:04:35:6d:24:da:93:b8:
c4:68:b4:d1:3b:00:ae:e8:db:ec:08:a1:dd:11:3c:af:72:34:
67:ba:67:e0:0b:66:f6:d8:44:7d:98:bb:9d:85:de:b8:4d:aa:
2a:7d:1e:48:0b:eb:5e:13:d5:3c:e1:d1:57:3a:d4:35:e3:5c:
df:0f:28:cb:cb:e7:5e:be:ce:0d:48:56:4f:44:ba:f7:37:a5:
1d:42:fc:58:98:a0:bc:d0:32:ab:76:ef:86:67:2a:65:fa:5b:
d8:a6:c5:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvHcqhkxD0EsziBnUmTWc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZhZmE5ODg2NGE4ZTBiNDhmODFlMmM1MzA1M2RkODFjZjU0MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQRgoUNTKl/Uf69wYE8XrCZlJcd4
sP3PceOFuKQFV1AUKBWFRDRmJDUX9Gw6g3iqM+J+6WdeAPMzwzNwUg9hTVOnwRUl
jI6+DkyV00EbkRwQ6ls4ulGjpjiSlL9ZaqwfRENV+FTRpGfjRzVKCc86VRtJsCR/
b0ZSZ2/AWrV5nEx0PSpLN1d8rFqMbIv3GTtku9zAJApPBwJDGZ+zphskI1g0czIc
pWjRkhmye3Y8I1sFlPCm9U5ZqcTiqOYIL/ZbXYKKLFu8NlmNtxsAQyMDyldB9ExJ
2XFcrVlqwIV8jpjPsXNmYT9GDhDMofa4haHGFJV0LUF2M6ZtJLzdfpSGtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHX6+piGSo4LSPgeLFMFPdgc9UEeMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZGZyNm1JWktqZ3RJLUI0c1V3VTkyQnoxUVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVrQAwQB
X9akAwQBlT4uAwQAwiTzAwQAwqk3MA0GCSqGSIb3DQEBCwUAA4IBAQAOzjGJeI6o
EtPckTudGiTc6WlaRn2q65cbf58r4sOOWXIiJwFA8tBh6/BK4QGwFDSZbEBwlix6
bZZCbJyKW3lX35nYVyxxpHOp5e1UERqA4WAdfyRWvRtn7w2Ut+8wRd9qHKEdH045
L+o1mBX3R5MZ/25eHKrX20tpC3LdupZrj5yfEY9ZzFkHlLFcnObkOCpGgEbfle6O
xwF+ngQ1bSTak7jEaLTROwCu6NvsCKHdETyvcjRnumfgC2b22ER9mLudhd64Taoq
fR5IC+teE9U84dFXOtQ141zfDyjLy+devs4NSFZPRLr3N6UdQvxYmKC80DKrdu+G
Zypl+lvYpsVt
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:43 2024 by rpki-client on console-ams.rpki-client.org