Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/h46EYoJ47WnMJ3nE-z31AZh_9E8.roa
File: h46EYoJ47WnMJ3nE-z31AZh_9E8.roa (raw, json)
Hash identifier: nSlf1nhqjkbXmsxBEPRQqiIku9E5sBnaqP5+X4KXbjA=
Subject key identifier: 87:8E:84:62:82:78:ED:69:CC:27:79:C4:FB:3D:F5:01:98:7F:F4:4F
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018B6B0D4E8939DBDF4B65FD49E6580EADE7
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/h46EYoJ47WnMJ3nE-z31AZh_9E8.roa
Signing time: Thu 26 Oct 2023 08:15:16 +0000
ROA not before: Thu 26 Oct 2023 08:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3258
IP address blocks: 141.98.196.0/22 maxlen: 24
141.98.197.0/24 maxlen: 24
141.98.198.0/24 maxlen: 24
141.98.196.0/24 maxlen: 24
45.66.216.0/22 maxlen: 24
92.60.40.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
45.14.105.0/24 maxlen: 24
45.14.107.0/24 maxlen: 24
45.142.124.0/22 maxlen: 24
147.78.240.0/21 maxlen: 24
185.200.64.0/22 maxlen: 24
149.62.44.0/22 maxlen: 24
193.111.30.0/23 maxlen: 24
185.184.220.0/22 maxlen: 24
45.149.156.0/22 maxlen: 24
176.119.148.0/22 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
45.143.232.0/22 maxlen: 24
45.14.64.0/22 maxlen: 24
45.14.70.0/24 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/22 maxlen: 24
193.32.148.0/22 maxlen: 24
2a09:4::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:7::/48 maxlen: 48
2a09:7::/36 maxlen: 48
2a09:1::/48 maxlen: 48
2a09:7:2008::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a0d:c7c1::/32 maxlen: 48
2a09:7:1::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:0d:4e:89:39:db:df:4b:65:fd:49:e6:58:0e:ad:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Oct 26 08:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=878e84628278ed69cc2779c4fb3df501987ff44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:cd:b7:15:17:6e:7d:9d:79:7b:1c:a8:e4:
86:82:98:b9:88:51:68:28:38:bb:d2:ae:f8:81:22:
32:f3:b2:52:db:a9:8e:97:49:91:57:3e:b3:1d:2e:
9b:a9:d5:45:bb:e9:1b:aa:93:c0:2f:78:17:dc:24:
a8:ce:de:a4:e7:d9:c1:49:8d:52:d1:a2:56:94:d1:
d6:e8:b6:0f:ef:20:22:32:74:5a:29:7d:cf:b2:d7:
4b:e0:2d:0d:42:f5:f2:21:15:5a:a9:f6:9a:94:8e:
ee:f2:c9:88:22:3d:e9:23:c8:9b:76:8b:2c:f8:e7:
d5:44:e1:30:1b:c6:6e:7a:86:b8:c8:c3:ab:75:ed:
f8:ed:5d:1f:7c:b5:c9:26:3b:f8:37:fd:4b:b5:1a:
1b:bb:da:92:ce:de:f6:15:4d:5a:21:a5:69:53:f5:
e4:09:20:53:7f:2f:f7:5f:bb:a1:c8:30:c9:22:e9:
1c:73:aa:6b:33:a5:0d:22:c0:89:d8:51:65:6f:9f:
fe:a1:c1:ae:9e:cf:f9:de:81:1b:25:19:c4:1a:e6:
05:a0:b3:a5:f6:34:cc:5f:e1:17:c5:93:8c:80:cb:
a8:39:ad:6e:5e:f1:74:f8:af:f0:cd:1d:61:71:47:
6a:80:5f:14:52:0f:c6:31:24:09:2c:a1:3a:4c:ec:
45:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:8E:84:62:82:78:ED:69:CC:27:79:C4:FB:3D:F5:01:98:7F:F4:4F
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/h46EYoJ47WnMJ3nE-z31AZh_9E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.64.0/22
45.14.70.0/24
45.14.105.0/24
45.14.107.0/24
45.66.128.0/22
45.66.216.0/22
45.142.124.0/22
45.143.232.0/22
45.149.156.0/22
45.159.48.0/22
88.214.20.0/22
91.200.240.0/22
92.60.40.0/22
141.98.196.0/22
147.78.240.0/21
149.62.44.0/22
176.119.148.0/22
185.184.220.0/22
185.200.64.0/22
193.32.148.0/22
193.111.30.0/23
194.104.152.0/22
195.245.241.0-195.245.242.255
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
2a09:7::/36
2a09:7:2008::/48
2a0d:c7c1::/32
2a10:480::/29
Signature Algorithm: sha256WithRSAEncryption
2f:83:08:7c:e4:55:6c:32:fd:63:e8:4d:35:33:15:7e:79:fc:
38:38:31:05:3e:b2:87:6b:1d:d3:99:ca:c3:73:02:e2:04:d8:
89:4b:10:ac:02:c6:3f:35:20:92:0f:a9:a2:76:16:6b:b5:20:
02:48:6f:4a:9f:4c:42:a0:93:1f:97:6f:7d:aa:25:93:ca:97:
19:2d:75:cd:e2:b0:e2:8b:75:97:96:02:0e:b6:62:0f:9e:a1:
4e:e9:e1:3e:fc:f8:dc:29:8f:e7:1f:58:f3:e1:8f:f4:bc:85:
e0:2c:6c:68:99:6f:c9:c7:c3:4c:00:75:b6:e1:e8:0d:55:0a:
3b:08:63:5d:f2:69:e0:3d:4c:f3:44:20:19:0c:22:62:fb:0e:
96:cc:32:bd:1a:87:c3:a5:09:2d:ee:ad:60:87:7d:82:db:31:
a3:dc:71:9c:22:b3:f2:d5:d1:a5:12:89:0b:4b:a0:e8:ad:1c:
37:c7:c3:22:30:9b:61:55:95:a7:de:ef:45:31:e6:5e:2e:45:
b6:14:b9:2c:9d:65:23:55:85:92:fb:b1:ae:c6:2e:b5:bc:ad:
31:49:9b:7b:d3:6c:43:2b:df:66:53:81:67:09:99:d1:37:3e:
7b:6e:91:a1:8c:07:72:83:80:84:c2:4d:72:1e:72:dd:32:e1:
21:c8:56:44
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYtrDU6JOdvfS2X9SeZYDq3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMxMDI2MDgxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzhlODQ2MjgyNzhlZDY5Y2MyNzc5YzRmYjNkZjUwMTk4N2ZmNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdfNtxUXbn2deXscqOSGgpi5iFFo
KDi70q74gSIy87JS26mOl0mRVz6zHS6bqdVFu+kbqpPAL3gX3CSozt6k59nBSY1S
0aJWlNHW6LYP7yAiMnRaKX3PstdL4C0NQvXyIRVaqfaalI7u8smIIj3pI8ibdoss
+OfVROEwG8Zueoa4yMOrde347V0ffLXJJjv4N/1LtRobu9qSzt72FU1aIaVpU/Xk
CSBTfy/3X7uhyDDJIukcc6prM6UNIsCJ2FFlb5/+ocGuns/53oEbJRnEGuYFoLOl
9jTMX+EXxZOMgMuoOa1uXvF0+K/wzR1hcUdqgF8UUg/GMSQJLKE6TOxFrQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFIeOhGKCeO1pzCd5xPs99QGYf/RPMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvaDQ2RVlvSjQ3V25NSjNuRS16MzFBWmhfOUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwgZkEAgABMIGSAwQC
LQ5AAwQALQ5GAwQALQ5pAwQALQ5rAwQCLUKAAwQCLULYAwQCLY58AwQCLY/oAwQC
LZWcAwQCLZ8wAwQCWNYUAwQCW8jwAwQCXDwoAwQCjWLEAwQDk07wAwQClT4sAwQC
sHeUAwQCubjcAwQCuchAAwQCwSCUAwQBwW8eAwQCwmiYMAwDBADD9fEDBADD9fIw
UgQCAAIwTAMHACoJAAEAAAMHACoJAAIAAAMHACoJAAMAAAMHACoJAAQAAAMHACoJ
AAUAAAMGBCoJAAcAAwcAKgkAByAIAwUAKg3HwQMFAyoQBIAwDQYJKoZIhvcNAQEL
BQADggEBAC+DCHzkVWwy/WPoTTUzFX55/Dg4MQU+sodrHdOZysNzAuIE2IlLEKwC
xj81IJIPqaJ2Fmu1IAJIb0qfTEKgkx+Xb32qJZPKlxktdc3isOKLdZeWAg62Yg+e
oU7p4T78+Nwpj+cfWPPhj/S8heAsbGiZb8nHw0wAdbbh6A1VCjsIY13yaeA9TPNE
IBkMImL7DpbMMr0ah8OlCS3urWCHfYLbMaPccZwis/LV0aUSiQtLoOitHDfHwyIw
m2FVlafe70Ux5l4uRbYUuSydZSNVhZL7sa7GLrW8rTFJm3vTbEMr32ZTgWcJmdE3
PntukaGMB3KDgITCTXIect0y4SHIVkQ=
-----END CERTIFICATE-----
Generated at Sun Dec 17 16:42:52 2023 by rpki-client on console-fra.rpki-client.org