Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa
File: gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa (raw, json)
Hash identifier: tF1ds8ZMACLyoT2o5ObgxYiRr7dByUX7b+BxpcAvR94=
Subject key identifier: 80:3A:9B:A5:DB:D2:F0:7F:51:25:DC:9E:34:B0:8A:8F:BB:DC:33:97
Certificate issuer: /CN=33954330349f57502a76ae6e99987efc3e3b8109
Certificate serial: 01856C4A53B58A511A44B1016ADD6DAE52B6
Authority key identifier: 33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa
Signing time: Sun 01 Jan 2023 07:44:48 +0000
ROA not before: Sun 01 Jan 2023 07:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198330
IP address blocks: 185.55.96.0/22 maxlen: 24
185.104.172.0/22 maxlen: 24
185.128.64.0/22 maxlen: 24
45.12.224.0/22 maxlen: 24
134.90.136.0/21 maxlen: 24
45.10.180.0/22 maxlen: 24
2a03:c280::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:53:b5:8a:51:1a:44:b1:01:6a:dd:6d:ae:52:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33954330349f57502a76ae6e99987efc3e3b8109
Validity
Not Before: Jan 1 07:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=803a9ba5dbd2f07f5125dc9e34b08a8fbbdc3397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9a:51:95:21:ed:c6:57:9c:37:fe:ab:b9:1c:
70:87:98:0d:d1:67:7e:de:45:a8:b2:03:fa:22:8f:
30:26:c4:1f:9e:c3:c6:87:17:7c:67:e9:dc:4c:93:
3d:98:07:43:a1:f8:ff:ef:27:71:2d:2a:d9:4b:1c:
bf:e6:26:ff:c6:7a:f9:0e:e8:46:43:68:d2:8b:a7:
13:32:e7:32:23:a0:47:98:3a:1a:d0:13:c6:a6:ab:
83:47:77:23:77:23:74:60:39:92:e6:b9:d5:86:60:
b0:38:ad:a5:62:cd:28:b1:a4:ed:d3:ef:8c:2c:32:
29:5a:1e:6d:8f:ad:d9:b8:2b:aa:a1:aa:9e:30:29:
e0:f4:77:d1:2f:a2:76:a6:b1:f3:70:d9:89:23:14:
be:2b:44:b6:41:25:f5:b4:e1:84:b9:d2:d9:16:7f:
e2:01:aa:52:3a:17:76:be:a8:c2:e7:a9:8c:10:4b:
48:1e:c7:e4:6d:8c:3a:cd:d1:9e:0b:60:d0:74:35:
cb:3f:b9:26:da:ba:21:9d:16:7b:90:5e:ff:47:e9:
bb:e0:8b:16:7b:ab:ba:18:29:88:ae:10:86:51:90:
01:b5:5e:b4:c6:bb:23:90:f7:da:4c:ed:94:24:64:
c9:d3:41:8d:64:f5:42:ca:34:a4:a7:77:72:a8:06:
9d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3A:9B:A5:DB:D2:F0:7F:51:25:DC:9E:34:B0:8A:8F:BB:DC:33:97
X509v3 Authority Key Identifier:
keyid:33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/gDqbpdvS8H9RJdyeNLCKj7vcM5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/M5VDMDSfV1Aqdq5umZh-_D47gQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.180.0/22
45.12.224.0/22
134.90.136.0/21
185.55.96.0/22
185.104.172.0/22
185.128.64.0/22
IPv6:
2a03:c280::/32
Signature Algorithm: sha256WithRSAEncryption
80:4c:3f:cd:a0:fd:5f:3c:a0:e7:42:25:73:11:60:d7:23:e7:
d5:66:01:ee:b4:a7:6a:27:f1:9f:44:31:66:0f:fd:d6:7f:fa:
e7:b9:cf:66:c7:f8:a5:d2:c7:5a:a1:1c:0e:c0:2d:db:44:53:
b7:b8:dc:1f:29:4f:1c:3e:9f:e2:94:5a:90:f1:f2:a5:13:80:
59:d8:d5:2e:f7:d2:0c:1d:91:79:74:37:43:8c:3a:e1:76:43:
53:a9:24:87:59:95:ee:22:90:2b:e9:44:3e:ab:d4:c8:4c:e5:
3e:cc:a8:11:42:65:27:2c:3c:88:35:3f:f9:a7:a7:c5:e8:6f:
d0:cf:64:a2:48:25:9c:c7:ff:91:c2:e8:ae:bc:ca:f7:97:48:
df:74:2c:21:d9:f5:13:a1:53:70:8b:e8:76:23:c8:b2:3e:c7:
98:86:24:d9:18:df:3f:54:34:c0:37:5d:28:ed:30:4a:ff:8a:
1c:13:16:1a:67:83:86:52:26:66:c6:92:0e:8a:01:6a:5d:10:
bb:de:a5:b7:0b:cb:0a:3b:5e:96:75:33:d5:eb:93:3b:5d:0b:
ff:68:0e:dc:85:13:af:65:ef:46:69:01:c9:4d:1d:9f:49:0a:
19:1d:39:96:3b:b6:1f:55:47:65:59:36:5b:15:d1:2b:27:fd:
4b:f7:7e:c4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsSlO1ilEaRLEBat1trlK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOTU0MzMwMzQ5ZjU3NTAyYTc2YWU2ZTk5OTg3ZWZjM2Uz
YjgxMDkwHhcNMjMwMTAxMDc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNhOWJhNWRiZDJmMDdmNTEyNWRjOWUzNGIwOGE4ZmJiZGMzMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5pRlSHtxlecN/6ruRxwh5gN0Wd+
3kWosgP6Io8wJsQfnsPGhxd8Z+ncTJM9mAdDofj/7ydxLSrZSxy/5ib/xnr5DuhG
Q2jSi6cTMucyI6BHmDoa0BPGpquDR3cjdyN0YDmS5rnVhmCwOK2lYs0osaTt0++M
LDIpWh5tj63ZuCuqoaqeMCng9HfRL6J2prHzcNmJIxS+K0S2QSX1tOGEudLZFn/i
AapSOhd2vqjC56mMEEtIHsfkbYw6zdGeC2DQdDXLP7km2rohnRZ7kF7/R+m74IsW
e6u6GCmIrhCGUZABtV60xrsjkPfaTO2UJGTJ00GNZPVCyjSkp3dyqAadxwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIA6m6Xb0vB/USXcnjSwio+73DOXMB8GA1UdIwQY
MBaAFDOVQzA0n1dQKnaubpmYfvw+O4EJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTVWRE1EU2ZWMUFxZHE1dW1aaC1fRDQ3Z1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZjE5ZTktMWIyYi00ODEyLWFiNWEt
ZmRmODRmODNhMjc0LzEvZ0RxYnBkdlM4SDlSSmR5ZU5MQ0tqN3ZjTTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZjE5ZTktMWIyYi00ODEyLWFiNWEtZmRmODRmODNhMjc0
LzEvTTVWRE1EU2ZWMUFxZHE1dW1aaC1fRDQ3Z1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLQq0AwQC
LQzgAwQDhlqIAwQCuTdgAwQCuWisAwQCuYBAMA0EAgACMAcDBQAqA8KAMA0GCSqG
SIb3DQEBCwUAA4IBAQCATD/NoP1fPKDnQiVzEWDXI+fVZgHutKdqJ/GfRDFmD/3W
f/rnuc9mx/il0sdaoRwOwC3bRFO3uNwfKU8cPp/ilFqQ8fKlE4BZ2NUu99IMHZF5
dDdDjDrhdkNTqSSHWZXuIpAr6UQ+q9TITOU+zKgRQmUnLDyINT/5p6fF6G/Qz2Si
SCWcx/+RwuiuvMr3l0jfdCwh2fUToVNwi+h2I8iyPseYhiTZGN8/VDTAN10o7TBK
/4ocExYaZ4OGUiZmxpIOigFqXRC73qW3C8sKO16WdTPV65M7XQv/aA7chROvZe9G
aQHJTR2fSQoZHTmWO7YfVUdlWTZbFdErJ/1L937E
-----END CERTIFICATE-----
Generated at Tue Aug 1 07:43:29 2023 by rpki-client on console-ams.rpki-client.org