Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/gKHtOp3MFvNmRlFB2A6Fslxtn6g.roa
File: gKHtOp3MFvNmRlFB2A6Fslxtn6g.roa (raw, json)
Hash identifier: mZtpJmEqzAuAVAFq0VcqcNxalKrSDOTTERC7RDqWr1A=
Subject key identifier: 80:A1:ED:3A:9D:CC:16:F3:66:46:51:41:D8:0E:85:B2:5C:6D:9F:A8
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01856DC19AC6061486B433B6A0C59D2690C1
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/gKHtOp3MFvNmRlFB2A6Fslxtn6g.roa
Signing time: Sun 01 Jan 2023 14:34:42 +0000
ROA not before: Sun 01 Jan 2023 14:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.48.0/23 maxlen: 23
185.243.48.0/22 maxlen: 22
5.57.32.0/24 maxlen: 24
185.215.231.0/24 maxlen: 24
185.124.172.0/22 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.174.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
37.32.44.0/24 maxlen: 24
37.32.44.0/22 maxlen: 22
37.32.45.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:9a:c6:06:14:86:b4:33:b6:a0:c5:9d:26:90:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 14:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a1ed3a9dcc16f366465141d80e85b25c6d9fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:c2:90:3f:82:ef:c5:bc:05:bd:48:6f:38:
74:e8:3f:4d:41:a7:29:1a:76:60:3e:a6:c3:72:71:
5f:a3:43:e8:d2:9b:2c:19:8c:06:a9:57:48:8e:a5:
8a:72:e9:1b:0d:db:cb:97:b3:62:22:c1:dc:24:f7:
ce:23:ec:5e:a9:3c:f8:2b:6f:74:c6:3a:33:b5:ea:
c6:00:d2:c9:4e:51:d4:54:a1:1e:5c:23:ef:b3:02:
e8:b5:96:d7:59:39:73:68:f1:19:a8:cb:bb:f2:83:
06:c7:95:13:fd:6d:e4:fd:3f:5e:f1:06:e5:72:58:
64:ce:ef:c5:1f:6b:0c:69:9e:c6:dc:f2:f0:8f:c6:
03:f8:fc:70:9e:98:de:30:34:a2:32:d6:af:36:08:
6a:27:07:a8:50:35:e9:8a:5f:b8:4f:1c:ae:e1:b9:
cb:bc:19:3c:17:b0:a7:ea:6b:86:1a:f4:2b:b8:c3:
a0:d4:7c:d4:ec:36:3c:bc:7c:8e:45:d3:f7:ef:ac:
4e:97:e8:68:11:26:be:4c:82:08:48:e9:a2:67:03:
87:89:1f:84:24:df:04:e1:d6:3c:9b:43:10:49:66:
e1:fd:22:94:94:54:7a:05:2a:ce:d8:d0:3d:7d:c2:
8d:68:96:54:e8:85:3f:90:8c:a9:ce:f9:ec:81:11:
fb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A1:ED:3A:9D:CC:16:F3:66:46:51:41:D8:0E:85:B2:5C:6D:9F:A8
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/gKHtOp3MFvNmRlFB2A6Fslxtn6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
37.32.44.0/22
185.26.34.0/23
185.124.172.0/22
185.215.231.0/24
185.243.48.0/22
Signature Algorithm: sha256WithRSAEncryption
71:52:be:c1:1e:4b:e1:a1:cb:f1:84:03:0c:61:ae:42:9a:0d:
b5:71:a5:ec:fc:d4:ab:9b:79:5f:bf:d7:09:0b:3c:30:00:ac:
a3:be:15:85:64:a2:92:47:f3:74:22:c0:6a:73:fd:7b:69:14:
d8:d7:74:a3:ed:1f:e0:b7:3d:38:55:fe:83:a1:52:11:86:a1:
10:91:32:2c:80:eb:dd:7d:f8:72:03:cd:95:90:5c:ff:4e:36:
ab:cd:09:ab:ca:c6:08:27:ef:0c:47:44:f4:28:57:97:4f:95:
f9:12:12:c2:13:ef:22:be:e6:75:d7:4f:75:29:ce:c4:70:4e:
3a:9e:75:cf:79:13:b0:88:47:bc:cb:f5:c5:ac:15:f0:67:53:
3f:60:e5:3d:81:2d:49:81:2c:82:bf:2c:ce:d9:4a:7c:4f:3a:
12:6f:3b:d1:1a:b8:f0:d7:d6:aa:1a:62:d8:74:a9:b7:4e:29:
ca:41:f0:ea:25:26:1b:f2:0a:1d:2f:be:c7:c0:5a:fe:df:25:
87:e2:b4:bb:a8:6a:d9:50:14:0f:47:fd:f1:bd:0d:58:d4:4b:
9d:c6:e3:96:ed:95:28:a5:96:cc:ba:59:bd:7e:e7:2b:74:5c:
e7:29:5e:e1:8f:de:6f:bc:a9:70:5e:08:50:c8:07:25:25:cf:
ad:6a:33:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtwZrGBhSGtDO2oMWdJpDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwMTAxMTQzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGExZWQzYTlkY2MxNmYzNjY0NjUxNDFkODBlODViMjVjNmQ5ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBvCkD+C78W8Bb1Ibzh06D9NQacp
GnZgPqbDcnFfo0Po0pssGYwGqVdIjqWKcukbDdvLl7NiIsHcJPfOI+xeqTz4K290
xjozterGANLJTlHUVKEeXCPvswLotZbXWTlzaPEZqMu78oMGx5UT/W3k/T9e8Qbl
clhkzu/FH2sMaZ7G3PLwj8YD+PxwnpjeMDSiMtavNghqJweoUDXpil+4Txyu4bnL
vBk8F7Cn6muGGvQruMOg1HzU7DY8vHyORdP376xOl+hoESa+TIIISOmiZwOHiR+E
JN8E4dY8m0MQSWbh/SKUlFR6BSrO2NA9fcKNaJZU6IU/kIypzvnsgRH7PQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFICh7TqdzBbzZkZRQdgOhbJcbZ+oMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvZ0tIdE9wM01Gdk5tUmxGQjJBNkZzbHh0bjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABTkgAwQC
JSAsAwQBuRoiAwQCuXysAwQAudfnAwQCufMwMA0GCSqGSIb3DQEBCwUAA4IBAQBx
Ur7BHkvhocvxhAMMYa5Cmg21caXs/NSrm3lfv9cJCzwwAKyjvhWFZKKSR/N0IsBq
c/17aRTY13Sj7R/gtz04Vf6DoVIRhqEQkTIsgOvdffhyA82VkFz/TjarzQmrysYI
J+8MR0T0KFeXT5X5EhLCE+8ivuZ11091Kc7EcE46nnXPeROwiEe8y/XFrBXwZ1M/
YOU9gS1JgSyCvyzO2Up8TzoSbzvRGrjw19aqGmLYdKm3TinKQfDqJSYb8godL77H
wFr+3yWH4rS7qGrZUBQPR/3xvQ1Y1EudxuOW7ZUopZbMulm9fucrdFznKV7hj95v
vKlwXghQyAclJc+tajOa
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org