Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/d60BeX5siU5ymkbSmrZDkb-e7Dk.roa
File: d60BeX5siU5ymkbSmrZDkb-e7Dk.roa (raw, json)
Hash identifier: G8ZQ5iIX41XioiTy0kLAy12SJyosYO8Ps2+2LqPtjaw=
Subject key identifier: 77:AD:01:79:7E:6C:89:4E:72:9A:46:D2:9A:B6:43:91:BF:9E:EC:39
Certificate issuer: /CN=f2e3ab6b3118e0bde0e6488e6bed6c96941e0e84
Certificate serial: 018572D5C78B819B377367CCF1EF5C2D6965
Authority key identifier: F2:E3:AB:6B:31:18:E0:BD:E0:E6:48:8E:6B:ED:6C:96:94:1E:0E:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/d60BeX5siU5ymkbSmrZDkb-e7Dk.roa
Signing time: Mon 02 Jan 2023 14:14:50 +0000
ROA not before: Mon 02 Jan 2023 14:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197395
IP address blocks: 45.10.132.0/22 maxlen: 22
46.243.96.0/21 maxlen: 21
185.119.188.0/22 maxlen: 22
2a04:e580::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:c7:8b:81:9b:37:73:67:cc:f1:ef:5c:2d:69:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e3ab6b3118e0bde0e6488e6bed6c96941e0e84
Validity
Not Before: Jan 2 14:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77ad01797e6c894e729a46d29ab64391bf9eec39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7b:90:30:49:2e:0e:a9:76:b1:84:d8:d8:77:
b3:5e:62:65:b7:d3:36:97:3a:28:a6:e5:43:e7:83:
63:e5:5e:0d:ae:60:b6:1d:e3:70:7c:4c:3c:76:e9:
07:85:a2:b0:ce:c6:96:7c:94:8e:e7:91:51:ea:f9:
2a:ba:dc:e6:68:19:7a:01:34:ad:0e:bf:63:09:83:
d7:a9:70:dd:ab:a8:7e:91:31:0d:36:48:fe:80:3a:
9b:35:f8:74:d5:92:9a:0a:d7:80:95:ac:46:60:87:
7b:f1:fd:c7:71:29:38:eb:a8:a3:b3:ec:55:4a:8c:
bb:32:b5:b1:f1:17:81:86:8b:a2:2f:d7:8e:42:69:
05:f5:db:b7:85:e9:17:fb:04:ae:84:11:5d:66:4d:
47:65:35:16:1a:38:1a:1a:e9:00:1e:51:7e:2b:78:
29:01:82:8f:a1:8c:ef:c7:a4:fd:d2:1a:80:7e:ea:
b2:07:41:9e:b0:ed:0c:43:a9:d7:d2:88:64:57:f7:
96:16:0c:4a:3f:73:03:d7:56:2b:5f:cc:88:97:65:
fa:de:6e:e3:47:4c:2d:85:54:f8:71:fb:62:ed:fb:
36:0b:ad:0b:d0:50:3a:ab:e9:1c:7b:51:a9:73:7b:
31:09:27:e3:ab:2e:b1:eb:0f:98:1a:9d:66:e8:fb:
20:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AD:01:79:7E:6C:89:4E:72:9A:46:D2:9A:B6:43:91:BF:9E:EC:39
X509v3 Authority Key Identifier:
keyid:F2:E3:AB:6B:31:18:E0:BD:E0:E6:48:8E:6B:ED:6C:96:94:1E:0E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/d60BeX5siU5ymkbSmrZDkb-e7Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.132.0/22
46.243.96.0/21
185.119.188.0/22
IPv6:
2a04:e580::/29
Signature Algorithm: sha256WithRSAEncryption
8f:1e:e1:9d:46:de:88:02:49:a3:55:33:a6:b6:bc:8b:60:ff:
9f:89:c7:a4:f1:fc:27:2b:fc:e5:59:af:17:68:e4:83:61:f7:
9d:a5:41:3e:9b:2c:db:bb:1a:b7:42:e5:2a:fe:71:c2:e0:ce:
44:50:32:c9:9e:26:f0:1b:42:b3:f9:c8:d1:ea:26:c6:a8:6d:
63:7d:12:7f:e1:97:5b:01:30:e8:7b:a8:a9:e3:4e:a8:f1:e0:
2e:ff:67:bc:0e:ea:7e:fe:58:59:73:1b:52:2f:bc:8c:6e:0c:
8d:8b:3c:9f:3f:84:b2:69:ce:78:63:3c:11:f9:9b:62:a9:0e:
54:65:72:fd:04:19:6a:64:7a:27:56:c2:c9:15:70:67:f5:cc:
d5:8b:19:a7:89:a2:cc:00:bb:ad:73:07:58:71:d1:2c:b2:8f:
e8:eb:cd:ba:29:2c:69:bd:3e:3e:ff:c6:49:ea:ed:d0:4b:41:
46:01:4d:66:21:fa:de:71:03:0f:a5:af:aa:c6:c3:79:0e:13:
4f:f6:2c:a4:46:4a:7e:34:64:94:41:10:fd:61:cb:16:1c:fa:
11:03:9f:80:23:1c:38:f9:8e:62:72:d6:6d:e3:36:ec:9f:6e:
f7:b9:2f:44:93:27:5b:2d:52:31:d4:9b:35:0a:f0:3a:b7:f1:
e8:44:27:f7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy1ceLgZs3c2fM8e9cLWllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTNhYjZiMzExOGUwYmRlMGU2NDg4ZTZiZWQ2Yzk2OTQx
ZTBlODQwHhcNMjMwMTAyMTQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FkMDE3OTdlNmM4OTRlNzI5YTQ2ZDI5YWI2NDM5MWJmOWVlYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3uQMEkuDql2sYTY2HezXmJlt9M2
lzoopuVD54Nj5V4NrmC2HeNwfEw8dukHhaKwzsaWfJSO55FR6vkqutzmaBl6ATSt
Dr9jCYPXqXDdq6h+kTENNkj+gDqbNfh01ZKaCteAlaxGYId78f3HcSk466ijs+xV
Soy7MrWx8ReBhouiL9eOQmkF9du3hekX+wSuhBFdZk1HZTUWGjgaGukAHlF+K3gp
AYKPoYzvx6T90hqAfuqyB0GesO0MQ6nX0ohkV/eWFgxKP3MD11YrX8yIl2X63m7j
R0wthVT4cfti7fs2C60L0FA6q+kce1Gpc3sxCSfjqy6x6w+YGp1m6PsgUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHetAXl+bIlOcppG0pq2Q5G/nuw5MB8GA1UdIwQY
MBaAFPLjq2sxGOC94OZIjmvtbJaUHg6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zNmM0YTMtNmUxZC00NjE0LThmOTAt
ODNiMDM4NzAwOTRkLzEvZDYwQmVYNXNpVTV5bWtiU21yWkRrYi1lN0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zNmM0YTMtNmUxZC00NjE0LThmOTAtODNiMDM4NzAwOTRk
LzEvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQqEAwQD
LvNgAwQCuXe8MA0EAgACMAcDBQMqBOWAMA0GCSqGSIb3DQEBCwUAA4IBAQCPHuGd
Rt6IAkmjVTOmtryLYP+ficek8fwnK/zlWa8XaOSDYfedpUE+myzbuxq3QuUq/nHC
4M5EUDLJnibwG0Kz+cjR6ibGqG1jfRJ/4ZdbATDoe6ip406o8eAu/2e8Dup+/lhZ
cxtSL7yMbgyNizyfP4Syac54YzwR+ZtiqQ5UZXL9BBlqZHonVsLJFXBn9czVixmn
iaLMALutcwdYcdEsso/o6826KSxpvT4+/8ZJ6u3QS0FGAU1mIfrecQMPpa+qxsN5
DhNP9iykRkp+NGSUQRD9YcsWHPoRA5+AIxw4+Y5ictZt4zbsn273uS9EkydbLVIx
1Js1CvA6t/HoRCf3
-----END CERTIFICATE-----
Generated at Mon Sep 11 15:41:46 2023 by rpki-client on console-ams.rpki-client.org