Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/bAzTKTgc4q11HQqEQUOGoGMDD8Y.roa
File: bAzTKTgc4q11HQqEQUOGoGMDD8Y.roa (raw, json)
Hash identifier: 3h3SYsEBUFaz6mLZhV6I/yyxm+UeDRKAE6/W2exem7o=
Subject key identifier: 6C:0C:D3:29:38:1C:E2:AD:75:1D:0A:84:41:43:86:A0:63:03:0F:C6
Certificate issuer: /CN=2e481909559480d248490d8e1d71c3c093b05fe5
Certificate serial: 018CC64B03B7C254E08D6AB9B795045524F7
Authority key identifier: 2E:48:19:09:55:94:80:D2:48:49:0D:8E:1D:71:C3:C0:93:B0:5F:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkgZCVWUgNJISQ2OHXHDwJOwX-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/bAzTKTgc4q11HQqEQUOGoGMDD8Y.roa
Signing time: Mon 01 Jan 2024 18:30:54 +0000
ROA not before: Mon 01 Jan 2024 18:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201714
IP address blocks: 185.66.4.0/22 maxlen: 24
45.85.100.0/24 maxlen: 24
2a03:1ea0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 19 Apr 2024 06:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:03:b7:c2:54:e0:8d:6a:b9:b7:95:04:55:24:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e481909559480d248490d8e1d71c3c093b05fe5
Validity
Not Before: Jan 1 18:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c0cd329381ce2ad751d0a84414386a063030fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:98:e0:54:70:29:d9:68:eb:7d:ee:1e:f7:19:
ad:1f:18:f6:0f:70:19:d9:24:23:14:fd:f5:2d:c5:
37:13:3a:23:89:0e:6d:80:c2:79:fb:82:12:e8:de:
c5:64:29:24:dd:52:88:7f:e3:64:96:f9:7f:cb:33:
49:58:b6:9b:cb:86:6b:a5:9a:db:17:4c:02:de:dc:
82:26:23:d3:bf:2a:39:51:21:10:bf:9c:58:ac:7a:
14:c7:1b:5f:36:1d:ca:de:f2:d1:98:0d:b6:22:78:
b8:05:38:11:00:b4:71:31:dc:91:ea:0f:b9:4e:a7:
08:e4:3e:48:f2:2d:4f:03:0c:9f:0c:78:11:17:4a:
a8:2c:bf:ff:37:91:b2:b9:05:c4:87:cf:28:1e:9f:
f5:55:48:ac:f7:85:bb:fb:86:84:52:b8:3a:d5:4e:
74:67:be:1b:62:08:75:84:4b:45:08:b2:6b:9e:97:
c9:1e:f8:e7:fc:41:7a:c4:53:ba:7d:77:9a:ce:ff:
19:bc:d8:d8:45:e8:fa:cc:f3:a1:b4:af:17:2f:6d:
ed:ae:28:e6:4f:c8:1f:90:66:44:d4:76:42:ac:fd:
09:b9:eb:d8:ba:94:cd:62:5e:ab:bd:e4:32:0f:16:
f3:7d:c9:a6:16:2c:ff:0a:7f:2b:2b:9d:e0:d1:b9:
2b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0C:D3:29:38:1C:E2:AD:75:1D:0A:84:41:43:86:A0:63:03:0F:C6
X509v3 Authority Key Identifier:
keyid:2E:48:19:09:55:94:80:D2:48:49:0D:8E:1D:71:C3:C0:93:B0:5F:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkgZCVWUgNJISQ2OHXHDwJOwX-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/bAzTKTgc4q11HQqEQUOGoGMDD8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7f16ea-26d3-457f-92cb-87bc58f34665/1/LkgZCVWUgNJISQ2OHXHDwJOwX-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.100.0/24
185.66.4.0/22
IPv6:
2a03:1ea0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:b8:94:31:66:4e:84:0b:c7:e2:aa:c9:53:df:fc:d6:75:fa:
15:da:c3:ac:70:4b:b9:5f:31:d6:51:f4:ed:4c:59:5c:b6:81:
ed:c8:72:87:8c:e1:52:4a:13:55:e8:65:8f:08:5b:56:a8:d5:
a3:2f:38:c0:12:59:b2:28:43:24:b5:4c:bf:b8:f5:57:47:53:
46:0e:96:fb:0e:c4:50:a1:e8:48:a3:a0:83:e3:96:ee:a5:87:
c2:2e:4c:f8:1d:05:b7:f8:c2:e1:92:47:8d:83:56:56:60:42:
cf:4c:71:7c:33:9d:0a:a9:f1:23:f7:f7:4b:7c:4d:a0:49:84:
01:24:4e:5e:bd:25:6d:6b:f6:83:65:9f:6c:96:fa:02:2b:b9:
ae:5a:b1:5e:e7:0c:ca:04:fa:ee:23:03:5a:45:1c:f5:68:a4:
f5:e8:ef:e2:95:ea:bd:f2:a6:b0:39:c2:d2:f2:eb:5d:63:2d:
a6:28:76:0d:06:6f:89:a0:ce:2f:b5:a5:53:f7:1f:d3:d8:92:
47:8e:63:a9:80:2a:04:d5:c6:43:49:4f:35:03:59:30:fe:f7:
95:7e:6a:65:f6:ad:db:4b:c8:30:10:7a:e8:3f:d8:93:7e:6b:
79:65:ea:0a:1d:7f:b4:52:b2:5e:81:67:57:23:d6:e0:38:d1:
c1:0d:6b:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSwO3wlTgjWq5t5UEVST3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDgxOTA5NTU5NDgwZDI0ODQ5MGQ4ZTFkNzFjM2MwOTNi
MDVmZTUwHhcNMjQwMTAxMTgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzBjZDMyOTM4MWNlMmFkNzUxZDBhODQ0MTQzODZhMDYzMDMwZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5jgVHAp2Wjrfe4e9xmtHxj2D3AZ
2SQjFP31LcU3EzojiQ5tgMJ5+4IS6N7FZCkk3VKIf+Nklvl/yzNJWLaby4ZrpZrb
F0wC3tyCJiPTvyo5USEQv5xYrHoUxxtfNh3K3vLRmA22Ini4BTgRALRxMdyR6g+5
TqcI5D5I8i1PAwyfDHgRF0qoLL//N5GyuQXEh88oHp/1VUis94W7+4aEUrg61U50
Z74bYgh1hEtFCLJrnpfJHvjn/EF6xFO6fXeazv8ZvNjYRej6zPOhtK8XL23trijm
T8gfkGZE1HZCrP0JuevYupTNYl6rveQyDxbzfcmmFiz/Cn8rK53g0bkrpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGwM0yk4HOKtdR0KhEFDhqBjAw/GMB8GA1UdIwQY
MBaAFC5IGQlVlIDSSEkNjh1xw8CTsF/lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtnWkNWV1VnTkpJU1EyT0hYSER3Sk93WC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83ZjE2ZWEtMjZkMy00NTdmLTkyY2It
ODdiYzU4ZjM0NjY1LzEvYkF6VEtUZ2M0cTExSFFxRVFVT0dvR01ERDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83ZjE2ZWEtMjZkMy00NTdmLTkyY2ItODdiYzU4ZjM0NjY1
LzEvTGtnWkNWV1VnTkpJU1EyT0hYSER3Sk93WC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVVkAwQC
uUIEMA0EAgACMAcDBQAqAx6gMA0GCSqGSIb3DQEBCwUAA4IBAQA6uJQxZk6EC8fi
qslT3/zWdfoV2sOscEu5XzHWUfTtTFlctoHtyHKHjOFSShNV6GWPCFtWqNWjLzjA
ElmyKEMktUy/uPVXR1NGDpb7DsRQoehIo6CD45bupYfCLkz4HQW3+MLhkkeNg1ZW
YELPTHF8M50KqfEj9/dLfE2gSYQBJE5evSVta/aDZZ9slvoCK7muWrFe5wzKBPru
IwNaRRz1aKT16O/ileq98qawOcLS8utdYy2mKHYNBm+JoM4vtaVT9x/T2JJHjmOp
gCoE1cZDSU81A1kw/veVfmpl9q3bS8gwEHroP9iTfmt5ZeoKHX+0UrJegWdXI9bg
ONHBDWtb
-----END CERTIFICATE-----
Generated at Fri Apr 19 09:42:51 2024 by rpki-client on console-ams.rpki-client.org