Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IW6mgsLW7qdMl5szW27C9W0O8XU.roa
File: IW6mgsLW7qdMl5szW27C9W0O8XU.roa (raw, json)
Hash identifier: WA6u5VNRGX6r8fQGSJ+T2iQjZPMxF/Y1HBP7ZiIErtA=
Subject key identifier: 21:6E:A6:82:C2:D6:EE:A7:4C:97:9B:33:5B:6E:C2:F5:6D:0E:F1:75
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0186EB06A85F1D3C3DEF9F67A46BA7739491
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IW6mgsLW7qdMl5szW27C9W0O8XU.roa
Signing time: Thu 16 Mar 2023 15:25:27 +0000
ROA not before: Thu 16 Mar 2023 15:25:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.153.238.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
77.83.70.0/24 maxlen: 24
171.22.188.0/24 maxlen: 24
171.22.189.0/24 maxlen: 24
194.110.88.0/22 maxlen: 22
84.252.84.0/23 maxlen: 23
45.11.232.0/24 maxlen: 24
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:eb:06:a8:5f:1d:3c:3d:ef:9f:67:a4:6b:a7:73:94:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Mar 16 15:25:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=216ea682c2d6eea74c979b335b6ec2f56d0ef175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:ca:19:a8:5e:e8:19:e8:b0:35:48:6e:d2:
e8:57:d1:7d:e8:95:97:d3:61:c9:87:68:f5:b4:69:
86:e4:32:32:c6:fb:01:82:cd:ed:1e:eb:59:1f:5b:
fc:60:1c:cd:54:46:ab:6d:36:fc:8a:6f:c4:a6:0b:
50:92:31:1c:2b:8d:3c:68:9c:81:b9:08:c0:ad:ec:
62:e1:67:2b:ab:3e:95:c8:2b:50:c3:77:cd:c3:4f:
07:b4:9a:3d:81:81:c5:2d:01:1b:c5:5e:4f:38:f6:
0c:5e:aa:9b:ab:13:50:ea:c7:b8:27:87:0c:bb:25:
e1:81:d1:f5:eb:7a:af:3e:ab:83:e4:c4:3d:e1:5a:
a0:f5:e0:b4:ca:30:7b:2a:be:bd:1d:b1:8f:63:a5:
b6:a4:1f:b0:f5:14:f3:e2:49:df:2d:5c:b1:c7:fe:
ff:2e:99:04:12:c1:7f:78:79:cd:39:66:97:54:79:
cd:1a:0b:3c:7f:26:32:a7:90:54:ce:1a:12:4d:f7:
24:8b:f9:f6:96:ae:46:20:a5:1e:00:69:b9:b8:69:
b0:7c:6b:18:63:99:f0:15:ab:3a:a2:ca:01:72:4b:
a7:57:e9:6b:ec:39:d1:5e:6b:ee:73:9c:af:55:c6:
09:ab:7d:de:5a:76:b5:80:ce:c2:52:36:85:01:38:
48:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6E:A6:82:C2:D6:EE:A7:4C:97:9B:33:5B:6E:C2:F5:6D:0E:F1:75
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IW6mgsLW7qdMl5szW27C9W0O8XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.153.236.0-45.153.238.255
77.83.70.0/23
84.252.84.0/22
171.22.188.0/23
194.110.88.0/22
Signature Algorithm: sha256WithRSAEncryption
01:56:5f:82:f8:b0:15:60:21:9c:78:e4:b8:10:88:fa:2e:fe:
a2:5c:4d:73:f1:84:e1:e9:03:75:63:2a:f8:ff:1d:29:a4:6d:
6c:fd:94:d0:23:66:f5:6b:d3:45:12:7f:fb:cc:58:7d:eb:a6:
8f:fe:63:39:32:ec:27:71:06:1f:40:49:3c:cc:8d:af:9a:27:
16:a0:01:1b:1e:dc:a8:b3:a7:bc:fa:09:25:e2:a0:48:c2:15:
8f:74:d8:1d:64:03:b5:18:c1:65:10:c9:b3:ae:d9:5a:b2:89:
d4:4e:b6:30:87:7e:18:13:83:a8:54:35:c9:1d:f4:e6:0d:b3:
e7:ce:d8:f1:4e:1f:a7:8f:7d:84:3e:37:fc:0d:34:08:e3:38:
c9:ba:52:4d:69:5d:d3:49:f4:9b:5a:b8:7a:03:91:ef:90:ad:
4c:c3:11:2b:a3:87:d6:7f:8e:28:51:ca:15:2f:82:2f:eb:60:
22:29:8e:4f:13:fe:d3:81:f8:83:02:25:c7:64:9d:f6:8d:e9:
82:ea:b8:db:17:0f:25:98:dd:db:d4:87:9a:c2:8f:9b:ef:bd:
cb:69:64:07:6b:07:33:7e:4c:3a:ce:8e:8d:ad:de:f7:6d:de:
ec:18:02:07:64:96:28:12:ce:13:83:81:ed:25:5a:f5:7f:d3:
4d:25:bb:51
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYbrBqhfHTw9759npGunc5SRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwMzE2MTUyNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTZlYTY4MmMyZDZlZWE3NGM5NzliMzM1YjZlYzJmNTZkMGVmMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTPKGahe6BnosDVIbtLoV9F96JWX
02HJh2j1tGmG5DIyxvsBgs3tHutZH1v8YBzNVEarbTb8im/EpgtQkjEcK408aJyB
uQjArexi4Wcrqz6VyCtQw3fNw08HtJo9gYHFLQEbxV5POPYMXqqbqxNQ6se4J4cM
uyXhgdH163qvPquD5MQ94Vqg9eC0yjB7Kr69HbGPY6W2pB+w9RTz4knfLVyxx/7/
LpkEEsF/eHnNOWaXVHnNGgs8fyYyp5BUzhoSTfcki/n2lq5GIKUeAGm5uGmwfGsY
Y5nwFas6osoBckunV+lr7DnRXmvuc5yvVcYJq33eWna1gM7CUjaFAThIUwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCFupoLC1u6nTJebM1tuwvVtDvF1MB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvSVc2bWdzTFc3cWRNbDVzelcyN0M5VzBPOFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALQvoMAwD
BAItmewDBAAtme4DBAFNU0YDBAJU/FQDBAGrFrwDBALCblgwDQYJKoZIhvcNAQEL
BQADggEBAAFWX4L4sBVgIZx45LgQiPou/qJcTXPxhOHpA3VjKvj/HSmkbWz9lNAj
ZvVr00USf/vMWH3rpo/+Yzky7CdxBh9ASTzMja+aJxagARse3Kizp7z6CSXioEjC
FY902B1kA7UYwWUQybOu2VqyidROtjCHfhgTg6hUNckd9OYNs+fO2PFOH6ePfYQ+
N/wNNAjjOMm6Uk1pXdNJ9JtauHoDke+QrUzDESujh9Z/jihRyhUvgi/rYCIpjk8T
/tOB+IMCJcdknfaN6YLquNsXDyWY3dvUh5rCj5vvvctpZAdrBzN+TDrOjo2t3vdt
3uwYAgdkligSzhODge0lWvV/000lu1E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org