Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/REq8HmoIPp-l2e1JeHUts3wQX0A.roa
File: REq8HmoIPp-l2e1JeHUts3wQX0A.roa (raw, json)
Hash identifier: YFT/Nx1+qUjkor3YYg80ZVrxFGXsi6NmkgiAnZywfKU=
Subject key identifier: 44:4A:BC:1E:6A:08:3E:9F:A5:D9:ED:49:78:75:2D:B3:7C:10:5F:40
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018AAD16D8B228B1D187DBD6E2B800BF2202
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/REq8HmoIPp-l2e1JeHUts3wQX0A.roa
Signing time: Tue 19 Sep 2023 10:57:50 +0000
ROA not before: Tue 19 Sep 2023 10:57:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.94.0/24 maxlen: 24
80.246.225.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.228.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:16:d8:b2:28:b1:d1:87:db:d6:e2:b8:00:bf:22:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Sep 19 10:57:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=444abc1e6a083e9fa5d9ed4978752db37c105f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f5:ec:0e:8f:58:b3:08:75:03:d1:c9:ca:fc:
44:27:1f:9e:af:82:b9:1a:d9:60:f7:10:a2:7c:00:
1f:96:74:04:31:8e:c3:81:e5:7c:f7:2f:79:2e:a8:
42:a2:2b:f6:f4:93:37:a4:42:53:8f:37:9e:ad:52:
4f:3b:53:91:fc:48:3e:f4:d2:79:3d:16:f8:76:17:
a3:f4:fa:83:ae:28:f8:f8:6a:da:77:1f:ea:4d:85:
ad:69:78:1b:d2:45:4f:30:f1:2b:56:06:5c:f7:e7:
c9:0e:4d:e8:ac:c2:6b:c0:f8:fe:03:ed:51:5e:56:
dc:7f:28:b1:81:31:ed:82:be:39:4d:b9:7a:ae:9a:
de:c4:3d:88:73:d2:a6:c4:4a:fc:3a:98:0b:a5:61:
22:eb:8b:90:2c:9e:da:4a:91:94:b9:25:e4:6b:1d:
2b:8f:16:7c:3e:f6:5f:17:af:d8:ce:6e:31:48:59:
32:23:31:ec:a1:9a:00:ee:91:51:84:f9:01:bd:45:
a1:72:95:41:c3:2f:78:b4:e1:8c:86:94:e8:f8:04:
e4:3d:af:57:15:ef:b7:a5:2a:3e:e5:d3:31:db:b6:
03:ac:53:cf:e1:a4:3b:cc:8e:16:4d:2f:fb:96:31:
c6:a3:97:e8:da:79:91:02:27:8b:c5:00:65:ca:67:
09:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:4A:BC:1E:6A:08:3E:9F:A5:D9:ED:49:78:75:2D:B3:7C:10:5F:40
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/REq8HmoIPp-l2e1JeHUts3wQX0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.94.0/24
80.246.225.0/24
80.246.228.0/24
80.246.232.0/24
80.246.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:f2:ec:e3:96:eb:5e:5d:87:6e:bc:16:76:f2:73:33:41:d4:
05:55:56:12:c2:25:fb:3c:7e:f1:07:c7:40:11:47:ac:46:5d:
7f:44:2b:0f:57:ed:c1:b5:7a:13:8a:27:97:9a:6a:c7:16:a0:
b6:1c:55:87:38:30:49:87:29:d4:57:a9:a0:a8:94:47:9d:99:
c2:4d:7c:45:71:1d:61:91:a7:f0:1c:b1:70:4a:53:2f:d9:5c:
c5:20:49:cd:d7:7c:92:e3:08:54:14:f8:86:f7:36:8f:e0:3d:
0e:27:b7:88:63:7b:41:f3:33:e5:72:25:e6:7b:9c:02:f9:80:
2a:05:23:04:a3:42:13:8f:83:ac:8c:d0:83:27:5e:08:b7:28:
87:80:6a:be:cb:40:90:f0:0a:b6:42:fc:e9:9f:37:e9:d1:81:
4c:c6:7f:2e:bd:55:26:82:96:17:16:a0:cb:4e:6f:a3:2f:80:
eb:4f:97:03:d9:32:70:0b:ec:92:b5:08:48:6a:85:7b:e9:14:
68:cd:9d:de:f3:3b:0c:d5:c7:a4:34:58:ef:ab:7f:01:0c:10:
f3:e3:11:0a:71:c8:fd:5d:75:6a:0d:c5:12:db:12:68:2b:cd:
a3:82:5c:e2:54:fe:42:c5:06:d7:0b:89:a5:47:dc:3c:53:aa:
fb:b2:6c:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqtFtiyKLHRh9vW4rgAvyICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwOTE5MTA1NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDRhYmMxZTZhMDgzZTlmYTVkOWVkNDk3ODc1MmRiMzdjMTA1ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/XsDo9Yswh1A9HJyvxEJx+er4K5
Gtlg9xCifAAflnQEMY7DgeV89y95LqhCoiv29JM3pEJTjzeerVJPO1OR/Eg+9NJ5
PRb4dhej9PqDrij4+Gradx/qTYWtaXgb0kVPMPErVgZc9+fJDk3orMJrwPj+A+1R
XlbcfyixgTHtgr45Tbl6rprexD2Ic9KmxEr8OpgLpWEi64uQLJ7aSpGUuSXkax0r
jxZ8PvZfF6/Yzm4xSFkyIzHsoZoA7pFRhPkBvUWhcpVBwy94tOGMhpTo+ATkPa9X
Fe+3pSo+5dMx27YDrFPP4aQ7zI4WTS/7ljHGo5fo2nmRAieLxQBlymcJEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFERKvB5qCD6fpdntSXh1LbN8EF9AMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvUkVxOEhtb0lQcC1sMmUxSmVIVXRzM3dRWDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZVeAwQA
UPbhAwQAUPbkAwQAUPboAwQCUPbsMA0GCSqGSIb3DQEBCwUAA4IBAQAc8uzjlute
XYduvBZ28nMzQdQFVVYSwiX7PH7xB8dAEUesRl1/RCsPV+3BtXoTiieXmmrHFqC2
HFWHODBJhynUV6mgqJRHnZnCTXxFcR1hkafwHLFwSlMv2VzFIEnN13yS4whUFPiG
9zaP4D0OJ7eIY3tB8zPlciXme5wC+YAqBSMEo0ITj4OsjNCDJ14ItyiHgGq+y0CQ
8Aq2Qvzpnzfp0YFMxn8uvVUmgpYXFqDLTm+jL4DrT5cD2TJwC+yStQhIaoV76RRo
zZ3e8zsM1cekNFjvq38BDBDz4xEKccj9XXVqDcUS2xJoK82jglziVP5CxQbXC4ml
R9w8U6r7smwE
-----END CERTIFICATE-----
Generated at Wed Sep 20 08:19:37 2023 by rpki-client on console-ams.rpki-client.org