Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/X3YyeF1RAGUqtd4o5LDPtDf6Tz0.roa
File: X3YyeF1RAGUqtd4o5LDPtDf6Tz0.roa (raw, json)
Hash identifier: EIaX9WMXMteeNPsYfNpwaumHGQjsX20wP/1mQRQmi78=
Subject key identifier: 5F:76:32:78:5D:51:00:65:2A:B5:DE:28:E4:B0:CF:B4:37:FA:4F:3D
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018B67C7E50089B68F4283E9FD5F70FD06D0
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/X3YyeF1RAGUqtd4o5LDPtDf6Tz0.roa
Signing time: Wed 25 Oct 2023 17:00:35 +0000
ROA not before: Wed 25 Oct 2023 17:00:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.92.0/23 maxlen: 24
80.246.225.0/24 maxlen: 24
80.246.231.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.233.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
80.246.234.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:c7:e5:00:89:b6:8f:42:83:e9:fd:5f:70:fd:06:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 25 17:00:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f7632785d5100652ab5de28e4b0cfb437fa4f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a8:64:18:b8:c2:2c:62:0a:7a:b1:64:9d:20:
fe:7b:95:6e:e4:f5:98:5c:c1:bb:36:9e:48:5e:67:
90:e0:2f:05:0b:0d:97:e4:30:e6:5f:25:02:e4:3c:
76:b9:7a:cd:4a:ca:ed:55:8d:b8:12:83:37:10:a2:
4e:34:61:ea:b2:27:77:41:a5:98:4a:69:1c:6a:d1:
da:68:f1:92:18:df:74:0a:02:39:f8:b3:e7:80:ad:
f4:c6:d7:1d:34:5c:99:1c:2f:d9:1c:22:e0:6a:17:
b2:54:61:3c:1c:08:59:66:3c:48:c2:a9:e2:e5:28:
c8:9f:09:0a:a2:24:17:35:a9:56:b5:36:1c:60:b6:
72:c6:78:7b:a6:77:4a:7e:3a:f5:ef:9c:43:9e:8b:
79:89:2d:fb:86:0a:c9:69:3e:d6:76:51:b4:a1:76:
2e:4d:c5:f3:6c:20:6f:7e:ec:34:a0:4d:eb:f2:6d:
df:68:1e:e6:82:82:7f:e4:86:d5:2d:2a:4b:44:fb:
8e:c6:dc:10:17:71:7b:e8:82:7a:7d:69:66:73:39:
8e:c7:20:3d:13:46:27:6e:78:f3:d0:3a:82:fa:6e:
74:0e:33:9d:8a:9e:f5:19:84:43:5c:b8:78:15:c6:
ab:8b:1e:0e:fb:20:14:1e:7c:7c:43:6e:2d:fd:01:
a4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:76:32:78:5D:51:00:65:2A:B5:DE:28:E4:B0:CF:B4:37:FA:4F:3D
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/X3YyeF1RAGUqtd4o5LDPtDf6Tz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.92.0/23
80.246.225.0/24
80.246.231.0-80.246.239.255
Signature Algorithm: sha256WithRSAEncryption
78:0e:35:09:2c:a6:90:6f:ed:98:68:e7:1f:21:60:fc:7a:a3:
e5:4c:7c:1f:6c:2e:b3:b6:03:c1:d2:77:c0:55:0f:ad:82:d8:
18:b2:18:f9:2a:c4:c1:59:ed:e9:34:f8:93:9a:ef:ce:77:8c:
1d:4f:b2:76:0d:8b:e3:9e:df:25:70:34:c9:93:98:67:d6:45:
e4:b2:03:74:d0:19:99:9f:c7:18:9e:17:74:d0:13:19:40:5d:
8b:97:87:5b:24:1a:1b:58:b0:8d:2d:50:64:e8:73:4a:07:42:
a7:13:7c:11:8f:7c:a7:99:ad:5f:23:35:02:7e:a3:35:cf:56:
2b:bd:94:ab:20:14:3c:db:e5:44:25:9d:98:0b:79:6e:ee:dd:
d8:f7:d5:0b:b0:91:09:1d:bb:cf:7c:00:72:d0:cc:8a:ef:14:
76:ba:39:40:df:ab:cf:4f:e0:46:75:4b:c0:76:8d:8e:03:82:
4d:fa:f9:8e:21:e3:7e:7e:09:a0:0b:f7:7a:65:8e:bd:57:90:
10:1b:43:8f:f4:86:3c:64:e8:76:86:98:c5:da:ce:44:b4:9f:
54:63:c7:46:91:c6:d4:04:7c:98:dd:40:be:e3:bd:33:e8:d0:
53:90:17:f4:3b:e9:13:62:53:35:c6:7b:11:bc:9a:0d:10:10:
49:71:6d:7e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYtnx+UAibaPQoPp/V9w/QbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMDI1MTcwMDM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc2MzI3ODVkNTEwMDY1MmFiNWRlMjhlNGIwY2ZiNDM3ZmE0ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKhkGLjCLGIKerFknSD+e5Vu5PWY
XMG7Np5IXmeQ4C8FCw2X5DDmXyUC5Dx2uXrNSsrtVY24EoM3EKJONGHqsid3QaWY
SmkcatHaaPGSGN90CgI5+LPngK30xtcdNFyZHC/ZHCLgaheyVGE8HAhZZjxIwqni
5SjInwkKoiQXNalWtTYcYLZyxnh7pndKfjr175xDnot5iS37hgrJaT7WdlG0oXYu
TcXzbCBvfuw0oE3r8m3faB7mgoJ/5IbVLSpLRPuOxtwQF3F76IJ6fWlmczmOxyA9
E0Ynbnjz0DqC+m50DjOdip71GYRDXLh4Fcarix4O+yAUHnx8Q24t/QGkOwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFF92MnhdUQBlKrXeKOSwz7Q3+k89MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvWDNZeWVGMVJBR1VxdGQ0bzVMRFB0RGY2VHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBLZVcAwQA
UPbhMAwDBABQ9ucDBARQ9uAwDQYJKoZIhvcNAQELBQADggEBAHgONQksppBv7Zho
5x8hYPx6o+VMfB9sLrO2A8HSd8BVD62C2BiyGPkqxMFZ7ek0+JOa7853jB1PsnYN
i+Oe3yVwNMmTmGfWReSyA3TQGZmfxxieF3TQExlAXYuXh1skGhtYsI0tUGToc0oH
QqcTfBGPfKeZrV8jNQJ+ozXPViu9lKsgFDzb5UQlnZgLeW7u3dj31QuwkQkdu898
AHLQzIrvFHa6OUDfq89P4EZ1S8B2jY4Dgk36+Y4h435+CaAL93pljr1XkBAbQ4/0
hjxk6HaGmMXazkS0n1Rjx0aRxtQEfJjdQL7jvTPo0FOQF/Q76RNiUzXGexG8mg0Q
EElxbX4=
-----END CERTIFICATE-----
Generated at Fri Oct 27 09:53:04 2023 by rpki-client on console-fra.rpki-client.org