Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/vCfLXxTiEO_fl-VtQPqBlb-hxZ4.roa
File: vCfLXxTiEO_fl-VtQPqBlb-hxZ4.roa (raw, json)
Hash identifier: RejkjO3UYc+twHdMbEcjCAfUG9lk7mXIKR6YmzznGsI=
Subject key identifier: BC:27:CB:5F:14:E2:10:EF:DF:97:E5:6D:40:FA:81:95:BF:A1:C5:9E
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018B850FF029803C7A6FAD06A98071CC98DD
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/vCfLXxTiEO_fl-VtQPqBlb-hxZ4.roa
Signing time: Tue 31 Oct 2023 09:28:16 +0000
ROA not before: Tue 31 Oct 2023 09:28:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.92.0/23 maxlen: 24
80.246.231.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.233.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
80.246.234.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:0f:f0:29:80:3c:7a:6f:ad:06:a9:80:71:cc:98:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 31 09:28:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc27cb5f14e210efdf97e56d40fa8195bfa1c59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ef:78:64:e9:a4:0b:29:9b:95:0a:7b:2f:90:
70:67:70:eb:b0:29:ec:ca:7d:c9:f6:7b:02:b3:e4:
d4:aa:c2:66:34:ae:bc:2f:02:e8:87:40:18:8f:58:
47:06:68:98:fd:85:3e:53:b2:ef:b9:f6:78:e4:15:
8f:bc:38:48:f0:85:63:06:0a:70:68:3d:32:64:5a:
68:bd:95:6d:85:32:75:6c:a7:aa:34:bb:c4:96:95:
b7:30:9a:5b:00:5b:f2:35:e5:be:72:cf:26:55:1a:
00:eb:bc:e3:da:41:ae:bd:ec:74:ec:aa:03:b1:83:
37:f3:0b:df:a7:68:75:de:3c:8a:fe:c2:1b:09:fd:
d3:cc:eb:3b:cc:ac:05:a5:e5:74:4a:1a:92:5e:1f:
d7:8e:eb:cb:03:6d:43:32:f9:b1:cf:9e:af:1c:9d:
a6:43:fb:97:b1:bf:25:69:fa:63:3c:07:6d:aa:89:
75:81:cd:05:23:68:d2:f1:6a:d2:6b:b1:5f:00:36:
70:2c:1a:e0:4e:a8:18:df:6d:3b:dd:d2:5e:96:70:
cb:29:4d:4b:27:45:1c:df:2f:3f:79:ce:46:f3:fc:
c4:c9:95:f8:c0:e4:46:15:9a:71:86:93:10:7a:13:
cd:20:25:7a:fa:23:f3:16:57:61:1b:53:a7:ac:fc:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:27:CB:5F:14:E2:10:EF:DF:97:E5:6D:40:FA:81:95:BF:A1:C5:9E
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/vCfLXxTiEO_fl-VtQPqBlb-hxZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.92.0/23
80.246.231.0-80.246.239.255
Signature Algorithm: sha256WithRSAEncryption
40:1a:5b:1b:a9:27:bb:8d:75:98:50:68:4b:97:a1:25:6c:bb:
4a:67:cd:c4:88:3e:39:e1:e0:7b:d1:a2:75:56:69:0c:37:70:
d0:8d:19:7e:b0:5e:47:81:ed:91:32:3e:c1:78:a5:a7:18:89:
73:f2:14:2a:84:09:f2:c5:8d:12:b3:d0:97:1a:b2:b1:d7:f1:
9e:96:d1:ed:27:50:4d:e9:4a:d6:c7:6c:c2:81:52:4f:b3:c7:
60:6e:b9:d1:4e:a8:67:70:5d:58:04:8d:68:88:0f:b0:b8:e4:
c5:ef:e5:2a:6c:6a:32:bb:c1:0f:17:6f:64:8a:57:cd:d2:46:
ef:b9:f0:b9:81:d0:bb:8a:ff:4f:af:e4:e5:cf:47:32:96:03:
28:7e:a8:47:5e:65:16:2a:bd:e4:a9:66:31:80:0d:ba:7e:3f:
ad:8e:32:ab:47:23:74:48:fe:11:2e:eb:fd:56:a6:41:c0:da:
6d:c2:3f:0f:e1:5e:e4:a0:6a:b7:60:cd:dc:af:40:47:9f:6f:
34:2a:b7:e0:13:a4:92:14:d7:cb:85:77:d3:c9:f1:cf:e7:7e:
02:21:67:25:d3:93:b4:cf:7e:34:2b:1c:d7:14:33:bc:bf:74:
c4:1e:b1:b9:d1:a5:3a:6b:d7:b2:1c:9a:bd:e4:3d:b3:af:43:
10:06:71:fc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYuFD/ApgDx6b60GqYBxzJjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMDMxMDkyODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzI3Y2I1ZjE0ZTIxMGVmZGY5N2U1NmQ0MGZhODE5NWJmYTFjNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzu94ZOmkCymblQp7L5BwZ3DrsCns
yn3J9nsCs+TUqsJmNK68LwLoh0AYj1hHBmiY/YU+U7LvufZ45BWPvDhI8IVjBgpw
aD0yZFpovZVthTJ1bKeqNLvElpW3MJpbAFvyNeW+cs8mVRoA67zj2kGuvex07KoD
sYM38wvfp2h13jyK/sIbCf3TzOs7zKwFpeV0ShqSXh/XjuvLA21DMvmxz56vHJ2m
Q/uXsb8lafpjPAdtqol1gc0FI2jS8WrSa7FfADZwLBrgTqgY32073dJelnDLKU1L
J0Uc3y8/ec5G8/zEyZX4wORGFZpxhpMQehPNICV6+iPzFldhG1OnrPyLOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLwny18U4hDv35flbUD6gZW/ocWeMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvdkNmTFh4VGlFT19mbC1WdFFQcUJsYi1oeFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLZVcMAwD
BABQ9ucDBARQ9uAwDQYJKoZIhvcNAQELBQADggEBAEAaWxupJ7uNdZhQaEuXoSVs
u0pnzcSIPjnh4HvRonVWaQw3cNCNGX6wXkeB7ZEyPsF4pacYiXPyFCqECfLFjRKz
0JcasrHX8Z6W0e0nUE3pStbHbMKBUk+zx2BuudFOqGdwXVgEjWiID7C45MXv5Sps
ajK7wQ8Xb2SKV83SRu+58LmB0LuK/0+v5OXPRzKWAyh+qEdeZRYqveSpZjGADbp+
P62OMqtHI3RI/hEu6/1WpkHA2m3CPw/hXuSgardgzdyvQEefbzQqt+ATpJIU18uF
d9PJ8c/nfgIhZyXTk7TPfjQrHNcUM7y/dMQesbnRpTpr17Icmr3kPbOvQxAGcfw=
-----END CERTIFICATE-----
Generated at Wed Nov 15 21:47:06 2023 by rpki-client on console-ams.rpki-client.org