Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/0uckoNQLcauzcw4NmQ2YQvJnL-Y.roa
File: 0uckoNQLcauzcw4NmQ2YQvJnL-Y.roa (raw, json)
Hash identifier: Yb0i7ByrXpL6lteCEpx5f1BMcpLvvpFDc1AaCwAMQ0w=
Subject key identifier: D2:E7:24:A0:D4:0B:71:AB:B3:73:0E:0D:99:0D:98:42:F2:67:2F:E6
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 01856C65E09FCD251C5BB487035626B2E2F4
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/0uckoNQLcauzcw4NmQ2YQvJnL-Y.roa
Signing time: Sun 01 Jan 2023 08:14:53 +0000
ROA not before: Sun 01 Jan 2023 08:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62000
IP address blocks: 45.155.168.0/22 maxlen: 32
45.147.96.0/22 maxlen: 32
45.147.99.0/24 maxlen: 32
185.157.244.0/23 maxlen: 32
185.216.24.0/22 maxlen: 32
193.168.144.0/22 maxlen: 32
2a07:abc0::/29 maxlen: 29
2a0b:b140::/29 maxlen: 29
2a09:6380::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:e0:9f:cd:25:1c:5b:b4:87:03:56:26:b2:e2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Jan 1 08:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2e724a0d40b71abb3730e0d990d9842f2672fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:a8:e6:70:ce:64:71:3e:05:a2:df:ad:00:
86:71:27:fc:f8:af:6d:af:a4:79:4e:4c:7b:93:e0:
51:0c:b1:e5:17:a2:ab:2d:8a:e9:05:20:81:0c:0f:
fe:d1:bd:d0:29:e9:1d:c3:66:c7:aa:f5:01:c7:0d:
d1:01:1f:d1:d2:bb:9b:2c:fc:5c:c4:93:ba:bf:78:
ce:0d:ca:88:f8:c2:01:07:bf:1a:32:b6:c5:c7:30:
d1:8e:e4:ad:fb:92:fb:1d:5f:10:8d:74:36:15:76:
64:16:69:68:cf:a6:38:f7:1c:1b:0f:6e:31:9d:83:
3d:bf:c2:61:ed:b0:80:17:62:9b:06:b3:83:8d:10:
5f:ca:2c:08:5b:44:d6:b6:10:48:f2:97:e4:e3:a3:
c6:39:d1:cf:ab:64:b5:d5:60:aa:54:04:2b:4a:40:
2f:3b:e0:b1:ba:6b:6d:de:8b:79:03:c7:47:1e:1c:
29:4f:a7:1c:30:86:8c:88:53:96:67:e0:3d:8b:94:
6e:f4:db:6b:49:be:3e:ca:98:0d:8c:56:08:21:6e:
6a:e7:e2:31:86:15:5a:88:e4:5e:0e:c7:be:16:07:
0f:20:2b:03:fb:f1:9a:1a:a4:44:38:15:b3:7b:43:
d8:f7:9e:75:64:d5:50:38:9e:e3:53:d0:4f:22:f2:
dc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E7:24:A0:D4:0B:71:AB:B3:73:0E:0D:99:0D:98:42:F2:67:2F:E6
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/0uckoNQLcauzcw4NmQ2YQvJnL-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.96.0/22
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a07:abc0::/29
2a09:6380::/29
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
6f:93:4f:61:35:a6:69:e3:2d:08:76:20:13:88:d5:a9:50:2c:
22:27:8b:13:6b:d2:61:2c:a7:4b:5d:26:37:6c:ab:6b:55:4f:
45:01:dd:97:f8:d7:32:27:9f:b8:8e:8c:c2:02:0b:c6:90:53:
f1:b4:9c:84:b0:ec:78:4b:02:ef:e7:8a:cf:3a:c6:f9:d8:fb:
b5:24:7d:9f:b5:05:10:b7:d9:d7:63:59:b3:0e:25:d0:c9:4d:
56:e7:e6:cc:29:87:62:43:13:8f:88:66:db:5f:37:d9:76:cd:
3a:e7:b8:ac:31:6e:f9:05:8c:a1:87:39:ff:00:38:52:b0:c2:
1d:a5:a3:a5:30:c0:6c:de:de:66:a4:e2:35:1a:9b:ea:b4:d1:
f4:f8:ab:1e:1e:af:94:a3:f2:ec:64:8a:e9:c0:8e:d2:9b:47:
0b:41:5f:a8:55:2b:bb:d7:78:d8:b8:b6:df:ef:81:c2:6c:4d:
9f:b0:8b:21:93:17:59:6f:35:b2:d3:62:ec:79:18:9a:4b:ab:
9d:6f:6b:fd:d6:9f:5c:97:00:75:27:be:5d:f8:fa:23:9c:50:
b7:5f:44:26:28:1e:60:9e:fc:09:58:05:d7:69:a4:bd:c9:36:
a6:12:fe:c9:e5:ea:ee:25:54:c2:cb:79:ba:fd:33:15:2c:b1:
17:11:00:d9
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVsZeCfzSUcW7SHA1YmsuL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjMwMTAxMDgxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmU3MjRhMGQ0MGI3MWFiYjM3MzBlMGQ5OTBkOTg0MmYyNjcyZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Co5nDOZHE+BaLfrQCGcSf8+K9t
r6R5Tkx7k+BRDLHlF6KrLYrpBSCBDA/+0b3QKekdw2bHqvUBxw3RAR/R0rubLPxc
xJO6v3jODcqI+MIBB78aMrbFxzDRjuSt+5L7HV8QjXQ2FXZkFmloz6Y49xwbD24x
nYM9v8Jh7bCAF2KbBrODjRBfyiwIW0TWthBI8pfk46PGOdHPq2S11WCqVAQrSkAv
O+Cxumtt3ot5A8dHHhwpT6ccMIaMiFOWZ+A9i5Ru9NtrSb4+ypgNjFYIIW5q5+Ix
hhVaiOReDse+FgcPICsD+/GaGqREOBWze0PY9551ZNVQOJ7jU9BPIvLcQwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFNLnJKDUC3Grs3MODZkNmELyZy/mMB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvMHVja29OUUxjYXV6Y3c0Tm1RMllRdkpuTC1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCLZNgAwQC
LZuoAwQBuZ30AwQCudgYAwQCwaiQMBsEAgACMBUDBQMqB6vAAwUDKgljgAMFAyoL
sUAwDQYJKoZIhvcNAQELBQADggEBAG+TT2E1pmnjLQh2IBOI1alQLCInixNr0mEs
p0tdJjdsq2tVT0UB3Zf41zInn7iOjMICC8aQU/G0nISw7HhLAu/nis86xvnY+7Uk
fZ+1BRC32ddjWbMOJdDJTVbn5swph2JDE4+IZttfN9l2zTrnuKwxbvkFjKGHOf8A
OFKwwh2lo6UwwGze3mak4jUam+q00fT4qx4er5Sj8uxkiunAjtKbRwtBX6hVK7vX
eNi4tt/vgcJsTZ+wiyGTF1lvNbLTYux5GJpLq51va/3Wn1yXAHUnvl34+iOcULdf
RCYoHmCe/AlYBddppL3JNqYS/snl6u4lVMLLebr9MxUssRcRANk=
-----END CERTIFICATE-----
Generated at Fri Oct 13 09:34:32 2023 by rpki-client on console-ams.rpki-client.org