Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/9GcEYIvQN21TpVN8xToKeZFTbes.roa
File: 9GcEYIvQN21TpVN8xToKeZFTbes.roa (raw, json)
Hash identifier: 1nM5oR75tiOm+yF5KtYRHzEQKQvgFEvnn/DZrCCOkks=
Subject key identifier: F4:67:04:60:8B:D0:37:6D:53:A5:53:7C:C5:3A:0A:79:91:53:6D:EB
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0185E965FDCD424163135CDFFE5FB7A27900
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/9GcEYIvQN21TpVN8xToKeZFTbes.roa
Signing time: Wed 25 Jan 2023 14:47:33 +0000
ROA not before: Wed 25 Jan 2023 14:47:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/22 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.48.0/22 maxlen: 24
85.208.112.0/22 maxlen: 24
45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.196.0/22 maxlen: 24
45.8.203.0/24 maxlen: 24
45.8.205.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
85.209.160.0/22 maxlen: 24
85.209.163.0/24 maxlen: 24
5.253.36.0/22 maxlen: 24
5.253.44.0/24 maxlen: 24
45.8.252.0/22 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.0.0/22 maxlen: 24
45.9.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:65:fd:cd:42:41:63:13:5c:df:fe:5f:b7:a2:79:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 25 14:47:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f46704608bd0376d53a5537cc53a0a7991536deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e5:5f:92:40:31:cf:af:a2:cc:c4:c5:4e:10:
b5:7a:8e:cd:68:f9:ba:88:04:bb:dd:c7:08:b3:08:
e7:ed:8b:2a:b8:97:88:20:77:46:60:a3:8e:1d:21:
6c:53:9c:79:5a:a3:7e:5f:11:87:b4:00:58:b4:58:
47:99:23:aa:6d:5f:4d:32:db:40:f0:1c:30:ee:7e:
af:a8:5d:a7:0d:76:17:08:03:8a:01:7e:62:dc:83:
da:f0:8a:9e:cc:35:13:8d:c1:a8:77:ab:77:a5:0c:
29:6a:79:a8:52:88:7a:d3:80:25:c4:1b:a4:b2:98:
2b:5c:3d:08:46:45:f7:fe:a6:5f:a9:1f:53:d0:e4:
ec:3a:b9:b8:46:f3:2e:7f:1c:1b:82:55:98:56:a2:
fd:66:f6:d7:7c:76:0c:b2:60:15:c8:6a:4a:00:92:
86:ff:f2:a1:14:52:1f:20:af:f9:0b:0b:81:73:d0:
01:1f:23:4d:92:a0:08:95:54:0d:bc:be:56:08:17:
a3:59:8d:61:00:22:47:e0:11:a2:7d:54:6e:d0:43:
90:dd:ec:10:33:a0:c7:16:67:74:65:b7:28:0d:52:
46:1d:f9:8a:4a:fd:ce:1b:89:c9:30:63:67:01:65:
66:fe:ac:12:1e:6d:12:5d:fb:b7:52:ad:e6:5d:21:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:67:04:60:8B:D0:37:6D:53:A5:53:7C:C5:3A:0A:79:91:53:6D:EB
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/9GcEYIvQN21TpVN8xToKeZFTbes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/22
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.36.0/22
5.253.44.0/22
45.8.184.0-45.8.199.255
45.8.203.0/24
45.8.205.0/24
45.8.252.0-45.9.7.255
45.66.152.0/22
85.208.105.0/24
85.208.112.0/22
85.209.160.0/22
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:e9:d7:22:08:04:32:a9:27:d6:94:73:56:c3:da:dd:4a:c5:
c8:2c:7e:b8:3a:9c:61:57:d4:24:62:81:c5:5f:e8:31:f1:7c:
6a:85:05:2e:f4:be:b0:4c:a7:cc:63:b7:57:ec:7d:e7:97:eb:
bb:bd:ac:56:12:28:ac:68:e9:56:b2:89:3e:a6:f5:9c:96:b3:
fa:c5:31:97:e5:36:ba:73:6f:6f:85:dd:34:21:36:95:7f:7d:
b4:de:25:05:2b:0a:6b:cb:16:f3:c4:b9:30:c5:c7:74:f9:bd:
fa:ce:f6:af:fe:2c:4b:4f:c1:ae:ae:50:d9:b3:ee:e8:3a:88:
e1:51:4c:52:11:a6:50:0d:23:ae:b2:c8:0e:f3:48:7e:85:8c:
c0:06:e1:c7:17:4d:a6:e4:58:8f:85:2d:f9:bb:32:70:cb:63:
69:53:02:b7:69:a1:a4:06:60:38:22:6b:71:41:ef:6b:72:8e:
ca:4e:aa:7a:6c:7f:0e:c8:29:98:c3:f0:79:63:7f:66:91:53:
11:c3:02:9a:6a:02:f5:3a:05:b2:61:00:d1:a5:f9:c3:2b:85:
33:79:10:21:52:63:b5:24:82:6d:20:4f:20:68:bc:6c:df:0d:
b5:d5:38:d3:ca:9d:e0:93:b5:88:62:cc:b2:48:8c:40:0e:98:
d1:3f:f9:06
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYXpZf3NQkFjE1zf/l+3onkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTI1MTQ0NzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDY3MDQ2MDhiZDAzNzZkNTNhNTUzN2NjNTNhMGE3OTkxNTM2ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeVfkkAxz6+izMTFThC1eo7NaPm6
iAS73ccIswjn7YsquJeIIHdGYKOOHSFsU5x5WqN+XxGHtABYtFhHmSOqbV9NMttA
8Bww7n6vqF2nDXYXCAOKAX5i3IPa8IqezDUTjcGod6t3pQwpanmoUoh604AlxBuk
spgrXD0IRkX3/qZfqR9T0OTsOrm4RvMufxwbglWYVqL9ZvbXfHYMsmAVyGpKAJKG
//KhFFIfIK/5CwuBc9ABHyNNkqAIlVQNvL5WCBejWY1hACJH4BGifVRu0EOQ3ewQ
M6DHFmd0ZbcoDVJGHfmKSv3OG4nJMGNnAWVm/qwSHm0SXfu3Uq3mXSHTXQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFPRnBGCL0DdtU6VTfMU6CnmRU23rMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvOUdjRVlJdlFOMjFUcFZOOHhUb0tlWkZUYmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAgW0IAME
AgW0MAMEAAW0UAMEAAW0UgMEAgW06AMEAgX9JAMEAgX9LDAMAwQDLQi4AwQDLQjA
AwQALQjLAwQALQjNMAwDBAItCPwDBAMtCQADBAItQpgDBABV0GkDBAJV0HADBAJV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAKnp1yIIBDKpJ9aUc1bD2t1Kxcgs
frg6nGFX1CRigcVf6DHxfGqFBS70vrBMp8xjt1fsfeeX67u9rFYSKKxo6VayiT6m
9ZyWs/rFMZflNrpzb2+F3TQhNpV/fbTeJQUrCmvLFvPEuTDFx3T5vfrO9q/+LEtP
wa6uUNmz7ug6iOFRTFIRplANI66yyA7zSH6FjMAG4ccXTabkWI+FLfm7MnDLY2lT
ArdpoaQGYDgia3FB72tyjspOqnpsfw7IKZjD8Hljf2aRUxHDAppqAvU6BbJhANGl
+cMrhTN5ECFSY7Ukgm0gTyBovGzfDbXVONPKneCTtYhizLJIjEAOmNE/+QY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:29 2023 by rpki-client on console-fra.rpki-client.org