Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/VzMAwcQ_0XXR6yZomQw8FAt-UX8.roa
File: VzMAwcQ_0XXR6yZomQw8FAt-UX8.roa (raw, json)
Hash identifier: ASaj9EoYux9RnNvBXnCZ3E15gUyQpTL1eYaypU1v/Kw=
Subject key identifier: 57:33:00:C1:C4:3F:D1:75:D1:EB:26:68:99:0C:3C:14:0B:7E:51:7F
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0187955F45195B0ED0CBB73BA741FE0F31A8
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/VzMAwcQ_0XXR6yZomQw8FAt-UX8.roa
Signing time: Tue 18 Apr 2023 17:17:41 +0000
ROA not before: Tue 18 Apr 2023 17:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/22 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
5.180.49.0/24 maxlen: 24
85.208.112.0/22 maxlen: 24
45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
85.209.162.0/24 maxlen: 24
85.209.161.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.36.0/22 maxlen: 24
5.253.44.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.0.0/22 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.4.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:5f:45:19:5b:0e:d0:cb:b7:3b:a7:41:fe:0f:31:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 18 17:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=573300c1c43fd175d1eb2668990c3c140b7e517f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c7:a0:c6:4f:f3:11:36:9e:7e:85:f8:87:1a:
84:d4:0a:16:1c:6b:5b:76:46:a8:41:db:78:34:0e:
a0:6f:3f:f8:93:94:0f:e0:95:1e:0a:c5:6b:8a:27:
5d:8a:77:4b:46:fb:3a:aa:b9:82:e4:59:28:83:53:
f4:72:4e:a4:d0:04:e7:e7:e1:09:0a:5f:17:c5:93:
62:53:7c:6d:2d:a8:1f:3c:70:0f:ca:00:c8:14:ab:
e3:71:b7:0d:75:55:1c:d1:8d:37:60:5c:12:b6:27:
76:e7:f1:b1:21:ed:cf:6c:28:dc:9b:cd:45:0c:4d:
9d:cc:30:f6:25:b8:e8:7f:44:02:7c:8e:d1:c0:48:
60:a6:3c:77:b9:01:7a:6c:a0:c7:19:1f:37:0b:36:
9d:dc:fc:fb:eb:be:99:3d:bd:63:6b:9c:d5:5e:f9:
96:11:c4:06:f4:89:ea:50:ee:f7:2b:3c:f2:fb:11:
76:7c:dc:99:38:d7:f3:3e:c8:0f:f1:40:90:0b:18:
ab:7f:d4:33:e9:e4:29:08:0e:3e:2a:19:c8:78:ea:
1c:d1:7e:19:4e:43:c2:71:c1:88:61:f7:fe:08:11:
e7:79:b6:98:4e:35:ae:fe:28:db:b4:b9:b4:d4:50:
ee:61:77:59:1d:0d:4a:fe:f3:dc:cf:b6:f5:6a:d0:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:33:00:C1:C4:3F:D1:75:D1:EB:26:68:99:0C:3C:14:0B:7E:51:7F
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/VzMAwcQ_0XXR6yZomQw8FAt-UX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/22
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.36.0/22
5.253.44.0/22
45.8.184.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.7.255
45.66.152.0/22
85.208.105.0/24
85.208.112.0/22
85.209.160.0-85.209.162.255
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:ea:75:e0:23:67:0d:19:9a:a4:d3:c5:1e:5b:e8:3a:a1:44:
6c:ef:02:2f:45:cd:17:8a:ad:ff:31:93:bd:28:fa:9f:3d:90:
8d:fb:5e:df:97:91:34:2d:bb:7e:64:a4:0e:c8:c7:90:1f:e3:
69:24:1e:f8:ec:c6:69:19:91:47:22:79:c9:74:78:48:10:7f:
e5:99:12:80:27:c0:3a:a6:76:64:f2:0a:4b:d4:82:02:81:5f:
61:2c:01:6e:e4:50:e5:ed:41:24:12:20:4f:ee:5e:23:8d:64:
5d:29:7e:75:04:e3:e6:8c:15:93:90:b2:ad:25:eb:d3:8a:00:
2f:b6:9a:26:24:48:d4:a1:53:1f:30:01:8f:df:56:6c:75:2e:
59:12:44:db:ce:20:ab:e0:4f:d7:c7:61:3b:ec:e8:22:0e:32:
37:82:92:3f:9d:f5:d9:bf:a5:03:6d:09:f9:3f:26:9a:51:c6:
b0:47:98:ba:f6:34:f5:43:94:88:c4:73:36:90:0c:dc:00:e8:
86:c5:2b:ec:06:d8:23:2e:09:4c:7e:0e:75:37:29:37:de:45:
02:41:fb:dd:97:85:4a:dc:8a:44:f2:28:42:2e:f7:78:ba:3e:
e4:70:3f:45:c8:68:80:dd:c2:f2:c5:ac:07:08:3c:d6:70:35:
80:e0:5f:03
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYeVX0UZWw7Qy7c7p0H+DzGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDE4MTcxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMzMDBjMWM0M2ZkMTc1ZDFlYjI2Njg5OTBjM2MxNDBiN2U1MTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsegxk/zETaefoX4hxqE1AoWHGtb
dkaoQdt4NA6gbz/4k5QP4JUeCsVriiddindLRvs6qrmC5Fkog1P0ck6k0ATn5+EJ
Cl8XxZNiU3xtLagfPHAPygDIFKvjcbcNdVUc0Y03YFwStid25/GxIe3PbCjcm81F
DE2dzDD2Jbjof0QCfI7RwEhgpjx3uQF6bKDHGR83Czad3Pz7676ZPb1ja5zVXvmW
EcQG9InqUO73Kzzy+xF2fNyZONfzPsgP8UCQCxirf9Qz6eQpCA4+KhnIeOoc0X4Z
TkPCccGIYff+CBHnebaYTjWu/ijbtLm01FDuYXdZHQ1K/vPcz7b1atBnWwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFFczAMHEP9F10esmaJkMPBQLflF/MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvVnpNQXdjUV8wWFhSNnlab21RdzhGQXQtVVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAIF
tCADBAIFtDADBAAFtFADBAAFtFIDBAIFtOgDBAIF/SQDBAIF/SwwDAMEAy0IuAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAMtCQADBAIt
QpgDBABV0GkDBAJV0HAwDAMEBVXRoAMEAFXRogMEAsGo0DANBgkqhkiG9w0BAQsF
AAOCAQEAuep14CNnDRmapNPFHlvoOqFEbO8CL0XNF4qt/zGTvSj6nz2Qjfte35eR
NC27fmSkDsjHkB/jaSQe+OzGaRmRRyJ5yXR4SBB/5ZkSgCfAOqZ2ZPIKS9SCAoFf
YSwBbuRQ5e1BJBIgT+5eI41kXSl+dQTj5owVk5CyrSXr04oAL7aaJiRI1KFTHzAB
j99WbHUuWRJE284gq+BP18dhO+zoIg4yN4KSP5312b+lA20J+T8mmlHGsEeYuvY0
9UOUiMRzNpAM3ADohsUr7AbYIy4JTH4OdTcpN95FAkH73ZeFStyKRPIoQi73eLo+
5HA/RchogN3C8sWsBwg81nA1gOBfAw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:29 2023 by rpki-client on console-fra.rpki-client.org