Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mS3thirp4HdJycK1vE0ReIn0a7s.roa
File: mS3thirp4HdJycK1vE0ReIn0a7s.roa (raw, json)
Hash identifier: WNRWCsEWYOZ+Kzf5CRtE9wlkP75vGM4UT5mwEoCEtG8=
Subject key identifier: 99:2D:ED:86:2A:E9:E0:77:49:C9:C2:B5:BC:4D:11:78:89:F4:6B:BB
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018C777812527C45DD8A7478CEFB9C504479
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mS3thirp4HdJycK1vE0ReIn0a7s.roa
Signing time: Sun 17 Dec 2023 11:10:06 +0000
ROA not before: Sun 17 Dec 2023 11:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.235.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:77:78:12:52:7c:45:dd:8a:74:78:ce:fb:9c:50:44:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 17 11:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=992ded862ae9e07749c9c2b5bc4d117889f46bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:51:2d:fe:81:75:4e:6b:30:6b:4a:ab:9a:d0:
08:7d:70:6c:d5:2d:1d:42:d8:13:a9:13:c0:e9:43:
ae:a3:29:16:31:ee:9c:c1:71:52:b3:f8:8e:e3:6f:
07:f9:08:89:b8:24:3e:e4:0c:77:63:66:a3:4e:92:
2d:32:a6:9d:6b:d9:15:91:d7:8f:4a:68:1b:e8:ae:
d8:16:55:64:5a:7b:29:81:af:ab:54:7d:74:1b:f4:
11:a7:f3:56:82:a9:cd:c6:b9:bb:74:90:0c:9e:fa:
37:33:ed:80:78:c6:5b:83:3f:46:fd:db:4d:16:7a:
a8:5d:14:6f:c6:fc:f1:fb:7f:ae:44:b5:08:44:0b:
6f:89:ea:50:d9:bf:76:c3:b7:ef:f5:f0:af:f3:ea:
f4:cc:e8:04:30:11:a5:ee:01:d4:42:62:6d:b1:fe:
33:8c:55:8d:1b:c9:d6:20:a0:26:f6:95:c3:ac:c0:
bd:9c:1b:21:5f:1f:d8:7d:3a:20:e9:65:96:27:09:
8e:d3:f1:71:2f:68:b5:01:93:28:bc:0c:8a:5a:a8:
cd:ae:70:b6:a5:b0:87:c8:ea:d6:68:be:4b:b8:b0:
6e:3e:52:ef:65:84:eb:23:88:b9:13:af:a1:2e:62:
bd:2f:eb:44:42:2b:6b:d9:4e:96:1d:62:bd:8f:68:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2D:ED:86:2A:E9:E0:77:49:C9:C2:B5:BC:4D:11:78:89:F4:6B:BB
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mS3thirp4HdJycK1vE0ReIn0a7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.50.0/23
5.180.80.0/24
5.180.235.0/24
5.253.39.0/24
5.253.44.0/23
5.253.47.0/24
45.8.188.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.1.255
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:38:47:71:6f:42:11:16:cc:fa:31:ea:ec:6f:0f:2d:7a:97:
04:b7:1a:30:f3:1b:79:23:e5:4a:61:75:66:f2:05:dc:f9:f6:
2f:47:00:11:7e:60:bd:7b:ec:52:23:ad:e0:af:48:43:7f:05:
bd:53:69:b9:9c:22:f1:eb:b8:fb:6a:f9:2d:10:2d:ed:3f:3d:
41:bb:f0:c4:bd:6b:eb:e4:1c:c5:8b:bc:a3:6a:fb:b7:32:a3:
85:f6:28:20:a6:80:d0:77:87:c0:5d:9f:b0:a2:89:23:94:f9:
54:44:5e:68:5d:48:3c:77:15:cb:19:a9:34:a1:d9:a5:80:50:
ba:b4:65:31:3e:ca:e4:60:01:c5:d1:f7:19:1d:23:87:87:dc:
b0:ff:d0:87:55:de:0d:d0:40:e0:bf:d7:f2:c9:58:85:12:0c:
49:ee:4b:f3:d2:d3:9d:cd:5c:26:94:b4:ba:b7:87:99:db:e6:
7e:04:2e:71:66:9c:b5:ff:87:f9:5c:63:69:00:51:f4:f1:0d:
d0:8b:c4:ad:e3:07:24:c5:75:ab:73:7a:d4:1a:76:2e:c9:d7:
2a:de:f9:46:d6:f3:52:0d:64:3d:30:11:58:7a:2e:a3:6d:90:
8e:8c:45:41:e7:7f:e4:04:aa:1c:07:05:6a:7e:87:f3:0d:53:
34:5a:5a:8f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYx3eBJSfEXdinR4zvucUER5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMjE3MTExMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJkZWQ4NjJhZTllMDc3NDljOWMyYjViYzRkMTE3ODg5ZjQ2YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFEt/oF1Tmswa0qrmtAIfXBs1S0d
QtgTqRPA6UOuoykWMe6cwXFSs/iO428H+QiJuCQ+5Ax3Y2ajTpItMqada9kVkdeP
Smgb6K7YFlVkWnspga+rVH10G/QRp/NWgqnNxrm7dJAMnvo3M+2AeMZbgz9G/dtN
FnqoXRRvxvzx+3+uRLUIRAtviepQ2b92w7fv9fCv8+r0zOgEMBGl7gHUQmJtsf4z
jFWNG8nWIKAm9pXDrMC9nBshXx/YfTog6WWWJwmO0/FxL2i1AZMovAyKWqjNrnC2
pbCHyOrWaL5LuLBuPlLvZYTrI4i5E6+hLmK9L+tEQitr2U6WHWK9j2gZSQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFJkt7YYq6eB3ScnCtbxNEXiJ9Gu7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbVMzdGhpcnA0SGRKeWNLMXZFMFJlSW4wYTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIF
tCADBAEFtDIDBAAFtFADBAAFtOsDBAAF/ScDBAEF/SwDBAAF/S8wDAMEAi0IvAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAtCP8DBAEtCQADBAAt
CQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV0HEDBABV0HMDBABV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAA84R3FvQhEWzPox6uxvDy16lwS3
GjDzG3kj5UphdWbyBdz59i9HABF+YL177FIjreCvSEN/Bb1TabmcIvHruPtq+S0Q
Le0/PUG78MS9a+vkHMWLvKNq+7cyo4X2KCCmgNB3h8Bdn7CiiSOU+VREXmhdSDx3
FcsZqTSh2aWAULq0ZTE+yuRgAcXR9xkdI4eH3LD/0IdV3g3QQOC/1/LJWIUSDEnu
S/PS053NXCaUtLq3h5nb5n4ELnFmnLX/h/lcY2kAUfTxDdCLxK3jByTFdatzetQa
di7J1yre+UbW81INZD0wEVh6LqNtkI6MRUHnf+QEqhwHBWp+h/MNUzRaWo8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:17 2024 by rpki-client on console-fra.rpki-client.org