Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tVyQKo9ZmOyPYlrUphj2MN0smts.roa
File: tVyQKo9ZmOyPYlrUphj2MN0smts.roa (raw, json)
Hash identifier: ARmEL0ep3Ca9yAEt6Sas/XIAGJ+sWUMO1JwUEKxRXgA=
Subject key identifier: B5:5C:90:2A:8F:59:98:EC:8F:62:5A:D4:A6:18:F6:30:DD:2C:9A:DB
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A782CBCABFF491CED35BE48B9267E5143
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tVyQKo9ZmOyPYlrUphj2MN0smts.roa
Signing time: Sat 09 Sep 2023 04:21:52 +0000
ROA not before: Sat 09 Sep 2023 04:21:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47913
IP address blocks: 45.92.124.0/22 maxlen: 24
194.33.36.0/22 maxlen: 24
185.166.160.0/22 maxlen: 24
141.98.132.0/22 maxlen: 24
92.119.40.0/22 maxlen: 24
185.149.20.0/22 maxlen: 24
45.83.116.0/22 maxlen: 24
45.89.100.0/22 maxlen: 24
31.12.92.0/22 maxlen: 24
45.88.148.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:78:2c:bc:ab:ff:49:1c:ed:35:be:48:b9:26:7e:51:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 9 04:21:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b55c902a8f5998ec8f625ad4a618f630dd2c9adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0b:b2:ba:f0:7c:0d:30:ad:7c:fb:e1:27:59:
85:85:5b:69:a8:47:63:ef:e2:a0:96:8d:a6:a2:27:
70:17:5e:4f:60:4d:03:88:58:39:7e:2a:e7:03:3d:
12:27:f9:d0:38:d6:01:68:45:9b:68:3f:ce:c7:0d:
ee:3f:a0:80:13:69:41:b5:a4:85:0a:b7:5c:b9:e9:
7b:70:44:79:57:aa:4c:7f:14:28:a4:91:44:2b:fc:
be:02:b3:d5:b1:ed:ca:ea:04:af:bb:3b:32:28:b1:
24:e7:14:1c:8f:12:74:eb:4d:ff:b5:88:52:ae:00:
d1:0d:b6:dd:37:3f:4f:c6:27:6a:53:77:96:86:2d:
e3:83:98:f7:d6:6e:ba:88:63:53:d5:c4:84:b4:7b:
98:00:83:32:d9:f8:64:2b:c3:c7:22:3e:c1:51:7e:
93:93:58:29:f2:07:20:70:5b:14:cd:75:43:e0:9c:
a2:67:77:c3:78:06:eb:ce:5b:3c:76:eb:f6:ce:a2:
6f:23:7b:e0:07:1c:d6:d2:b1:47:e4:da:50:35:ca:
5b:48:c6:bc:75:f1:1a:40:0d:d5:82:1c:e6:63:2a:
d2:20:5e:c8:89:d5:30:1c:42:f2:49:ad:6a:a4:8e:
1c:be:63:55:61:35:7e:45:93:e3:d8:9b:04:74:c8:
16:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:5C:90:2A:8F:59:98:EC:8F:62:5A:D4:A6:18:F6:30:DD:2C:9A:DB
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/tVyQKo9ZmOyPYlrUphj2MN0smts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.92.0/22
45.83.116.0/22
45.88.148.0/22
45.89.100.0/22
45.92.124.0/22
92.119.40.0/22
141.98.132.0/22
185.149.20.0/22
185.166.160.0/22
194.33.36.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:20:ab:38:94:81:42:21:50:91:0f:d1:48:1d:5c:80:7b:40:
8c:fc:00:c7:a0:43:26:d8:07:05:7d:e1:ef:f4:b0:2f:91:f2:
0b:c4:55:3c:06:96:f5:c2:09:ee:5b:a5:01:9f:e9:47:2c:7f:
b2:7b:c2:2b:ca:d4:4a:81:68:68:c7:35:8e:56:1c:cc:21:b6:
5b:d2:a4:dc:d1:f8:f8:d9:69:cc:12:20:39:78:ee:33:cf:28:
1e:1d:7e:24:b8:71:ad:6e:d2:5d:11:26:cf:05:38:e7:49:e1:
aa:d7:ee:19:00:53:36:e0:b5:77:7b:94:26:68:00:56:f6:a2:
11:80:be:84:95:88:ea:9e:3e:85:0f:f3:f8:f6:7b:7d:c8:be:
08:c9:d4:97:eb:93:0e:99:25:8d:c8:6a:8b:bb:04:86:63:ca:
ba:c3:d7:73:5e:1f:5d:d6:ee:10:ee:a8:7a:1c:e9:c6:0c:98:
dd:33:4d:71:40:0c:d4:0d:e0:b2:e5:1f:d0:b7:37:ba:60:99:
05:4f:7d:92:c0:10:39:ee:1b:6a:16:e0:3e:10:a4:a4:85:42:
7f:db:3f:54:96:67:da:c1:c3:df:6d:ce:40:75:54:bb:81:20:
40:53:c1:1f:4c:32:c2:e1:32:fd:39:4e:68:4f:3d:d6:aa:1a:
95:fd:77:21
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYp4LLyr/0kc7TW+SLkmflFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA5MDQyMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTVjOTAyYThmNTk5OGVjOGY2MjVhZDRhNjE4ZjYzMGRkMmM5YWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQuyuvB8DTCtfPvhJ1mFhVtpqEdj
7+Kglo2moidwF15PYE0DiFg5firnAz0SJ/nQONYBaEWbaD/Oxw3uP6CAE2lBtaSF
Crdcuel7cER5V6pMfxQopJFEK/y+ArPVse3K6gSvuzsyKLEk5xQcjxJ0603/tYhS
rgDRDbbdNz9PxidqU3eWhi3jg5j31m66iGNT1cSEtHuYAIMy2fhkK8PHIj7BUX6T
k1gp8gcgcFsUzXVD4JyiZ3fDeAbrzls8duv2zqJvI3vgBxzW0rFH5NpQNcpbSMa8
dfEaQA3VghzmYyrSIF7IidUwHELySa1qpI4cvmNVYTV+RZPj2JsEdMgWHQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLVckCqPWZjsj2Ja1KYY9jDdLJrbMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvdFZ5UUtvOVptT3lQWWxyVXBoajJNTjBzbXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCHwxcAwQC
LVN0AwQCLViUAwQCLVlkAwQCLVx8AwQCXHcoAwQCjWKEAwQCuZUUAwQCuaagAwQC
wiEkMA0GCSqGSIb3DQEBCwUAA4IBAQCmIKs4lIFCIVCRD9FIHVyAe0CM/ADHoEMm
2AcFfeHv9LAvkfILxFU8Bpb1wgnuW6UBn+lHLH+ye8IrytRKgWhoxzWOVhzMIbZb
0qTc0fj42WnMEiA5eO4zzygeHX4kuHGtbtJdESbPBTjnSeGq1+4ZAFM24LV3e5Qm
aABW9qIRgL6ElYjqnj6FD/P49nt9yL4IydSX65MOmSWNyGqLuwSGY8q6w9dzXh9d
1u4Q7qh6HOnGDJjdM01xQAzUDeCy5R/Qtze6YJkFT32SwBA57htqFuA+EKSkhUJ/
2z9UlmfawcPfbc5AdVS7gSBAU8EfTDLC4TL9OU5oTz3WqhqV/Xch
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:03 2024 by rpki-client on console-ams.rpki-client.org