Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/6df8ba-d4cb-4705-bf55-54d162298ffd/1/szDRwj-nTi0LvFGjL6-5ijTyjgw.roa
File: szDRwj-nTi0LvFGjL6-5ijTyjgw.roa (raw, json)
Hash identifier: t+xnkOzTbUE77ISyFRB6xjqNPtWoxx75be8/defMd10=
Subject key identifier: B3:30:D1:C2:3F:A7:4E:2D:0B:BC:51:A3:2F:AF:B9:8A:34:F2:8E:0C
Certificate issuer: /CN=f99f65e1be42a65b494cf2642a4dd8e328d0f9ce
Certificate serial: 018571B0AD30569D07D85C528D28769C6F8A
Authority key identifier: F9:9F:65:E1:BE:42:A6:5B:49:4C:F2:64:2A:4D:D8:E3:28:D0:F9:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Z9l4b5CpltJTPJkKk3Y4yjQ-c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/6df8ba-d4cb-4705-bf55-54d162298ffd/1/szDRwj-nTi0LvFGjL6-5ijTyjgw.roa
Signing time: Mon 02 Jan 2023 08:54:42 +0000
ROA not before: Mon 02 Jan 2023 08:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62241
IP address blocks: 185.48.56.0/22 maxlen: 22
185.245.184.0/22 maxlen: 22
45.93.132.0/22 maxlen: 22
2a01:9520::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:ad:30:56:9d:07:d8:5c:52:8d:28:76:9c:6f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f99f65e1be42a65b494cf2642a4dd8e328d0f9ce
Validity
Not Before: Jan 2 08:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b330d1c23fa74e2d0bbc51a32fafb98a34f28e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:03:6f:7e:a5:fc:36:68:70:c0:d1:aa:d1:55:
8d:3a:fb:5a:10:a5:c2:ec:eb:5f:45:ed:3e:77:86:
f2:71:f9:ed:09:2d:4b:46:60:71:0f:ac:b8:6f:4f:
32:4f:a6:01:c3:de:99:81:51:87:b1:3e:f9:26:16:
8c:95:99:cb:e0:2b:95:57:7b:42:c7:6c:3c:9e:e0:
cc:43:52:34:ae:da:b9:37:3b:57:a4:6d:74:70:4c:
dd:08:a8:5b:b4:be:c0:0e:af:d8:66:a3:2d:76:53:
32:eb:6e:a8:64:92:76:e8:b4:61:0d:37:35:b4:cf:
0e:1d:a0:89:e6:c5:65:63:ac:7d:db:99:ba:8f:26:
8e:9c:fd:f3:23:f0:e3:52:9a:7f:36:bf:9f:32:2c:
1f:0a:cc:67:2e:cd:ec:a0:1a:b6:7b:ef:5c:21:83:
97:62:a2:07:f8:2c:15:db:18:c6:ec:ab:2b:89:74:
f3:8f:69:ae:c4:4d:0a:cf:82:64:35:88:4b:4a:29:
cb:ca:cb:14:55:59:72:bb:1a:81:08:9d:43:69:f8:
65:5a:43:1b:dc:92:04:5c:41:9e:e1:39:8e:c8:39:
86:54:09:46:b9:8e:5c:12:7f:33:c2:2c:b0:99:55:
60:21:28:c6:19:c5:50:ea:45:29:7d:88:3f:36:fd:
a8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:30:D1:C2:3F:A7:4E:2D:0B:BC:51:A3:2F:AF:B9:8A:34:F2:8E:0C
X509v3 Authority Key Identifier:
keyid:F9:9F:65:E1:BE:42:A6:5B:49:4C:F2:64:2A:4D:D8:E3:28:D0:F9:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Z9l4b5CpltJTPJkKk3Y4yjQ-c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6df8ba-d4cb-4705-bf55-54d162298ffd/1/szDRwj-nTi0LvFGjL6-5ijTyjgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6df8ba-d4cb-4705-bf55-54d162298ffd/1/1-Z9l4b5CpltJTPJkKk3Y4yjQ-c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.132.0/22
185.48.56.0/22
185.245.184.0/22
IPv6:
2a01:9520::/29
Signature Algorithm: sha256WithRSAEncryption
4b:2f:69:35:32:43:e4:a2:cd:1e:90:35:9f:ea:d2:4d:c1:28:
30:f0:eb:ee:63:e8:95:2a:33:1c:7e:49:56:42:c3:35:38:bb:
d3:30:c0:89:cd:ae:04:44:9c:32:d6:2d:51:4a:d9:92:f4:ee:
c4:60:23:62:8c:b3:dd:ff:3f:99:ad:ec:3f:50:21:93:c1:fb:
37:6e:a1:55:eb:ae:54:90:b6:fc:42:d3:0d:f1:c8:73:6b:42:
41:20:18:f6:dc:e3:a1:15:86:11:90:9a:aa:e7:bf:d6:d7:3a:
8e:51:40:ca:fd:c3:fb:32:b2:6f:42:3f:ed:63:96:de:48:c8:
0a:c5:40:44:c9:2a:86:47:1b:27:55:4b:17:c5:f4:0e:1a:cd:
2d:d4:9e:60:bb:a1:1f:00:69:02:f6:e2:72:be:ef:b6:b4:e4:
78:e6:a5:9a:82:34:64:b2:c4:84:41:d3:ee:bd:71:ba:7e:e9:
e4:2d:0b:e1:e4:c2:ab:4a:e1:12:c0:7b:ab:ee:e0:e5:f1:02:
64:a1:ce:8a:f4:fb:09:fd:95:45:73:71:50:f8:f1:f7:c5:ad:
36:23:7a:ed:3b:7c:e5:61:7f:3a:7a:32:59:11:0e:dc:89:d3:
6e:8a:ca:d9:a1:30:e2:5c:90:82:39:03:37:8a:f6:e1:77:3f:
a3:6e:53:d6
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVxsK0wVp0H2FxSjSh2nG+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OWY2NWUxYmU0MmE2NWI0OTRjZjI2NDJhNGRkOGUzMjhk
MGY5Y2UwHhcNMjMwMTAyMDg1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMwZDFjMjNmYTc0ZTJkMGJiYzUxYTMyZmFmYjk4YTM0ZjI4ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkANvfqX8NmhwwNGq0VWNOvtaEKXC
7OtfRe0+d4bycfntCS1LRmBxD6y4b08yT6YBw96ZgVGHsT75JhaMlZnL4CuVV3tC
x2w8nuDMQ1I0rtq5NztXpG10cEzdCKhbtL7ADq/YZqMtdlMy626oZJJ26LRhDTc1
tM8OHaCJ5sVlY6x925m6jyaOnP3zI/DjUpp/Nr+fMiwfCsxnLs3soBq2e+9cIYOX
YqIH+CwV2xjG7KsriXTzj2muxE0Kz4JkNYhLSinLyssUVVlyuxqBCJ1DafhlWkMb
3JIEXEGe4TmOyDmGVAlGuY5cEn8zwiywmVVgISjGGcVQ6kUpfYg/Nv2oswIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLMw0cI/p04tC7xRoy+vuYo08o4MMB8GA1UdIwQY
MBaAFPmfZeG+QqZbSUzyZCpN2OMo0PnOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1aOWw0YjVDcGx0SlRQSmtLazNZNHlqUS1jNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYvNmRmOGJhLWQ0Y2ItNDcwNS1iZjU1
LTU0ZDE2MjI5OGZmZC8xL3N6RFJ3ai1uVGkwTHZGR2pMNi01aWpUeWpndy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjYvNmRmOGJhLWQ0Y2ItNDcwNS1iZjU1LTU0ZDE2MjI5OGZm
ZC8xLzEtWjlsNGI1Q3BsdEpUUEprS2szWTR5alEtYzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAItXYQD
BAK5MDgDBAK59bgwDQQCAAIwBwMFAyoBlSAwDQYJKoZIhvcNAQELBQADggEBAEsv
aTUyQ+SizR6QNZ/q0k3BKDDw6+5j6JUqMxx+SVZCwzU4u9MwwInNrgREnDLWLVFK
2ZL07sRgI2KMs93/P5mt7D9QIZPB+zduoVXrrlSQtvxC0w3xyHNrQkEgGPbc46EV
hhGQmqrnv9bXOo5RQMr9w/sysm9CP+1jlt5IyArFQETJKoZHGydVSxfF9A4azS3U
nmC7oR8AaQL24nK+77a05HjmpZqCNGSyxIRB0+69cbp+6eQtC+HkwqtK4RLAe6vu
4OXxAmShzor0+wn9lUVzcVD48ffFrTYjeu07fOVhfzp6MlkRDtyJ026KytmhMOJc
kII5AzeK9uF3P6NuU9Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:26 2024 by rpki-client on console-ams.rpki-client.org