Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/IFpAmOPc8bTL8_-pO0WREbG5T2w.roa
File: IFpAmOPc8bTL8_-pO0WREbG5T2w.roa (raw, json)
Hash identifier: cQ/fTbJLQc6PCNoLID6xSfhd8hkVFbOH+MyetQP2AYk=
Subject key identifier: 20:5A:40:98:E3:DC:F1:B4:CB:F3:FF:A9:3B:45:91:11:B1:B9:4F:6C
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0185714C211B0964350E42B197E2D0DA47B4
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/IFpAmOPc8bTL8_-pO0WREbG5T2w.roa
Signing time: Mon 02 Jan 2023 07:04:52 +0000
ROA not before: Mon 02 Jan 2023 07:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35244
IP address blocks: 95.157.0.0/18 maxlen: 18
195.234.128.0/24 maxlen: 24
46.128.0.0/16 maxlen: 16
94.139.0.0/19 maxlen: 19
94.139.0.0/20 maxlen: 20
83.243.112.0/21 maxlen: 21
194.105.96.0/21 maxlen: 21
94.139.16.0/20 maxlen: 20
193.25.118.0/23 maxlen: 23
109.125.64.0/18 maxlen: 18
77.47.0.0/17 maxlen: 17
195.46.44.0/22 maxlen: 22
85.233.32.0/19 maxlen: 19
185.169.204.0/22 maxlen: 22
88.215.64.0/18 maxlen: 18
2a02:2455::/33 maxlen: 33
2001:4c50::/32 maxlen: 32
2a02:2457:300::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:21:1b:09:64:35:0e:42:b1:97:e2:d0:da:47:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 2 07:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=205a4098e3dcf1b4cbf3ffa93b459111b1b94f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4f:12:ad:8d:27:7e:85:32:55:ff:8e:7c:9d:
6d:d4:3d:78:a8:74:26:8b:53:32:1f:1b:53:e1:33:
14:60:59:d1:7f:77:8e:37:f2:a0:fd:a8:a8:61:f5:
5c:d2:23:60:4b:f8:ff:fd:25:57:c1:3d:ec:93:36:
17:7e:d4:48:f7:9e:86:62:25:0c:d4:ba:f4:f6:39:
05:81:77:75:43:ce:88:64:6f:63:ce:70:f0:4f:50:
2d:2c:99:6f:3b:6a:49:92:38:42:5d:fe:f3:a0:91:
84:98:fb:63:98:ae:6a:91:6b:5c:0f:ca:73:ec:2b:
c7:44:54:c0:de:30:52:e7:51:00:b4:93:1e:76:49:
82:9f:11:58:ab:1e:d2:90:45:b4:60:4d:66:07:78:
26:ce:ae:da:89:f9:16:0f:c6:77:c8:08:02:fc:d6:
92:4b:f3:6e:8c:c4:1d:1c:c3:e4:10:e9:8e:78:b9:
0a:a3:22:41:a2:0a:37:13:68:36:c9:cf:cb:b3:ea:
72:24:c1:cb:77:a1:b0:ab:41:e9:8f:49:29:ac:b9:
45:c7:71:0f:01:e8:c5:8b:a9:15:2b:da:33:97:e9:
8b:3f:0a:3f:7a:03:80:5f:93:0c:ee:e6:dd:32:b0:
3c:c2:22:4d:b6:53:3f:e6:93:39:f7:24:7e:bd:dd:
56:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5A:40:98:E3:DC:F1:B4:CB:F3:FF:A9:3B:45:91:11:B1:B9:4F:6C
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/IFpAmOPc8bTL8_-pO0WREbG5T2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.128.0.0/16
77.47.0.0/17
83.243.112.0/21
85.233.32.0/19
88.215.64.0/18
94.139.0.0/19
95.157.0.0/18
109.125.64.0/18
185.169.204.0/22
193.25.118.0/23
194.105.96.0/21
195.46.44.0/22
195.234.128.0/24
IPv6:
2001:4c50::/32
2a02:2455::/33
2a02:2457:300::/40
Signature Algorithm: sha256WithRSAEncryption
2a:cc:cb:d6:d4:3d:fc:99:0d:e1:43:a9:01:59:57:83:dd:7b:
1a:53:9d:f2:dc:5a:93:42:a5:1a:83:b9:b1:e1:34:6d:3e:26:
93:d1:c9:d6:e9:51:0a:b6:3c:7e:89:45:f9:94:96:e6:8f:dc:
c4:ff:5b:4f:97:43:71:43:52:5b:d7:f6:d6:c1:50:27:1c:e2:
d8:03:f2:db:a2:54:bd:c0:cc:65:40:53:a3:2e:90:c4:17:70:
e6:6f:92:1d:8a:14:02:07:42:0d:68:2f:d1:bc:b8:fb:51:be:
3f:40:ac:35:95:97:6e:ec:ac:12:6a:eb:df:61:7d:e0:34:30:
77:9e:d8:6a:9f:89:b0:45:fa:52:ab:59:43:cb:87:1b:2e:ef:
8e:77:51:78:8e:f5:c4:cd:07:0a:46:15:f9:67:c2:98:42:9d:
39:ac:cf:e5:c5:10:89:de:bc:0e:b7:3f:4f:2f:4e:76:58:94:
82:9e:67:6f:72:47:23:73:bf:c8:4d:ac:e1:ac:91:29:7b:9d:
de:1e:62:9b:eb:bf:a0:40:14:d6:89:b1:23:f9:67:c7:f0:97:
f1:5b:14:fe:45:29:70:d8:23:05:11:99:53:0d:6e:b2:8f:2e:
c2:7a:8b:0e:3e:59:a8:a2:aa:3a:32:ca:50:f3:f5:e4:00:f7:
ec:5a:28:6b
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYVxTCEbCWQ1DkKxl+LQ2ke0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjMwMTAyMDcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDVhNDA5OGUzZGNmMWI0Y2JmM2ZmYTkzYjQ1OTExMWIxYjk0ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk8SrY0nfoUyVf+OfJ1t1D14qHQm
i1MyHxtT4TMUYFnRf3eON/Kg/aioYfVc0iNgS/j//SVXwT3skzYXftRI956GYiUM
1Lr09jkFgXd1Q86IZG9jznDwT1AtLJlvO2pJkjhCXf7zoJGEmPtjmK5qkWtcD8pz
7CvHRFTA3jBS51EAtJMedkmCnxFYqx7SkEW0YE1mB3gmzq7aifkWD8Z3yAgC/NaS
S/NujMQdHMPkEOmOeLkKoyJBogo3E2g2yc/Ls+pyJMHLd6Gwq0Hpj0kprLlFx3EP
AejFi6kVK9ozl+mLPwo/egOAX5MM7ubdMrA8wiJNtlM/5pM59yR+vd1W7wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFCBaQJjj3PG0y/P/qTtFkRGxuU9sMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvSUZwQW1PUGM4YlRMOF8tcE8wV1JFYkc1VDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwUwQCAAEwTQMDAC6AAwQH
TS8AAwQDU/NwAwQFVekgAwQGWNdAAwQFXosAAwQGX50AAwQGbX1AAwQCuanMAwQB
wRl2AwQDwmlgAwQCwy4sAwQAw+qAMB0EAgACMBcDBQAgAUxQAwYHKgIkVQADBgAq
AiRXAzANBgkqhkiG9w0BAQsFAAOCAQEAKszL1tQ9/JkN4UOpAVlXg917GlOd8txa
k0KlGoO5seE0bT4mk9HJ1ulRCrY8folF+ZSW5o/cxP9bT5dDcUNSW9f21sFQJxzi
2APy26JUvcDMZUBToy6QxBdw5m+SHYoUAgdCDWgv0by4+1G+P0CsNZWXbuysEmrr
32F94DQwd57Yap+JsEX6UqtZQ8uHGy7vjndReI71xM0HCkYV+WfCmEKdOazP5cUQ
id68Drc/Ty9OdliUgp5nb3JHI3O/yE2s4ayRKXud3h5im+u/oEAU1omxI/lnx/CX
8VsU/kUpcNgjBRGZUw1uso8uwnqLDj5ZqKKqOjLKUPP15AD37Fooaw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:40 2024 by rpki-client on console-ams.rpki-client.org