Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/48tPyUsDghx3QxPW9llhn0ybuQo.roa
File: 48tPyUsDghx3QxPW9llhn0ybuQo.roa (raw, json)
Hash identifier: 4MdF75PRI/3ki0yjEUc0S4Io0Ey8PkOLL+rbyDlMPHk=
Subject key identifier: E3:CB:4F:C9:4B:03:82:1C:77:43:13:D6:F6:59:61:9F:4C:9B:B9:0A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571030D1AF18FE59DBEAC5169B8B604D6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/48tPyUsDghx3QxPW9llhn0ybuQo.roa
Signing time: Mon 02 Jan 2023 05:45:03 +0000
ROA not before: Mon 02 Jan 2023 05:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54103
IP address blocks: 193.26.112.0/23 maxlen: 24
185.67.137.0/24 maxlen: 24
185.67.139.0/24 maxlen: 24
203.159.85.0/24 maxlen: 24
203.159.89.0/24 maxlen: 24
203.159.91.0/24 maxlen: 24
203.159.87.0/24 maxlen: 24
5.10.193.0/24 maxlen: 24
5.10.195.0/24 maxlen: 24
5.10.197.0/24 maxlen: 24
5.10.199.0/24 maxlen: 24
194.76.132.0/23 maxlen: 24
185.216.3.0/24 maxlen: 24
185.216.1.0/24 maxlen: 24
185.163.208.0/22 maxlen: 22
45.134.129.0/24 maxlen: 24
45.134.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:0d:1a:f1:8f:e5:9d:be:ac:51:69:b8:b6:04:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3cb4fc94b03821c774313d6f659619f4c9bb90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d9:ca:28:45:92:6c:b5:df:da:3f:17:a5:9e:
5f:bc:23:77:93:6b:a4:94:5e:2c:a9:3b:98:ad:f7:
ae:73:e9:31:7f:e3:05:57:f6:52:79:25:76:e5:bf:
11:af:bc:64:d7:70:96:07:b3:ac:22:24:fe:80:c8:
79:8f:dd:ce:06:3e:b4:38:95:5a:67:74:a9:5f:0b:
7e:3c:22:a8:5d:44:63:93:0d:aa:67:a7:2c:9c:85:
5a:bd:38:f2:1d:be:31:5c:e4:97:7e:45:31:dd:e2:
35:05:c6:30:bf:3f:85:cf:df:ff:f1:76:54:a1:f6:
5c:c4:00:8c:47:64:7d:0d:4d:7a:fb:c5:c7:90:2f:
9b:c5:3d:a1:7e:d9:f1:e7:ab:04:fe:69:07:5c:2e:
64:a4:b4:5e:57:8e:96:59:f7:bf:48:48:6d:13:ed:
fe:49:90:14:1d:34:71:3d:c9:87:ca:3e:34:02:4a:
d8:2b:a7:15:89:5a:3c:96:4f:51:1c:dd:65:69:be:
8d:8b:80:b9:2f:4a:62:7a:11:14:06:35:42:ae:f3:
01:df:a1:aa:33:e0:7c:ad:4b:63:04:76:d4:6d:91:
3a:03:7b:af:ef:d7:97:ac:3b:37:ef:e2:bb:fb:bf:
f5:91:92:9f:55:77:00:0c:71:b5:b9:1c:3a:40:e8:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:CB:4F:C9:4B:03:82:1C:77:43:13:D6:F6:59:61:9F:4C:9B:B9:0A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/48tPyUsDghx3QxPW9llhn0ybuQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.193.0/24
5.10.195.0/24
5.10.197.0/24
5.10.199.0/24
45.134.129.0/24
45.134.131.0/24
185.67.137.0/24
185.67.139.0/24
185.163.208.0/22
185.216.1.0/24
185.216.3.0/24
193.26.112.0/23
194.76.132.0/23
203.159.85.0/24
203.159.87.0/24
203.159.89.0/24
203.159.91.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:dd:d6:0c:84:b7:8c:34:b7:3a:21:f0:5c:4f:70:9e:f4:d5:
e4:c0:0e:93:cd:04:e9:b3:86:e6:02:40:1b:94:bb:d7:a9:02:
c7:8e:34:db:c9:91:d8:7e:9e:a0:1a:04:5f:a4:22:25:f3:87:
fa:07:d1:a1:42:5a:db:c6:b4:68:73:b4:b8:d8:c8:ad:39:72:
71:f8:ed:7e:00:77:8d:20:74:0e:53:d9:28:e0:d1:fd:12:06:
7b:5e:98:f5:92:b2:f1:2d:5b:7c:0d:fd:ed:89:9b:39:59:11:
d3:38:0d:6d:ff:39:35:54:88:33:7a:5e:d2:6f:fd:39:4f:d3:
ae:a8:94:96:dd:af:b3:9d:2e:a9:a1:80:b5:4f:62:19:0d:16:
f3:e7:e3:ce:d5:d1:b1:e7:d3:55:ee:67:ff:f6:65:39:4c:e5:
95:6b:2d:f5:a2:bd:40:c6:25:1d:17:0b:5b:7e:8b:2a:85:78:
8c:20:6a:09:01:a7:d4:b8:c2:e1:18:0f:c7:52:74:6e:73:a7:
a9:54:17:6b:a1:83:28:77:6f:2e:dc:58:48:55:c1:6f:53:67:
a4:ec:83:17:c0:a6:d8:f8:32:72:9d:2c:52:69:62:77:d4:7c:
3c:7f:4a:36:5a:d4:4d:01:99:11:72:5b:4e:31:3b:03:78:de:
76:44:97:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYVxAw0a8Y/lnb6sUWm4tgTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2NiNGZjOTRiMDM4MjFjNzc0MzEzZDZmNjU5NjE5ZjRjOWJiOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdnKKEWSbLXf2j8XpZ5fvCN3k2uk
lF4sqTuYrfeuc+kxf+MFV/ZSeSV25b8Rr7xk13CWB7OsIiT+gMh5j93OBj60OJVa
Z3SpXwt+PCKoXURjkw2qZ6csnIVavTjyHb4xXOSXfkUx3eI1BcYwvz+Fz9//8XZU
ofZcxACMR2R9DU16+8XHkC+bxT2hftnx56sE/mkHXC5kpLReV46WWfe/SEhtE+3+
SZAUHTRxPcmHyj40AkrYK6cViVo8lk9RHN1lab6Ni4C5L0piehEUBjVCrvMB36Gq
M+B8rUtjBHbUbZE6A3uv79eXrDs37+K7+7/1kZKfVXcADHG1uRw6QOj9SwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOPLT8lLA4Icd0MT1vZZYZ9Mm7kKMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNDh0UHlVc0RnaHgzUXhQVzlsbGhuMHlidVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABQrBAwQA
BQrDAwQABQrFAwQABQrHAwQALYaBAwQALYaDAwQAuUOJAwQAuUOLAwQCuaPQAwQA
udgBAwQAudgDAwQBwRpwAwQBwkyEAwQAy59VAwQAy59XAwQAy59ZAwQAy59bMA0G
CSqGSIb3DQEBCwUAA4IBAQCN3dYMhLeMNLc6IfBcT3Ce9NXkwA6TzQTps4bmAkAb
lLvXqQLHjjTbyZHYfp6gGgRfpCIl84f6B9GhQlrbxrRoc7S42MitOXJx+O1+AHeN
IHQOU9ko4NH9EgZ7Xpj1krLxLVt8Df3tiZs5WRHTOA1t/zk1VIgzel7Sb/05T9Ou
qJSW3a+znS6poYC1T2IZDRbz5+PO1dGx59NV7mf/9mU5TOWVay31or1AxiUdFwtb
fosqhXiMIGoJAafUuMLhGA/HUnRuc6epVBdroYMod28u3FhIVcFvU2ek7IMXwKbY
+DJynSxSaWJ31Hw8f0o2WtRNAZkRcltOMTsDeN52RJfF
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org