Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/23WpaxVVbzLeEZxFwdyJnSffvSQ.roa
File: 23WpaxVVbzLeEZxFwdyJnSffvSQ.roa (raw, json)
Hash identifier: 8sXY79XHh/fl2Rk/4S3e+HRg0ioV/xVs8rWOvHczsio=
Subject key identifier: DB:75:A9:6B:15:55:6F:32:DE:11:9C:45:C1:DC:89:9D:27:DF:BD:24
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 0189FD914AE087FA62C3723C38177F1CE8DB
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/23WpaxVVbzLeEZxFwdyJnSffvSQ.roa
Signing time: Wed 16 Aug 2023 08:58:24 +0000
ROA not before: Wed 16 Aug 2023 08:58:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.242.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.141.54.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:91:4a:e0:87:fa:62:c3:72:3c:38:17:7f:1c:e8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Aug 16 08:58:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db75a96b15556f32de119c45c1dc899d27dfbd24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:28:7c:a3:02:a9:1b:ae:95:84:d4:44:0d:
b2:ef:26:4a:03:20:3d:b3:b1:f3:ef:9a:50:4b:0c:
89:61:9d:1c:16:4f:fa:5e:e3:e1:73:07:ee:f0:bd:
8e:34:20:33:a2:a7:e1:3a:d9:5f:c1:5e:07:02:13:
d0:b0:1e:f0:f5:28:eb:6e:f3:b6:89:9b:2a:60:23:
03:df:f0:96:bd:b0:87:34:59:bf:4b:69:e5:f4:24:
3d:06:4b:ef:b8:cb:67:d7:d4:cb:b7:f4:d5:02:37:
6e:80:12:b6:41:f4:51:67:d2:85:5b:ba:14:ab:f3:
88:70:5b:48:51:17:ba:ca:43:14:d1:87:ad:81:ca:
92:7c:2d:98:05:02:7b:65:be:75:72:e0:b2:65:eb:
9e:fa:61:70:82:e6:7e:9d:1d:16:52:54:27:be:bf:
63:65:c1:a4:5d:7b:03:7f:1f:bf:ce:bb:a6:6d:da:
73:fc:19:67:69:98:22:1f:a1:d4:0d:12:c4:b0:e7:
4a:28:cd:db:7c:1c:a5:ec:9d:f8:9e:c7:d3:f0:75:
ac:62:78:0e:50:43:45:cd:ec:f3:94:9f:71:d8:39:
7b:f1:92:57:bc:3a:89:fc:9a:6c:d9:bd:c5:c4:47:
95:0a:72:ef:de:35:91:64:13:2b:1f:16:70:5b:dd:
a4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:75:A9:6B:15:55:6F:32:DE:11:9C:45:C1:DC:89:9D:27:DF:BD:24
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/23WpaxVVbzLeEZxFwdyJnSffvSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
185.73.240.0-185.73.242.255
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
6a:5d:5a:f9:61:59:ea:a2:da:44:45:d4:a5:01:99:4f:38:29:
60:0e:35:57:0f:f6:f0:c2:b7:53:fe:d3:fc:80:a7:70:4a:84:
e8:23:7e:f6:60:d2:61:23:b6:41:da:c3:a7:ab:1e:60:de:84:
c3:1a:c3:3f:4c:7a:48:b8:53:3c:ae:0d:90:f0:b0:e6:95:18:
74:93:37:da:a8:09:75:e5:3d:ae:2b:1a:9c:49:9d:63:32:ca:
21:ec:88:24:4d:7c:39:68:90:36:81:9b:fd:1c:af:bf:96:30:
0e:04:dd:f6:bd:72:e2:ec:f3:48:20:d2:96:eb:b8:3c:5e:72:
10:a3:de:bc:fe:64:21:eb:58:da:18:6f:8e:81:ce:93:9e:c5:
25:f6:9b:d4:82:1d:15:64:77:c7:ac:63:af:c2:16:66:97:fd:
8c:62:9c:6b:c3:79:07:38:1d:70:62:54:a2:e7:3e:61:f1:22:
eb:91:50:62:17:44:2e:f9:30:ed:9d:a9:a8:2a:7b:0b:da:fc:
96:32:7b:91:e1:39:57:41:cf:71:2b:5e:29:15:9b:92:6d:26:
53:2c:9e:18:51:ed:5a:55:65:d5:12:82:4f:df:ff:3c:fd:15:
b7:bb:95:b7:09:87:9e:71:76:f6:95:23:3a:41:a3:85:1f:7c:
69:69:42:c8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYn9kUrgh/piw3I8OBd/HOjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjMwODE2MDg1ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc1YTk2YjE1NTU2ZjMyZGUxMTljNDVjMWRjODk5ZDI3ZGZiZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5cofKMCqRuulYTURA2y7yZKAyA9
s7Hz75pQSwyJYZ0cFk/6XuPhcwfu8L2ONCAzoqfhOtlfwV4HAhPQsB7w9SjrbvO2
iZsqYCMD3/CWvbCHNFm/S2nl9CQ9BkvvuMtn19TLt/TVAjdugBK2QfRRZ9KFW7oU
q/OIcFtIURe6ykMU0YetgcqSfC2YBQJ7Zb51cuCyZeue+mFwguZ+nR0WUlQnvr9j
ZcGkXXsDfx+/zrumbdpz/BlnaZgiH6HUDRLEsOdKKM3bfByl7J34nsfT8HWsYngO
UENFzezzlJ9x2Dl78ZJXvDqJ/Jps2b3FxEeVCnLv3jWRZBMrHxZwW92ktwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNt1qWsVVW8y3hGcRcHciZ0n370kMB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvMjNXcGF4VlZiekxlRVp4RndkeUpuU2ZmdlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCLY00MAwD
BAS5SfADBAC5SfIwDQQCAAIwBwMFACoFR0AwDQYJKoZIhvcNAQELBQADggEBAGpd
WvlhWeqi2kRF1KUBmU84KWAONVcP9vDCt1P+0/yAp3BKhOgjfvZg0mEjtkHaw6er
HmDehMMawz9Meki4UzyuDZDwsOaVGHSTN9qoCXXlPa4rGpxJnWMyyiHsiCRNfDlo
kDaBm/0cr7+WMA4E3fa9cuLs80gg0pbruDxechCj3rz+ZCHrWNoYb46BzpOexSX2
m9SCHRVkd8esY6/CFmaX/YxinGvDeQc4HXBiVKLnPmHxIuuRUGIXRC75MO2dqagq
ewva/JYye5HhOVdBz3ErXikVm5JtJlMsnhhR7VpVZdUSgk/f/zz9Fbe7lbcJh55x
dvaVIzpBo4UffGlpQsg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:34 2024 by rpki-client on console-ams.rpki-client.org