Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/1FfpHzsVXzxQbbu8CqEjwSQrTlU.roa
File: 1FfpHzsVXzxQbbu8CqEjwSQrTlU.roa (raw, json)
Hash identifier: VPNQGDNWkpjxhEl6Dbr4OPiE/LcBG5lK+TH6EkLg6Jw=
Subject key identifier: D4:57:E9:1F:3B:15:5F:3C:50:6D:BB:BC:0A:A1:23:C1:24:2B:4E:55
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 01881F3D22436F3CE32242FF6A871EA3A4BF
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/1FfpHzsVXzxQbbu8CqEjwSQrTlU.roa
Signing time: Mon 15 May 2023 11:48:00 +0000
ROA not before: Mon 15 May 2023 11:48:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13238
IP address blocks: 5.45.192.0/18 maxlen: 24
92.255.127.0/24 maxlen: 24
178.154.128.0/19 maxlen: 24
84.252.160.0/19 maxlen: 24
37.9.64.0/18 maxlen: 24
90.156.176.0/20 maxlen: 24
141.8.128.0/18 maxlen: 24
93.158.128.0/18 maxlen: 24
37.140.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
185.32.187.0/24 maxlen: 24
87.250.224.0/19 maxlen: 24
77.88.0.0/18 maxlen: 24
213.180.192.0/19 maxlen: 24
178.154.160.0/19 maxlen: 24
5.255.192.0/18 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1f:3d:22:43:6f:3c:e3:22:42:ff:6a:87:1e:a3:a4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: May 15 11:48:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d457e91f3b155f3c506dbbbc0aa123c1242b4e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:c5:0f:8f:a8:ef:89:8f:91:c2:4b:ef:d8:
5c:09:7b:f9:02:38:c3:76:cb:a9:23:e4:e7:fa:3d:
5d:27:c8:5b:6b:78:cb:02:57:d5:c2:0d:6d:65:8a:
98:15:9a:8f:8c:0a:72:f1:f5:cb:b0:b3:27:ec:16:
c8:d8:f7:3c:a9:d8:41:5c:41:75:c0:aa:a7:b6:a8:
70:b9:88:04:0b:b5:f5:16:b8:8a:fe:d4:35:bd:e1:
79:a3:27:10:f2:54:03:74:62:9f:b4:0b:11:da:6f:
31:61:09:aa:2a:90:ef:9e:d6:75:b5:e0:3c:9f:df:
71:36:4a:e2:b3:36:1a:88:3a:b8:e5:35:d3:d2:35:
6b:97:1a:34:b0:67:a5:1f:03:d8:c8:69:1a:fb:bf:
27:18:ee:ca:a0:81:67:ce:5b:da:0a:89:b1:fb:3f:
97:57:24:fd:11:09:ea:53:9c:84:f4:76:06:9d:40:
cd:c1:10:31:df:d8:54:a8:f2:ed:5e:dd:0c:3d:c7:
cc:de:93:0d:e4:c3:91:b1:1a:7f:5d:35:02:08:9e:
dc:40:ab:bd:01:8b:de:bf:74:48:7b:36:92:97:10:
a0:12:a0:2a:41:67:45:fa:e5:01:da:23:87:e9:7f:
91:42:79:f0:59:e6:34:02:36:11:c7:bf:37:61:12:
8f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:57:E9:1F:3B:15:5F:3C:50:6D:BB:BC:0A:A1:23:C1:24:2B:4E:55
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/1FfpHzsVXzxQbbu8CqEjwSQrTlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
90.156.176.0/20
92.255.127.0/24
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
89:27:62:1a:2c:b6:e0:00:16:e2:3b:45:73:44:b6:3e:8e:48:
89:17:7d:69:eb:d3:5c:8e:65:d5:ed:ec:e4:53:41:31:70:b5:
62:66:75:c1:7d:7d:a9:de:5e:14:55:96:b1:d7:3b:64:2e:6d:
c0:78:77:68:cb:fd:b7:15:a5:29:36:f8:73:ad:63:c6:bf:65:
6d:c4:40:36:2b:ff:fc:5a:06:24:2d:ce:4d:01:21:69:73:13:
09:18:63:84:91:dc:97:04:07:f2:fc:22:e7:11:a0:46:ee:31:
d1:6c:78:db:61:ec:d4:69:7f:01:df:dd:1c:03:b6:cf:43:2d:
ae:32:d9:e9:f4:4e:32:af:bf:ec:8d:65:ab:a2:84:6a:66:0e:
46:bf:7f:b1:9c:3b:95:6b:9a:79:64:78:e2:de:e2:5d:8b:d2:
18:c2:85:af:1e:b4:ab:96:ee:ff:2a:23:99:6e:75:81:30:90:
2b:d2:a4:31:cc:bc:c1:f4:68:76:a6:7a:44:99:f1:e4:5a:36:
af:dc:82:42:37:d2:df:79:d0:46:8f:3d:5e:e9:a3:b4:32:ed:
81:6a:91:9e:53:4e:f2:80:c9:2d:8c:64:85:7c:06:0c:3e:e2:
44:0c:0e:3c:f8:53:fb:6b:fe:f0:8e:3d:18:8e:40:9d:e8:bb:
ff:60:ce:de
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYgfPSJDbzzjIkL/aoceo6S/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjMwNTE1MTE0ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU3ZTkxZjNiMTU1ZjNjNTA2ZGJiYmMwYWExMjNjMTI0MmI0ZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0XFD4+o74mPkcJL79hcCXv5AjjD
dsupI+Tn+j1dJ8hba3jLAlfVwg1tZYqYFZqPjApy8fXLsLMn7BbI2Pc8qdhBXEF1
wKqntqhwuYgEC7X1FriK/tQ1veF5oycQ8lQDdGKftAsR2m8xYQmqKpDvntZ1teA8
n99xNkriszYaiDq45TXT0jVrlxo0sGelHwPYyGka+78nGO7KoIFnzlvaComx+z+X
VyT9EQnqU5yE9HYGnUDNwRAx39hUqPLtXt0MPcfM3pMN5MORsRp/XTUCCJ7cQKu9
AYvev3RIezaSlxCgEqAqQWdF+uUB2iOH6X+RQnnwWeY0AjYRx783YRKPLQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFNRX6R87FV88UG27vAqhI8EkK05VMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvMUZmcEh6c1ZYenhRYmJ1OENxRWp3U1FyVGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBgUtwAME
BgX/wAMEBiUJQAMEBiWMgAMEBk1YAAMEBVT8oAMEBVf64AMEBFqcsAMEAFz/fwME
Bl2egAMEB19sgAMEBo0IgAMEBrKagAMEALkguwMEBdW0wDANBAIAAjAHAwUDKgIG
uDANBgkqhkiG9w0BAQsFAAOCAQEAiSdiGiy24AAW4jtFc0S2Po5IiRd9aevTXI5l
1e3s5FNBMXC1YmZ1wX19qd5eFFWWsdc7ZC5twHh3aMv9txWlKTb4c61jxr9lbcRA
Niv//FoGJC3OTQEhaXMTCRhjhJHclwQH8vwi5xGgRu4x0Wx422Hs1Gl/Ad/dHAO2
z0MtrjLZ6fROMq+/7I1lq6KEamYORr9/sZw7lWuaeWR44t7iXYvSGMKFrx60q5bu
/yojmW51gTCQK9KkMcy8wfRodqZ6RJnx5Fo2r9yCQjfS33nQRo89XumjtDLtgWqR
nlNO8oDJLYxkhXwGDD7iRAwOPPhT+2v+8I49GI5Anei7/2DO3g==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:34 2024 by rpki-client on console-ams.rpki-client.org