Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_EkJMwxd7p6Nu3C-toGpgYFo4X0.roa
File: _EkJMwxd7p6Nu3C-toGpgYFo4X0.roa (raw, json)
Hash identifier: Sz8TtoP+/Pa9RFIkIApuw6qYa+SMmlLyUikl9wwf8+w=
Subject key identifier: FC:49:09:33:0C:5D:EE:9E:8D:BB:70:BE:B6:81:A9:81:81:68:E1:7D
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018BF77F126A817A1CE88C7DE97D850CBD6B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_EkJMwxd7p6Nu3C-toGpgYFo4X0.roa
Signing time: Wed 22 Nov 2023 14:46:21 +0000
ROA not before: Wed 22 Nov 2023 14:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:7f:12:6a:81:7a:1c:e8:8c:7d:e9:7d:85:0c:bd:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Nov 22 14:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc4909330c5dee9e8dbb70beb681a9818168e17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:06:51:8a:e9:bf:7f:23:67:91:33:36:47:4c:
60:c9:a8:50:d0:e1:93:b3:04:dd:09:fe:d1:d4:13:
c8:37:77:88:f7:9e:31:0c:da:88:bb:78:63:84:6d:
be:8d:70:1d:dc:0e:c2:e0:4e:f1:4f:05:34:c6:5c:
5c:af:6a:fa:c9:ac:e2:1e:9e:2c:5e:96:06:68:7e:
1f:e2:6e:9d:75:c6:73:46:67:6c:b1:50:f3:db:7f:
ee:0d:dd:9a:19:a8:2c:d4:84:5b:c8:61:16:2f:58:
75:fa:33:e0:24:d5:1b:3e:fe:a6:83:46:55:aa:61:
26:b8:46:95:b3:e5:8c:0a:b2:34:e4:aa:c6:5e:10:
d1:0b:5e:c4:f3:59:85:f8:5c:f4:74:d9:e7:e0:b8:
80:cd:4d:c8:55:61:a5:dd:35:58:e4:2d:f3:f0:d0:
0e:59:39:81:e9:12:2e:f6:dd:13:c4:43:a4:c5:22:
40:7c:8c:9b:6e:fb:83:80:97:9b:6e:95:0b:37:4a:
d6:97:c7:be:25:8c:be:73:9f:49:9a:90:b0:34:94:
35:c4:54:27:3d:54:f5:80:df:ec:62:f4:79:32:5d:
bb:aa:2c:96:5f:d2:6b:43:bc:e3:f9:17:24:18:96:
66:f2:08:6c:9f:54:3a:1e:c9:4c:3d:18:f3:f9:a0:
71:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:49:09:33:0C:5D:EE:9E:8D:BB:70:BE:B6:81:A9:81:81:68:E1:7D
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/_EkJMwxd7p6Nu3C-toGpgYFo4X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
83:db:ca:7c:bf:0f:44:d0:1b:b6:f8:1e:aa:ad:2b:44:1f:96:
a1:a3:48:ff:0f:82:eb:fc:0b:77:6f:2c:6e:ed:2c:59:74:57:
0f:39:7f:e0:06:8c:3b:f6:c5:47:a9:62:18:7e:a1:d1:7f:3d:
31:1a:7c:42:73:a5:d0:87:75:3b:ab:09:6b:a3:9b:f7:06:e7:
5b:40:77:ca:f5:06:03:25:2c:28:2c:f9:ae:0d:4a:2b:dc:c2:
d1:1f:b9:9f:e5:76:11:f5:8c:89:55:df:29:a8:40:ac:b3:19:
42:a0:8b:ae:b7:1d:15:62:79:fc:6b:1f:22:5a:c3:63:ad:ae:
db:70:75:85:4d:eb:2d:b2:4e:90:e3:98:94:14:6c:0b:9c:48:
20:c6:fc:8e:9d:c8:0a:28:09:f6:c6:bf:44:b7:f8:ac:6e:0b:
41:1a:aa:ec:25:b1:dd:80:42:bb:a2:25:c5:7d:17:84:8e:0e:
06:ce:74:4f:f9:09:d2:97:d4:e6:4f:a2:c0:6e:76:0e:4d:e1:
6e:49:9b:41:55:6d:73:82:25:4b:cb:f7:bb:2d:20:b1:61:f4:
d3:f3:45:d2:1e:dd:61:16:45:bf:5d:53:30:2a:b0:28:44:b3:
95:5c:5f:db:23:2b:b0:a0:46:cc:bf:f4:f7:15:bb:50:ac:91:
a2:1a:5e:18
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYv3fxJqgXoc6Ix96X2FDL1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMxMTIyMTQ0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQ5MDkzMzBjNWRlZTllOGRiYjcwYmViNjgxYTk4MTgxNjhlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigZRium/fyNnkTM2R0xgyahQ0OGT
swTdCf7R1BPIN3eI954xDNqIu3hjhG2+jXAd3A7C4E7xTwU0xlxcr2r6yaziHp4s
XpYGaH4f4m6ddcZzRmdssVDz23/uDd2aGags1IRbyGEWL1h1+jPgJNUbPv6mg0ZV
qmEmuEaVs+WMCrI05KrGXhDRC17E81mF+Fz0dNnn4LiAzU3IVWGl3TVY5C3z8NAO
WTmB6RIu9t0TxEOkxSJAfIybbvuDgJebbpULN0rWl8e+JYy+c59JmpCwNJQ1xFQn
PVT1gN/sYvR5Ml27qiyWX9JrQ7zj+RckGJZm8ghsn1Q6HslMPRjz+aBxXQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPxJCTMMXe6ejbtwvraBqYGBaOF9MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvX0VrSk13eGQ3cDZOdTNDLXRvR3BnWUZvNFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAIPbyny/D0TQG7b4Hqqt
K0QflqGjSP8Pguv8C3dvLG7tLFl0Vw85f+AGjDv2xUepYhh+odF/PTEafEJzpdCH
dTurCWujm/cG51tAd8r1BgMlLCgs+a4NSivcwtEfuZ/ldhH1jIlV3ymoQKyzGUKg
i663HRViefxrHyJaw2OtrttwdYVN6y2yTpDjmJQUbAucSCDG/I6dyAooCfbGv0S3
+KxuC0Eaquwlsd2AQruiJcV9F4SODgbOdE/5CdKX1OZPosBudg5N4W5Jm0FVbXOC
JUvL97stILFh9NPzRdIe3WEWRb9dUzAqsChEs5VcX9sjK7CgRsy/9PcVu1CskaIa
Xhg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org