Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1-Q4l0_RhGkawRn71S6xuvla2jH4.roa
File: 1-Q4l0_RhGkawRn71S6xuvla2jH4.roa (raw, json)
Hash identifier: eu7xYyDPgrc1VH3hHNuzec6QsXPncxfQ0CB7zQDgooQ=
Subject key identifier: F9:0E:25:D3:F4:61:1A:46:B0:46:7E:F5:4B:AC:6E:BE:56:B6:8C:7E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C5401404385057FE9125C1E3DF94D46
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1-Q4l0_RhGkawRn71S6xuvla2jH4.roa
Signing time: Sun 01 Jan 2023 07:55:22 +0000
ROA not before: Sun 01 Jan 2023 07:55:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60945
IP address blocks: 185.133.73.0/24 maxlen: 24
45.85.194.0/24 maxlen: 24
194.156.159.0/24 maxlen: 32
185.137.181.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:01:40:43:85:05:7f:e9:12:5c:1e:3d:f9:4d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f90e25d3f4611a46b0467ef54bac6ebe56b68c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:a8:24:8f:a7:83:63:20:56:db:c8:2a:e0:
14:d4:ec:c7:57:56:3d:11:0b:68:60:07:c0:ee:d3:
de:92:cc:8c:07:45:e2:2c:2a:9d:01:c7:aa:04:77:
d6:b5:49:b8:98:d8:ad:da:92:08:3c:50:1c:7d:f4:
99:2e:01:ee:49:43:25:fe:f7:a0:02:a6:db:00:d0:
8a:71:36:df:b1:e4:44:ba:ba:42:23:e4:b7:65:35:
45:f3:24:e8:92:38:18:93:f0:9e:36:e1:a2:a5:b7:
d7:ca:75:4a:9e:d5:5d:f3:7a:70:71:18:2f:1b:31:
84:2a:dd:46:7b:07:6f:7b:bb:e5:01:e7:4f:a8:ae:
8d:e5:dd:d2:fa:72:f3:5a:7a:94:ca:5f:4d:61:6e:
f9:03:f5:d0:ee:11:4a:99:1a:69:5b:a6:a5:f7:a7:
85:a6:a3:95:2e:6a:06:2d:e4:2a:e5:35:f0:29:c9:
b1:a9:e3:d3:ea:14:a5:45:f8:97:c4:c6:b7:36:90:
2f:33:be:1d:6c:3d:61:ea:b5:74:3c:3e:f8:ef:36:
9d:8b:19:4f:8d:4a:22:30:d9:51:58:2a:19:a3:7a:
46:a6:63:6b:79:24:9a:cc:d0:4e:38:30:e8:da:4e:
cf:0d:53:8e:ec:b8:34:c4:4e:9e:46:bf:6d:5f:14:
ce:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0E:25:D3:F4:61:1A:46:B0:46:7E:F5:4B:AC:6E:BE:56:B6:8C:7E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/1-Q4l0_RhGkawRn71S6xuvla2jH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.194.0/24
185.133.73.0/24
185.137.181.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
96:cb:2e:1b:ab:bc:23:55:1e:de:64:a6:aa:8b:27:2f:1a:64:
51:0f:09:83:fe:d3:1e:be:70:4a:e1:1d:25:db:4f:87:8c:a8:
40:1d:c7:63:e7:4b:6d:e0:3e:ad:a8:58:c6:b7:43:a7:f7:67:
66:12:97:83:25:5b:2e:34:16:a5:7f:70:b6:79:fa:68:26:13:
97:b1:5e:92:74:1e:ef:80:7e:ba:80:cf:45:a0:d2:8c:f5:19:
f2:83:7c:dc:9c:be:cf:7a:8f:f9:86:e3:59:f0:e3:5d:f7:66:
b6:60:47:9a:54:d1:33:59:b1:b4:d8:e6:f3:ba:bb:80:64:bc:
88:c0:57:2f:20:cd:b3:68:15:96:27:62:53:44:af:00:02:9d:
32:98:2a:5b:3f:d4:e3:7b:93:56:53:02:98:de:be:31:45:a3:
60:0d:fc:ff:01:8d:7c:ec:53:e0:b4:fb:98:90:f7:2a:ef:bc:
9f:7e:e0:dd:0f:f9:fe:af:72:9a:da:9c:9b:05:03:93:a4:0d:
a7:cc:24:bd:98:58:65:1c:fa:6f:ac:02:bc:b2:cc:43:0f:c9:
ab:91:6d:c1:2c:09:2c:54:94:28:f2:ec:a5:28:5d:34:80:71:
b3:4e:21:19:c2:34:2e:83:13:d2:71:3d:93:87:f5:02:fd:3a:
3c:85:45:a9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVsVAFAQ4UFf+kSXB49+U1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTBlMjVkM2Y0NjExYTQ2YjA0NjdlZjU0YmFjNmViZTU2YjY4YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+SoJI+ng2MgVtvIKuAU1OzHV1Y9
EQtoYAfA7tPeksyMB0XiLCqdAceqBHfWtUm4mNit2pIIPFAcffSZLgHuSUMl/veg
AqbbANCKcTbfseREurpCI+S3ZTVF8yTokjgYk/CeNuGipbfXynVKntVd83pwcRgv
GzGEKt1Gewdve7vlAedPqK6N5d3S+nLzWnqUyl9NYW75A/XQ7hFKmRppW6al96eF
pqOVLmoGLeQq5TXwKcmxqePT6hSlRfiXxMa3NpAvM74dbD1h6rV0PD747zadixlP
jUoiMNlRWCoZo3pGpmNreSSazNBOODDo2k7PDVOO7Lg0xE6eRr9tXxTO8wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPkOJdP0YRpGsEZ+9Uusbr5Wtox+MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvMS1RNGwwX1JoR2thd1JuNzFTNnh1dmxhMmpINC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNj
Mi8xL2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBCBggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAC1VwgME
ALmFSQMEALmJtQMEAMKcnzAPBAIAAjAJAwcAKgZ6AwAAMA0GCSqGSIb3DQEBCwUA
A4IBAQCWyy4bq7wjVR7eZKaqiycvGmRRDwmD/tMevnBK4R0l20+HjKhAHcdj50tt
4D6tqFjGt0On92dmEpeDJVsuNBalf3C2efpoJhOXsV6SdB7vgH66gM9FoNKM9Rny
g3zcnL7Peo/5huNZ8ONd92a2YEeaVNEzWbG02ObzuruAZLyIwFcvIM2zaBWWJ2JT
RK8AAp0ymCpbP9Tje5NWUwKY3r4xRaNgDfz/AY187FPgtPuYkPcq77yffuDdD/n+
r3Ka2pybBQOTpA2nzCS9mFhlHPpvrAK8ssxDD8mrkW3BLAksVJQo8uylKF00gHGz
TiEZwjQugxPScT2Th/UC/To8hUWp
-----END CERTIFICATE-----
Generated at Mon Nov 13 05:44:24 2023 by rpki-client on console-ams.rpki-client.org