Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Shs-c4-99Zz-csq3jVbaB8zaX78.roa
File: Shs-c4-99Zz-csq3jVbaB8zaX78.roa (raw, json)
Hash identifier: Q3lsFq9RZF2xP82dGFdw9d4Bauy7/qY04eIXLJAVceY=
Subject key identifier: 4A:1B:3E:73:8F:BD:F5:9C:FE:72:CA:B7:8D:56:DA:07:CC:DA:5F:BF
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C53FBB64BC39B6DF4E2ABDF98023203
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Shs-c4-99Zz-csq3jVbaB8zaX78.roa
Signing time: Sun 01 Jan 2023 07:55:21 +0000
ROA not before: Sun 01 Jan 2023 07:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52423
IP address blocks: 45.85.85.0/24 maxlen: 24
185.185.248.0/24 maxlen: 24
185.185.249.0/24 maxlen: 24
45.85.86.0/24 maxlen: 24
77.243.92.0/24 maxlen: 32
185.190.80.0/24 maxlen: 32
77.243.94.0/24 maxlen: 32
185.184.141.0/24 maxlen: 32
185.184.143.0/24 maxlen: 24
185.184.142.0/24 maxlen: 24
91.188.200.0/24 maxlen: 32
45.130.72.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:fb:b6:4b:c3:9b:6d:f4:e2:ab:df:98:02:32:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a1b3e738fbdf59cfe72cab78d56da07ccda5fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:80:a2:1b:d6:9f:ec:9e:44:f5:a9:30:0a:37:
0c:70:8f:a2:cc:eb:2d:89:41:ba:bc:4d:ea:58:63:
89:33:f3:18:c5:78:9f:77:ec:63:11:b9:c6:e5:a4:
28:af:c0:9d:48:a8:d4:45:20:f0:b7:40:8a:57:ea:
6e:94:d6:b6:50:f4:fb:12:6f:35:24:81:f7:36:64:
df:29:70:ae:f8:69:e9:ae:ff:e7:8a:f2:9c:9b:21:
6b:ce:e0:f9:35:40:1a:71:ed:e9:52:8d:cb:76:4b:
32:1f:af:11:cc:1b:db:68:f3:4f:a4:34:d7:14:86:
96:8d:40:51:e8:1a:65:15:30:67:1d:dd:c9:39:69:
8d:41:3d:48:0c:6a:a8:62:bf:2c:38:7a:f8:94:8c:
29:01:61:29:b3:dc:37:b2:f4:99:84:37:7a:f6:b0:
f1:e7:fa:f2:af:c1:0b:4e:99:27:cf:e9:73:3e:a5:
98:d5:39:4a:7a:25:b0:b0:6e:52:c3:fc:5e:65:3a:
27:34:c9:e8:b3:8d:4e:9c:b5:c9:49:41:fb:8b:4a:
27:4c:e3:ec:0d:94:fd:c2:1f:cd:3e:26:7b:e6:4c:
23:6b:14:a4:9d:31:0f:0a:51:34:7b:65:f9:c9:7b:
b6:d8:c9:c6:96:d6:69:82:2f:95:e8:8f:8f:18:ec:
ef:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1B:3E:73:8F:BD:F5:9C:FE:72:CA:B7:8D:56:DA:07:CC:DA:5F:BF
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Shs-c4-99Zz-csq3jVbaB8zaX78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.85.0-45.85.86.255
45.130.72.0/23
77.243.92.0/24
77.243.94.0/24
91.188.200.0/24
185.184.141.0-185.184.143.255
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
22:7f:b9:b4:02:3a:f5:44:cd:6c:33:83:f6:65:37:0a:c7:7b:
87:2b:c9:9b:6e:08:e3:05:a8:55:b2:5f:7f:c1:ef:52:8b:bb:
ac:57:3c:b0:45:cc:e1:92:1a:7c:96:e6:32:ba:ff:99:11:05:
60:b0:a2:02:49:0c:4c:95:b3:c6:97:56:d7:c7:6b:85:d4:20:
c4:7a:c2:0b:3e:20:c2:63:4c:9a:10:25:c4:fc:b7:50:e0:6a:
83:56:9b:4f:8c:86:24:c9:eb:a7:38:57:16:63:f6:c0:34:fa:
5e:d3:38:8d:12:25:2a:b3:f5:9a:f5:f9:07:45:c5:72:ef:f2:
02:93:14:18:56:f8:0c:91:ff:d0:db:e7:05:21:e5:08:26:66:
e7:f4:4d:f5:d0:5d:0b:49:53:c3:b6:0b:61:23:06:e8:51:ae:
02:99:6f:51:78:05:68:20:f5:6e:1e:1e:77:4d:18:88:2e:50:
8b:d7:ad:2d:87:fc:c0:84:55:b9:30:46:5a:83:ac:6a:83:ee:
3a:43:89:54:d1:4d:ba:f7:3f:17:7b:38:b4:e9:b0:b2:e9:76:
63:f3:e0:e5:7f:4f:66:d7:5c:35:90:c1:4d:51:8d:37:7e:00:
7a:1e:ef:06:a4:97:05:a9:f7:13:76:76:54:42:51:15:81:d9:
85:87:9e:71
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVsU/u2S8ObbfTiq9+YAjIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFiM2U3MzhmYmRmNTljZmU3MmNhYjc4ZDU2ZGEwN2NjZGE1ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYCiG9af7J5E9akwCjcMcI+izOst
iUG6vE3qWGOJM/MYxXifd+xjEbnG5aQor8CdSKjURSDwt0CKV+pulNa2UPT7Em81
JIH3NmTfKXCu+Gnprv/nivKcmyFrzuD5NUAace3pUo3LdksyH68RzBvbaPNPpDTX
FIaWjUBR6BplFTBnHd3JOWmNQT1IDGqoYr8sOHr4lIwpAWEps9w3svSZhDd69rDx
5/ryr8ELTpknz+lzPqWY1TlKeiWwsG5Sw/xeZTonNMnos41OnLXJSUH7i0onTOPs
DZT9wh/NPiZ75kwjaxSknTEPClE0e2X5yXu22MnGltZpgi+V6I+PGOzvXwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEobPnOPvfWc/nLKt41W2gfM2l+/MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvU2hzLWM0LTk5WnotY3NxM2pWYmFCOHphWDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAAtVVUD
BAAtVVYDBAEtgkgDBABN81wDBABN814DBABbvMgwDAMEALm4jQMEBLm4gAMEAbm5
+AMEALm+UDANBgkqhkiG9w0BAQsFAAOCAQEAIn+5tAI69UTNbDOD9mU3Csd7hyvJ
m24I4wWoVbJff8HvUou7rFc8sEXM4ZIafJbmMrr/mREFYLCiAkkMTJWzxpdW18dr
hdQgxHrCCz4gwmNMmhAlxPy3UOBqg1abT4yGJMnrpzhXFmP2wDT6XtM4jRIlKrP1
mvX5B0XFcu/yApMUGFb4DJH/0NvnBSHlCCZm5/RN9dBdC0lTw7YLYSMG6FGuAplv
UXgFaCD1bh4ed00YiC5Qi9etLYf8wIRVuTBGWoOsaoPuOkOJVNFNuvc/F3s4tOmw
sul2Y/Pg5X9PZtdcNZDBTVGNN34Aeh7vBqSXBan3E3Z2VEJRFYHZhYeecQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:50:39 2023 by rpki-client on console-ams.rpki-client.org