Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/1qMSOGdqaZd5Dd6VUUbyXym9adE.roa
File: 1qMSOGdqaZd5Dd6VUUbyXym9adE.roa (raw, json)
Hash identifier: ruAbfgVMoJFwYZ+KiDvSNw+FL1RmlJHGsZjnI3iMXVs=
Subject key identifier: D6:A3:12:38:67:6A:69:97:79:0D:DE:95:51:46:F2:5F:29:BD:69:D1
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018977731071BAC155CBB962D22E74ACA25C
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/1qMSOGdqaZd5Dd6VUUbyXym9adE.roa
Signing time: Fri 21 Jul 2023 07:56:16 +0000
ROA not before: Fri 21 Jul 2023 07:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50261
IP address blocks: 45.147.156.0/22 maxlen: 22
80.64.64.0/21 maxlen: 21
77.111.112.0/21 maxlen: 21
80.64.72.0/21 maxlen: 21
37.220.128.0/20 maxlen: 20
77.111.120.0/21 maxlen: 21
92.61.104.0/21 maxlen: 21
109.74.48.0/20 maxlen: 20
2a02:d400::/29 maxlen: 29
2a02:d400:6::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:73:10:71:ba:c1:55:cb:b9:62:d2:2e:74:ac:a2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jul 21 07:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a31238676a6997790dde955146f25f29bd69d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a7:b2:ec:3f:10:d6:d7:31:b8:55:ce:7b:38:
ff:c1:88:83:fb:2e:8a:58:2d:67:69:46:15:4f:12:
eb:d8:f1:c7:91:cf:40:02:cb:f6:0a:75:8b:9d:92:
a2:da:c0:85:08:ee:f9:6f:79:2d:b4:0f:82:60:e7:
a3:38:17:8a:05:ee:18:3f:c1:54:f5:27:62:74:59:
be:76:98:d0:1b:cb:0c:33:71:36:ec:21:60:eb:57:
51:e8:dc:42:93:50:0d:0c:0d:d9:89:80:e3:ab:ff:
f5:35:1b:bc:e1:99:89:6f:01:95:26:9a:41:3e:78:
d2:fc:20:51:1f:d9:54:c5:11:c2:49:f7:7d:8e:0a:
14:a2:af:87:86:1a:b1:0e:a2:70:5b:63:a2:ca:5e:
69:d5:07:6d:b2:01:45:5e:eb:74:53:2a:bf:2c:da:
6f:18:63:0d:44:0a:f3:d8:3a:70:6a:90:03:18:b3:
3b:46:ac:10:6f:e8:24:92:7c:c7:e8:0c:03:31:73:
ee:c0:9a:c2:d3:82:53:32:98:a8:51:db:4f:6a:b7:
06:38:10:db:e4:86:ba:3f:50:7a:82:5d:37:1c:e9:
e2:e3:7f:c9:82:2f:cd:aa:3a:8a:8c:84:e7:1f:ce:
04:69:55:fa:0b:36:82:a2:13:d2:1e:28:4c:38:d4:
5d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A3:12:38:67:6A:69:97:79:0D:DE:95:51:46:F2:5F:29:BD:69:D1
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/1qMSOGdqaZd5Dd6VUUbyXym9adE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.128.0/20
45.147.156.0/22
77.111.112.0/20
80.64.64.0/20
92.61.104.0/21
109.74.48.0/20
IPv6:
2a02:d400::/29
Signature Algorithm: sha256WithRSAEncryption
08:ef:37:d8:f2:a6:68:ee:ac:06:ec:48:88:ed:08:72:9e:2a:
ea:b2:27:14:d9:d2:d5:84:10:18:b4:21:f4:d2:d9:d0:5c:47:
45:e0:b3:af:90:f0:df:51:1b:af:c5:a9:2b:91:ee:e8:ef:f7:
c0:0c:87:c1:81:62:fb:cd:ae:c5:f1:d8:87:3d:3b:ff:b4:d2:
3d:96:48:4b:54:e8:4f:d1:0a:c3:b9:79:af:b7:18:61:f2:44:
9b:09:19:91:8c:8e:d0:db:59:6f:f8:60:68:44:5e:f4:96:2a:
19:07:ea:d6:7e:c4:44:df:47:b0:bc:94:ae:5e:9c:83:f6:3f:
00:8a:32:86:97:5c:c1:05:40:9f:73:73:37:95:d5:57:7e:43:
96:8b:81:38:be:a3:23:07:b5:da:26:35:2d:43:83:9f:99:4e:
4a:79:fa:a3:b1:ff:e8:90:82:f0:9d:15:94:c2:d0:97:da:ae:
e4:31:c8:a9:8e:cc:9e:b2:70:6d:3e:52:7e:ef:a8:1d:04:a3:
4a:bf:b4:ee:de:9e:db:d9:5f:d2:4e:18:89:cc:c4:8f:2a:d5:
37:49:ff:88:76:c8:71:57:80:2d:0e:43:c5:12:e3:23:13:74:
88:63:e9:3d:c9:c0:bb:c7:2b:39:6c:20:1b:0e:5f:be:55:f9:
26:06:3d:04
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYl3cxBxusFVy7li0i50rKJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwNzIxMDc1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmEzMTIzODY3NmE2OTk3NzkwZGRlOTU1MTQ2ZjI1ZjI5YmQ2OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKey7D8Q1tcxuFXOezj/wYiD+y6K
WC1naUYVTxLr2PHHkc9AAsv2CnWLnZKi2sCFCO75b3kttA+CYOejOBeKBe4YP8FU
9SdidFm+dpjQG8sMM3E27CFg61dR6NxCk1ANDA3ZiYDjq//1NRu84ZmJbwGVJppB
PnjS/CBRH9lUxRHCSfd9jgoUoq+HhhqxDqJwW2Oiyl5p1QdtsgFFXut0Uyq/LNpv
GGMNRArz2DpwapADGLM7RqwQb+gkknzH6AwDMXPuwJrC04JTMpioUdtParcGOBDb
5Ia6P1B6gl03HOni43/Jgi/NqjqKjITnH84EaVX6CzaCohPSHihMONRd7wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNajEjhnammXeQ3elVFG8l8pvWnRMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvMXFNU09HZHFhWmQ1RGQ2VlVVYnlYeW05YWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEJdyAAwQC
LZOcAwQETW9wAwQEUEBAAwQDXD1oAwQEbUowMA0EAgACMAcDBQMqAtQAMA0GCSqG
SIb3DQEBCwUAA4IBAQAI7zfY8qZo7qwG7EiI7QhynirqsicU2dLVhBAYtCH00tnQ
XEdF4LOvkPDfURuvxakrke7o7/fADIfBgWL7za7F8diHPTv/tNI9lkhLVOhP0QrD
uXmvtxhh8kSbCRmRjI7Q21lv+GBoRF70lioZB+rWfsRE30ewvJSuXpyD9j8AijKG
l1zBBUCfc3M3ldVXfkOWi4E4vqMjB7XaJjUtQ4OfmU5Kefqjsf/okILwnRWUwtCX
2q7kMcipjsyesnBtPlJ+76gdBKNKv7Tu3p7b2V/SThiJzMSPKtU3Sf+IdshxV4At
DkPFEuMjE3SIY+k9ycC7xys5bCAbDl++VfkmBj0E
Generated at Thu Jul 27 12:10:38 2023 by rpki-client on console-ams.rpki-client.org