Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/verWttiz4cbzFaVqDIYgO-lK5Go.roa
File: verWttiz4cbzFaVqDIYgO-lK5Go.roa (raw, json)
Hash identifier: hWK8BLYoZ2NV/pAGfRa/9m3XiD7VwQOIiTE8TnE7BPI=
Subject key identifier: BD:EA:D6:B6:D8:B3:E1:C6:F3:15:A5:6A:0C:86:20:3B:E9:4A:E4:6A
Certificate issuer: /CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Certificate serial: 01857321EC650FD783640896FBE1580837A4
Authority key identifier: D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/verWttiz4cbzFaVqDIYgO-lK5Go.roa
Signing time: Mon 02 Jan 2023 15:38:01 +0000
ROA not before: Mon 02 Jan 2023 15:38:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42846
IP address blocks: 185.106.211.0/24 maxlen: 24
185.106.210.0/24 maxlen: 24
185.106.209.0/24 maxlen: 24
185.106.208.0/24 maxlen: 24
89.252.179.0/24 maxlen: 24
89.252.178.0/24 maxlen: 24
89.252.181.0/24 maxlen: 24
89.252.180.0/24 maxlen: 24
45.84.188.0/24 maxlen: 24
45.84.191.0/24 maxlen: 24
45.84.190.0/24 maxlen: 24
2a06:41c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:ec:65:0f:d7:83:64:08:96:fb:e1:58:08:37:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca1a706abcfbe1b85865238d8435ee33e75820
Validity
Not Before: Jan 2 15:38:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdead6b6d8b3e1c6f315a56a0c86203be94ae46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:46:8c:f0:49:70:16:7a:d6:c1:d2:7f:3d:ee:
7e:dd:cf:c9:8d:01:e3:1e:ac:4f:a0:a6:4b:47:f0:
17:97:97:b8:da:55:46:37:01:4d:5f:d9:be:8c:3c:
e6:86:ba:5a:a8:1d:05:57:ff:c7:d2:67:9f:e4:bc:
2d:c2:b1:60:84:20:db:6e:6f:13:ef:27:d6:fb:18:
4e:8e:37:2d:63:f3:4b:1c:e6:cc:75:b5:6a:77:2d:
61:1c:f3:a5:0a:ff:ff:98:8a:05:e5:31:0f:c8:e5:
d0:3d:c7:11:fe:44:ad:4c:09:65:02:a2:88:3b:c4:
e1:a2:4d:97:da:55:28:2a:9e:37:6c:7d:be:66:e2:
b4:c5:3d:94:b5:2a:97:7f:27:2d:d2:b2:de:99:0f:
81:7e:e1:da:a6:bc:8e:d4:02:ee:09:c4:d3:4b:cc:
f1:42:f1:3c:22:f4:93:b4:e4:03:b7:0e:3a:a7:9c:
d6:1f:6a:c4:fe:d1:fd:57:73:ce:89:53:b3:e1:2a:
64:ca:52:f2:e0:5a:30:41:3b:b6:52:dd:3a:ef:95:
62:d6:ba:9b:80:fb:84:d3:6d:ca:99:96:ed:8d:66:
35:d1:54:fc:b0:bb:89:98:62:a2:5d:a5:c3:0a:da:
0f:0e:c1:e7:e2:30:f9:fd:5f:4d:62:4f:0c:b8:2c:
d6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EA:D6:B6:D8:B3:E1:C6:F3:15:A5:6A:0C:86:20:3B:E9:4A:E4:6A
X509v3 Authority Key Identifier:
keyid:D1:CA:1A:70:6A:BC:FB:E1:B8:58:65:23:8D:84:35:EE:33:E7:58:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0coacGq8--G4WGUjjYQ17jPnWCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/verWttiz4cbzFaVqDIYgO-lK5Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cf79a3-f3cc-4d5a-9672-e8f7fd3a4078/1/0coacGq8--G4WGUjjYQ17jPnWCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.188.0/24
45.84.190.0/23
89.252.178.0-89.252.181.255
185.106.208.0/22
IPv6:
2a06:41c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
4f:18:e4:98:e1:c3:ee:56:cb:c4:df:33:5a:35:83:a2:5f:1d:
df:90:a2:de:d6:6b:c0:f6:52:bc:31:fe:b1:30:02:5e:04:11:
e4:21:45:d5:ba:82:7b:bf:ee:77:92:47:b7:0e:49:7a:aa:c8:
f6:45:08:3c:23:96:8b:38:1c:ba:71:2f:2d:3a:5a:8d:85:c3:
23:52:fc:19:66:57:8a:50:30:7e:10:f8:88:b3:ba:6a:8d:a9:
28:5a:28:29:c1:86:79:15:82:9e:a1:6f:44:91:d3:db:b9:f5:
77:f7:87:04:32:2e:c4:16:65:fd:fd:02:db:db:86:5d:c5:62:
cf:99:1a:64:a7:dc:48:05:e9:ed:3e:9c:41:64:0b:36:6c:26:
3d:58:fe:e7:a0:3f:25:05:e1:84:8c:8c:11:88:73:fa:a1:74:
0a:f9:36:f3:67:e7:ea:3b:36:99:b4:83:32:13:e4:04:73:2b:
6f:83:e7:37:75:b5:23:f0:9d:2e:46:36:a7:36:57:0b:c2:53:
f8:38:1d:9a:02:64:83:b4:56:6f:3f:56:d0:4f:ef:a7:e1:65:
44:20:fb:89:ad:1c:4c:ee:84:a3:d5:ee:ec:cc:44:c1:e1:ec:
2e:47:a8:bb:c2:fb:5f:98:3e:97:4e:8e:fb:1a:76:2d:02:30:
d7:4d:b7:94
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVzIexlD9eDZAiW++FYCDekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2ExYTcwNmFiY2ZiZTFiODU4NjUyMzhkODQzNWVlMzNl
NzU4MjAwHhcNMjMwMTAyMTUzODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGVhZDZiNmQ4YjNlMWM2ZjMxNWE1NmEwYzg2MjAzYmU5NGFlNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUaM8ElwFnrWwdJ/Pe5+3c/JjQHj
HqxPoKZLR/AXl5e42lVGNwFNX9m+jDzmhrpaqB0FV//H0mef5LwtwrFghCDbbm8T
7yfW+xhOjjctY/NLHObMdbVqdy1hHPOlCv//mIoF5TEPyOXQPccR/kStTAllAqKI
O8Thok2X2lUoKp43bH2+ZuK0xT2UtSqXfyct0rLemQ+BfuHapryO1ALuCcTTS8zx
QvE8IvSTtOQDtw46p5zWH2rE/tH9V3POiVOz4SpkylLy4FowQTu2Ut0675Vi1rqb
gPuE023KmZbtjWY10VT8sLuJmGKiXaXDCtoPDsHn4jD5/V9NYk8MuCzWsQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFL3q1rbYs+HG8xWlagyGIDvpSuRqMB8GA1UdIwQY
MBaAFNHKGnBqvPvhuFhlI42ENe4z51ggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzIt
ZThmN2ZkM2E0MDc4LzEvdmVyV3R0aXo0Y2J6RmFWcURJWWdPLWxLNUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jZjc5YTMtZjNjYy00ZDVhLTk2NzItZThmN2ZkM2E0MDc4
LzEvMGNvYWNHcTgtLUc0V0dVampZUTE3alBuV0NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQALVS8AwQB
LVS+MAwDBAFZ/LIDBAFZ/LQDBAK5atAwDwQCAAIwCQMHACoGQcAAATANBgkqhkiG
9w0BAQsFAAOCAQEATxjkmOHD7lbLxN8zWjWDol8d35Ci3tZrwPZSvDH+sTACXgQR
5CFF1bqCe7/ud5JHtw5JeqrI9kUIPCOWizgcunEvLTpajYXDI1L8GWZXilAwfhD4
iLO6ao2pKFooKcGGeRWCnqFvRJHT27n1d/eHBDIuxBZl/f0C29uGXcViz5kaZKfc
SAXp7T6cQWQLNmwmPVj+56A/JQXhhIyMEYhz+qF0Cvk282fn6js2mbSDMhPkBHMr
b4PnN3W1I/CdLkY2pzZXC8JT+DgdmgJkg7RWbz9W0E/vp+FlRCD7ia0cTO6Eo9Xu
7MxEweHsLkeou8L7X5g+l06O+xp2LQIw1023lA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:29 2023 by rpki-client on console-ams.rpki-client.org