Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/aec33VDqa8yDUkYsK-MZ3N4_CSk.roa
File: aec33VDqa8yDUkYsK-MZ3N4_CSk.roa (raw, json)
Hash identifier: klptKtZpz2d0gDWIl4r98Wujk55/8biIHyHzqQ9VJbM=
Subject key identifier: 69:E7:37:DD:50:EA:6B:CC:83:52:46:2C:2B:E3:19:DC:DE:3F:09:29
Certificate issuer: /CN=10e8da8407f9f748e81fe9da9eb06b3b17d067dd
Certificate serial: 018570673F29BAD713F78DD59CD037EBBC66
Authority key identifier: 10:E8:DA:84:07:F9:F7:48:E8:1F:E9:DA:9E:B0:6B:3B:17:D0:67:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EOjahAf590joH-nanrBrOxfQZ90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/aec33VDqa8yDUkYsK-MZ3N4_CSk.roa
Signing time: Mon 02 Jan 2023 02:54:52 +0000
ROA not before: Mon 02 Jan 2023 02:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57468
IP address blocks: 194.60.240.0/23 maxlen: 23
45.15.220.0/22 maxlen: 22
194.60.241.0/24 maxlen: 24
185.6.210.0/24 maxlen: 24
185.6.208.0/22 maxlen: 22
185.6.211.0/24 maxlen: 24
185.6.209.0/24 maxlen: 24
185.144.32.0/22 maxlen: 22
2a03:1040::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Apr 2023 05:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:3f:29:ba:d7:13:f7:8d:d5:9c:d0:37:eb:bc:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10e8da8407f9f748e81fe9da9eb06b3b17d067dd
Validity
Not Before: Jan 2 02:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69e737dd50ea6bcc8352462c2be319dcde3f0929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:7f:31:f0:27:df:9c:0c:5c:3d:6b:5f:9d:
68:dd:94:b0:ad:60:f8:b7:91:ea:77:6f:d6:6c:50:
b9:3d:16:8c:dd:17:d7:bd:a5:ab:a7:87:68:cd:ed:
50:ca:7d:b1:30:ca:64:00:ed:84:3a:23:8b:76:a0:
da:49:35:1e:a7:37:9d:6a:e9:3f:e9:f0:6a:21:07:
5c:ed:c3:af:57:eb:e9:52:1e:f6:46:86:ef:b1:05:
e1:c9:e3:22:a1:13:5f:82:d6:3b:fe:d8:f1:43:7a:
a0:d4:42:f8:f6:06:a2:dc:62:7f:3a:4b:c2:61:fc:
69:5d:6b:a2:04:be:71:f5:1d:34:4a:8b:75:1c:c0:
9c:78:d3:84:d3:30:0d:76:8b:f8:23:6e:b1:58:86:
e5:b9:02:f2:75:ab:d8:f2:4c:1d:a0:bb:af:e4:f0:
d8:11:d2:50:90:ba:9b:76:5f:7a:07:d4:77:36:3b:
88:4b:10:8b:31:2f:21:e6:ba:2d:69:e4:78:d4:5d:
16:c3:12:51:08:2c:e0:1d:d4:52:f0:8c:41:01:38:
a0:fc:76:13:58:c5:8d:be:fb:01:59:7d:92:31:1b:
9d:99:c4:a3:b3:90:50:b4:19:35:a5:dc:eb:bd:48:
9e:d6:0c:3d:5b:dc:30:c5:83:c2:c8:af:c1:bf:6d:
67:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E7:37:DD:50:EA:6B:CC:83:52:46:2C:2B:E3:19:DC:DE:3F:09:29
X509v3 Authority Key Identifier:
keyid:10:E8:DA:84:07:F9:F7:48:E8:1F:E9:DA:9E:B0:6B:3B:17:D0:67:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EOjahAf590joH-nanrBrOxfQZ90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/aec33VDqa8yDUkYsK-MZ3N4_CSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/554988-d1a9-4b54-93ee-2ceea5caf3a0/1/EOjahAf590joH-nanrBrOxfQZ90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.220.0/22
185.6.208.0/22
185.144.32.0/22
194.60.240.0/23
IPv6:
2a03:1040::/32
Signature Algorithm: sha256WithRSAEncryption
84:60:a2:a1:49:27:1d:8f:89:5c:fb:eb:ae:a7:24:5c:f7:3c:
d6:61:6b:4c:d7:7a:00:5d:85:e3:0d:d3:ce:a6:f2:20:98:6f:
37:60:89:e4:e6:2b:5d:e9:b0:be:1f:00:11:77:df:9b:a6:ae:
68:ab:a9:64:b2:52:ac:c8:75:c2:7a:df:02:02:03:cb:f9:30:
b1:71:76:a3:bc:1e:03:77:cc:f8:90:f0:7d:a2:3f:50:7a:66:
4b:d9:6d:61:76:a1:2f:48:31:e2:f1:be:bf:f9:cd:15:80:58:
7d:b4:c1:18:bb:1e:e1:58:3d:20:f5:fa:1f:02:1b:00:28:bd:
e6:ff:80:70:8b:63:be:cd:1e:97:47:b1:b4:23:de:9c:57:58:
cb:98:3b:c2:97:35:b2:0f:56:95:5e:4f:69:62:92:6b:ed:33:
71:97:e6:ba:ff:a0:bc:50:bf:e1:8b:ba:bf:01:4d:91:80:5a:
af:c7:66:8a:4d:96:c3:4c:1e:58:7a:61:f1:8d:ad:c1:06:54:
f9:d5:fe:18:b4:d7:5b:8f:17:79:4f:98:1e:4d:88:9b:eb:1d:
8e:a7:86:82:2c:89:6d:8d:93:f4:aa:c2:31:e1:57:cf:87:a3:
8b:56:01:0c:84:de:cf:d5:63:4a:4a:07:df:b4:f3:81:42:c2:
31:21:4e:8f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwZz8putcT943VnNA367xmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwZThkYTg0MDdmOWY3NDhlODFmZTlkYTllYjA2YjNiMTdk
MDY3ZGQwHhcNMjMwMTAyMDI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWU3MzdkZDUwZWE2YmNjODM1MjQ2MmMyYmUzMTlkY2RlM2YwOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEl/MfAn35wMXD1rX51o3ZSwrWD4
t5Hqd2/WbFC5PRaM3RfXvaWrp4doze1Qyn2xMMpkAO2EOiOLdqDaSTUepzedauk/
6fBqIQdc7cOvV+vpUh72RobvsQXhyeMioRNfgtY7/tjxQ3qg1EL49gai3GJ/OkvC
YfxpXWuiBL5x9R00Sot1HMCceNOE0zANdov4I26xWIbluQLydavY8kwdoLuv5PDY
EdJQkLqbdl96B9R3NjuISxCLMS8h5rotaeR41F0WwxJRCCzgHdRS8IxBATig/HYT
WMWNvvsBWX2SMRudmcSjs5BQtBk1pdzrvUie1gw9W9wwxYPCyK/Bv21nqQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGnnN91Q6mvMg1JGLCvjGdzePwkpMB8GA1UdIwQY
MBaAFBDo2oQH+fdI6B/p2p6wazsX0GfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRU9qYWhBZjU5MGpvSC1uYW5yQnJPeGZRWjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81NTQ5ODgtZDFhOS00YjU0LTkzZWUt
MmNlZWE1Y2FmM2EwLzEvYWVjMzNWRHFhOHlEVWtZc0stTVozTjRfQ1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81NTQ5ODgtZDFhOS00YjU0LTkzZWUtMmNlZWE1Y2FmM2Ew
LzEvRU9qYWhBZjU5MGpvSC1uYW5yQnJPeGZRWjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQ/cAwQC
uQbQAwQCuZAgAwQBwjzwMA0EAgACMAcDBQAqAxBAMA0GCSqGSIb3DQEBCwUAA4IB
AQCEYKKhSScdj4lc++uupyRc9zzWYWtM13oAXYXjDdPOpvIgmG83YInk5itd6bC+
HwARd9+bpq5oq6lkslKsyHXCet8CAgPL+TCxcXajvB4Dd8z4kPB9oj9QemZL2W1h
dqEvSDHi8b6/+c0VgFh9tMEYux7hWD0g9fofAhsAKL3m/4Bwi2O+zR6XR7G0I96c
V1jLmDvClzWyD1aVXk9pYpJr7TNxl+a6/6C8UL/hi7q/AU2RgFqvx2aKTZbDTB5Y
emHxja3BBlT51f4YtNdbjxd5T5geTYib6x2Op4aCLIltjZP0qsIx4VfPh6OLVgEM
hN7P1WNKSgfftPOBQsIxIU6P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:25 2024 by rpki-client on console-ams.rpki-client.org