Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/1-dwUkmyb27zPiMBl72Y_XbcGa6A.roa
File: 1-dwUkmyb27zPiMBl72Y_XbcGa6A.roa (raw, json)
Hash identifier: q8hyRMVAo3Jc2f78nBVMCMEx9zKkQv/Zh7CYkKjydv8=
Subject key identifier: F9:DC:14:92:6C:9B:DB:BC:CF:88:C0:65:EF:66:3F:5D:B7:06:6B:A0
Certificate issuer: /CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Certificate serial: 01856D4AE95365745A94390432F37307BE2F
Authority key identifier: 42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/1-dwUkmyb27zPiMBl72Y_XbcGa6A.roa
Signing time: Sun 01 Jan 2023 12:25:04 +0000
ROA not before: Sun 01 Jan 2023 12:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197580
IP address blocks: 83.174.148.0/22 maxlen: 22
83.174.152.0/21 maxlen: 21
185.42.208.0/22 maxlen: 22
46.245.136.0/21 maxlen: 21
185.254.216.0/22 maxlen: 22
2a05:dec0::/29 maxlen: 29
2a01:6320::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:e9:53:65:74:5a:94:39:04:32:f3:73:07:be:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421bae989898d9402424aadafbb47c3a6d4c25b3
Validity
Not Before: Jan 1 12:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9dc14926c9bdbbccf88c065ef663f5db7066ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:41:97:2f:cc:80:f3:6b:c9:9d:8f:2d:d4:68:
ff:7b:a1:c6:75:c0:2e:47:74:6e:09:6b:17:a5:79:
44:b8:c7:a4:14:25:21:5c:aa:6b:13:cc:19:af:bf:
d1:89:44:a1:34:9b:6d:60:d7:a4:ac:4a:32:0b:63:
1e:6c:e2:32:b3:75:a2:ae:c2:c7:b9:87:96:fc:98:
70:8b:68:05:9f:f1:dd:0a:61:16:9f:d3:7c:cc:b6:
88:3b:1e:5e:a4:60:e4:c9:58:a6:da:b6:68:58:64:
af:2b:71:15:bb:b6:7d:b5:16:bd:89:e4:65:49:e2:
44:7a:61:34:7b:d3:fb:3a:66:64:05:e1:df:24:02:
2e:d1:5a:ca:4c:03:e3:fb:e2:40:3e:c4:52:51:9f:
4d:06:52:0c:33:9c:05:fc:ff:ec:48:4f:c2:76:4e:
44:89:cf:2e:8b:36:03:f1:77:76:97:41:64:28:9e:
40:aa:e3:c9:73:90:e8:1d:77:80:92:c4:9b:a3:20:
26:7c:f8:9a:b8:f9:02:2d:10:2a:8a:2e:07:7a:09:
36:8a:d5:d1:01:f6:8b:18:88:a1:bb:16:bc:f0:10:
5a:f9:5f:ea:32:f3:88:cc:87:fe:28:e0:68:b2:0c:
29:3f:92:74:ee:a2:e8:11:95:87:44:e9:62:e2:8f:
56:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DC:14:92:6C:9B:DB:BC:CF:88:C0:65:EF:66:3F:5D:B7:06:6B:A0
X509v3 Authority Key Identifier:
keyid:42:1B:AE:98:98:98:D9:40:24:24:AA:DA:FB:B4:7C:3A:6D:4C:25:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhuumJiY2UAkJKra-7R8Om1MJbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/1-dwUkmyb27zPiMBl72Y_XbcGa6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/b34cb0-2f71-4f59-bd5e-67efcb3d86fe/1/QhuumJiY2UAkJKra-7R8Om1MJbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.136.0/21
83.174.148.0-83.174.159.255
185.42.208.0/22
185.254.216.0/22
IPv6:
2a01:6320::/32
2a05:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:4a:00:1a:b0:9b:a9:ba:78:23:46:32:41:e7:45:ca:22:1b:
12:93:f2:40:a0:c2:9f:e2:d3:bb:e0:2d:f4:aa:4d:5b:10:01:
82:b1:6f:58:64:78:6e:c8:cc:c8:9c:ca:7d:18:34:ef:4b:4d:
0e:73:1c:bf:2b:b6:4d:79:99:d2:42:f0:43:89:7a:99:36:b1:
59:91:db:4c:17:42:68:2d:05:41:6b:79:95:97:1a:7b:67:26:
7a:71:bf:76:5d:d3:b7:35:32:0d:73:7b:f4:30:e1:e4:d2:53:
dc:f3:a1:36:fc:19:30:a9:45:a8:5c:da:eb:53:e7:11:11:ea:
d4:bb:27:1d:3a:4c:92:6d:ff:ec:96:d6:ab:02:4d:1a:44:f0:
34:2b:79:ee:62:39:e3:c0:3b:2d:31:89:64:06:de:2a:09:ce:
cc:28:09:5e:ca:81:c7:64:7f:a2:78:93:f6:e6:f9:53:f3:ea:
25:50:d9:c2:20:28:e7:13:a0:f7:6e:35:d4:53:b6:75:64:97:
4b:da:49:d9:1f:4a:0e:0b:48:fe:a7:0d:08:cd:6b:e0:3c:6b:
e7:25:0e:cf:77:25:42:88:f2:87:77:16:e7:22:8a:33:40:39:
9e:ff:e7:50:b9:70:8d:4e:e4:a0:69:61:51:6f:23:0a:8e:e7:
39:34:3a:b3
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVtSulTZXRalDkEMvNzB74vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWJhZTk4OTg5OGQ5NDAyNDI0YWFkYWZiYjQ3YzNhNmQ0
YzI1YjMwHhcNMjMwMTAxMTIyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRjMTQ5MjZjOWJkYmJjY2Y4OGMwNjVlZjY2M2Y1ZGI3MDY2YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUGXL8yA82vJnY8t1Gj/e6HGdcAu
R3RuCWsXpXlEuMekFCUhXKprE8wZr7/RiUShNJttYNekrEoyC2MebOIys3WirsLH
uYeW/Jhwi2gFn/HdCmEWn9N8zLaIOx5epGDkyVim2rZoWGSvK3EVu7Z9tRa9ieRl
SeJEemE0e9P7OmZkBeHfJAIu0VrKTAPj++JAPsRSUZ9NBlIMM5wF/P/sSE/Cdk5E
ic8uizYD8Xd2l0FkKJ5AquPJc5DoHXeAksSboyAmfPiauPkCLRAqii4Hegk2itXR
AfaLGIihuxa88BBa+V/qMvOIzIf+KOBosgwpP5J07qLoEZWHROli4o9WZQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPncFJJsm9u8z4jAZe9mP123BmugMB8GA1UdIwQY
MBaAFEIbrpiYmNlAJCSq2vu0fDptTCWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh1dW1KaVkyVUFrSktyYS03UjhPbTFNSmJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iMzRjYjAtMmY3MS00ZjU5LWJkNWUt
NjdlZmNiM2Q4NmZlLzEvMS1kd1VrbXliMjd6UGlNQmw3MllfWGJjR2E2QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGEvYjM0Y2IwLTJmNzEtNGY1OS1iZDVlLTY3ZWZjYjNkODZm
ZS8xL1FodXVtSmlZMlVBa0pLcmEtN1I4T20xTUpiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wJgQCAAEwIAMEAy71iDAM
AwQCU66UAwQFU66AAwQCuSrQAwQCuf7YMBQEAgACMA4DBQAqAWMgAwUDKgXewDAN
BgkqhkiG9w0BAQsFAAOCAQEArEoAGrCbqbp4I0YyQedFyiIbEpPyQKDCn+LTu+At
9KpNWxABgrFvWGR4bsjMyJzKfRg070tNDnMcvyu2TXmZ0kLwQ4l6mTaxWZHbTBdC
aC0FQWt5lZcae2cmenG/dl3TtzUyDXN79DDh5NJT3POhNvwZMKlFqFza61PnERHq
1LsnHTpMkm3/7JbWqwJNGkTwNCt57mI548A7LTGJZAbeKgnOzCgJXsqBx2R/oniT
9ub5U/PqJVDZwiAo5xOg92411FO2dWSXS9pJ2R9KDgtI/qcNCM1r4Dxr5yUOz3cl
Qojyh3cW5yKKM0A5nv/nULlwjU7koGlhUW8jCo7nOTQ6sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:27 2024 by rpki-client on console-ams.rpki-client.org