Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/hUW4LPKB4xIyXdWg2rOPfqIttmE.roa
File: hUW4LPKB4xIyXdWg2rOPfqIttmE.roa (raw, json)
Hash identifier: 6F4L1BU++kyQ2Ek5zyvSF0K8ftA+01AxOdU5kHvPsq4=
Subject key identifier: 85:45:B8:2C:F2:81:E3:12:32:5D:D5:A0:DA:B3:8F:7E:A2:2D:B6:61
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018B860462F056DEF59CD24BAAF3703094A1
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/hUW4LPKB4xIyXdWg2rOPfqIttmE.roa
Signing time: Tue 31 Oct 2023 13:55:16 +0000
ROA not before: Tue 31 Oct 2023 13:55:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 91.92.33.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:04:62:f0:56:de:f5:9c:d2:4b:aa:f3:70:30:94:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 31 13:55:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8545b82cf281e312325dd5a0dab38f7ea22db661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:d5:c9:66:4a:fc:13:85:1b:cb:6b:a8:85:
c8:8d:c4:5b:e1:90:12:04:84:4d:f6:00:d1:57:17:
e3:6d:47:fd:a9:90:cd:d4:99:fd:22:71:43:d7:23:
d1:35:d3:77:7e:cf:8a:b1:b1:d9:24:0f:6d:f0:26:
e1:ce:52:be:e8:8c:cf:b7:2b:34:05:a8:a4:00:21:
93:13:54:f7:91:62:5d:1e:4d:5c:d9:27:59:0d:27:
db:4e:49:cf:1a:91:0e:ac:81:a8:92:3e:7d:19:20:
12:e9:3d:51:a9:99:d8:ad:5a:1f:04:d8:6e:d3:bb:
b0:0b:85:23:15:6e:ab:d2:9f:1e:fc:53:5e:65:94:
84:b0:95:f5:e6:31:7d:bd:74:34:13:0c:9d:65:90:
56:c0:c3:a0:4c:a7:99:53:f6:7a:50:ea:04:17:1b:
ab:3b:0d:03:c2:04:16:10:b2:44:f0:98:fa:6a:92:
cd:0b:20:84:b5:35:9f:b2:d8:af:b2:44:5c:8d:e3:
37:c4:95:de:d3:c3:eb:55:29:fd:b7:90:b4:eb:e9:
eb:80:bb:00:d6:be:ab:21:d3:4b:a9:37:3d:cf:06:
29:63:69:2c:2e:46:16:d6:7a:67:07:e4:f4:3b:3c:
dc:89:01:be:55:db:4b:db:1f:e2:36:45:cd:12:63:
11:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:45:B8:2C:F2:81:E3:12:32:5D:D5:A0:DA:B3:8F:7E:A2:2D:B6:61
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/hUW4LPKB4xIyXdWg2rOPfqIttmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.235.0/24
91.92.33.0/24
91.92.49.0/24
93.152.206.0/24
93.152.208.0/23
93.152.217.0/24
Signature Algorithm: sha256WithRSAEncryption
74:7a:31:29:fe:16:00:da:4e:49:83:52:a3:5c:72:71:21:76:
e2:32:ad:cd:9a:94:13:a9:62:e3:95:4f:3f:6e:6a:66:db:49:
45:3f:cd:9b:0b:09:30:6e:dd:ff:6c:6e:5f:d0:cf:c9:c2:e2:
69:0f:4b:eb:54:84:fb:a6:4b:ae:29:20:d2:a2:60:08:70:ab:
cd:ce:fb:73:25:29:72:21:65:2a:88:cb:50:33:8f:54:7f:49:
98:61:45:ce:cd:8b:b6:3f:1f:e6:75:e8:c9:eb:6c:39:65:d3:
af:b2:63:16:18:8b:fb:6c:e1:63:25:a8:40:9d:1b:c4:cb:89:
8e:24:c2:e6:a4:f5:1e:5d:32:d7:8c:18:dc:db:89:83:b2:11:
7d:e0:86:15:d5:03:4b:cb:56:53:7d:19:30:14:a8:15:17:91:
6d:2f:20:ae:14:23:68:4a:9c:81:9c:0e:ac:e5:34:4b:5f:98:
82:02:61:98:45:68:9d:e8:73:fc:07:cb:6d:dc:32:7a:50:08:
54:7a:51:57:72:37:04:3e:ca:80:6a:aa:f0:93:d5:e9:11:47:
48:ed:47:42:0c:ae:ec:79:58:fb:33:20:31:e1:98:22:c9:44:
75:36:16:c3:7c:12:b1:e5:60:11:6d:71:4c:90:83:64:a1:a5:
92:dc:f7:69
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYuGBGLwVt71nNJLqvNwMJShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMxMDMxMTM1NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ1YjgyY2YyODFlMzEyMzI1ZGQ1YTBkYWIzOGY3ZWEyMmRiNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkTVyWZK/BOFG8trqIXIjcRb4ZAS
BIRN9gDRVxfjbUf9qZDN1Jn9InFD1yPRNdN3fs+KsbHZJA9t8CbhzlK+6IzPtys0
BaikACGTE1T3kWJdHk1c2SdZDSfbTknPGpEOrIGokj59GSAS6T1RqZnYrVofBNhu
07uwC4UjFW6r0p8e/FNeZZSEsJX15jF9vXQ0EwydZZBWwMOgTKeZU/Z6UOoEFxur
Ow0DwgQWELJE8Jj6apLNCyCEtTWfstivskRcjeM3xJXe08PrVSn9t5C06+nrgLsA
1r6rIdNLqTc9zwYpY2ksLkYW1npnB+T0OzzciQG+VdtL2x/iNkXNEmMRXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIVFuCzygeMSMl3VoNqzj36iLbZhMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvaFVXNExQS0I0eEl5WGRXZzJyT1BmcUl0dG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALY3rAwQA
W1whAwQAW1wxAwQAXZjOAwQBXZjQAwQAXZjZMA0GCSqGSIb3DQEBCwUAA4IBAQB0
ejEp/hYA2k5Jg1KjXHJxIXbiMq3NmpQTqWLjlU8/bmpm20lFP82bCwkwbt3/bG5f
0M/JwuJpD0vrVIT7pkuuKSDSomAIcKvNzvtzJSlyIWUqiMtQM49Uf0mYYUXOzYu2
Px/mdejJ62w5ZdOvsmMWGIv7bOFjJahAnRvEy4mOJMLmpPUeXTLXjBjc24mDshF9
4IYV1QNLy1ZTfRkwFKgVF5FtLyCuFCNoSpyBnA6s5TRLX5iCAmGYRWid6HP8B8tt
3DJ6UAhUelFXcjcEPsqAaqrwk9XpEUdI7UdCDK7seVj7MyAx4ZgiyUR1NhbDfBKx
5WARbXFMkINkoaWS3Pdp
-----END CERTIFICATE-----
Generated at Thu Nov 2 13:21:58 2023 by rpki-client on console-ams.rpki-client.org