Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/IAIpypgAnJrQaSKITNEd9XjY_tA.roa
File: IAIpypgAnJrQaSKITNEd9XjY_tA.roa (raw, json)
Hash identifier: x5uRaCjOIVts+6Sw1jKKuCPgctGPmAXiWBJaO202WOU=
Subject key identifier: 20:02:29:CA:98:00:9C:9A:D0:69:22:88:4C:D1:1D:F5:78:D8:FE:D0
Certificate issuer: /CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Certificate serial: 0185711E4988FB02396F442E7488185FE1BB
Authority key identifier: F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/IAIpypgAnJrQaSKITNEd9XjY_tA.roa
Signing time: Mon 02 Jan 2023 06:14:48 +0000
ROA not before: Mon 02 Jan 2023 06:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200567
IP address blocks: 46.16.216.0/22 maxlen: 22
46.16.216.0/23 maxlen: 23
46.16.218.0/23 maxlen: 23
46.16.222.0/23 maxlen: 23
46.16.220.0/23 maxlen: 23
46.16.220.0/22 maxlen: 22
185.39.176.0/23 maxlen: 24
185.39.178.0/23 maxlen: 23
185.70.144.0/23 maxlen: 23
185.70.146.0/23 maxlen: 23
185.109.32.0/23 maxlen: 23
185.109.34.0/23 maxlen: 23
2a05:2a80:1::/48 maxlen: 48
2a05:2a80::/29 maxlen: 29
2a05:2a80::/32 maxlen: 32
2a06:4e40::/29 maxlen: 29
2a02:4500::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:49:88:fb:02:39:6f:44:2e:74:88:18:5f:e1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Validity
Not Before: Jan 2 06:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=200229ca98009c9ad06922884cd11df578d8fed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:47:37:d7:ee:8b:25:c3:9c:9b:4f:27:38:76:
18:f4:85:bf:c1:90:0b:ce:4f:a4:17:8b:00:0d:18:
b5:77:fb:26:53:a0:46:21:81:85:e8:c7:8c:11:1b:
e4:66:b0:4d:65:03:ae:96:1c:12:ed:91:76:34:35:
ec:39:a3:a5:be:39:a7:57:13:13:d7:f7:5e:74:95:
38:c7:ee:9d:57:96:36:4b:00:aa:53:26:f0:f6:fd:
0f:8b:4d:17:04:04:f3:a5:68:b4:ff:4d:d7:ca:01:
12:a6:2d:1f:67:63:be:92:25:95:a8:bb:5a:17:1d:
ea:13:43:43:15:2e:44:0c:2a:1d:db:6e:7d:25:74:
1b:6d:48:3e:4e:0b:20:db:37:0a:fd:10:ac:92:f5:
26:69:0f:b3:13:7a:12:6f:49:0b:7f:eb:cc:d8:a1:
ab:49:58:68:3a:ed:c8:c8:79:47:bb:29:4e:06:6b:
c6:1a:73:4a:c4:7e:ce:a7:50:9f:ee:bc:dd:78:a9:
fb:9a:c4:52:c2:64:34:86:a7:d5:10:6a:d6:ae:dd:
71:8f:a2:99:b5:99:d4:98:9b:ec:6c:56:36:09:02:
9c:5a:79:20:b7:56:40:09:19:7c:e2:04:d8:c5:15:
61:89:52:13:a9:a4:22:f7:86:31:e7:e8:e4:26:55:
eb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:02:29:CA:98:00:9C:9A:D0:69:22:88:4C:D1:1D:F5:78:D8:FE:D0
X509v3 Authority Key Identifier:
keyid:F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/IAIpypgAnJrQaSKITNEd9XjY_tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/9XvH8urwyvppvuX6vmcSK0Nj_nI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.216.0/21
185.39.176.0/22
185.70.144.0/22
185.109.32.0/22
IPv6:
2a02:4500::/32
2a05:2a80::/29
2a06:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
8e:64:e5:47:ff:e5:19:06:70:57:e0:e2:ee:68:dc:91:22:be:
89:f0:58:49:a2:70:9a:33:4c:9f:0f:60:c6:c8:f8:f6:fb:97:
2d:43:ce:57:a0:5b:f7:9f:76:69:d7:5e:35:67:c5:cd:33:8d:
f5:bf:d2:3f:b1:57:0a:66:c7:b4:3a:4f:82:b5:b0:1e:62:07:
aa:ef:7b:7f:ab:ef:1e:bd:cd:8e:04:63:88:b6:49:13:e9:ba:
f2:31:07:24:e5:ae:e3:12:8b:3c:19:50:68:48:9f:51:57:0e:
37:8e:8c:48:94:ec:fb:fd:ce:69:9a:4d:ad:3b:1d:e9:97:d6:
df:be:14:20:18:25:f2:a3:16:c1:1f:85:e3:97:51:ad:e6:e3:
c6:5e:9e:a2:70:d5:67:50:36:ff:84:b2:98:77:07:07:9e:51:
fe:73:23:4e:ab:cd:e9:1a:06:d5:45:d9:31:b3:60:c5:82:28:
b5:88:ee:5b:0f:4c:e5:bd:aa:dc:87:1a:e6:91:06:e3:ab:ed:
a7:99:90:1e:81:72:0b:0b:cb:f7:28:19:45:42:ca:e7:fd:60:
d8:fa:10:ce:73:bb:44:5e:2a:41:8f:47:34:94:3b:51:88:90:
67:8a:9e:1f:70:51:b3:39:8f:34:08:03:36:83:18:83:c8:9d:
04:8f:f4:03
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVxHkmI+wI5b0QudIgYX+G7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2JjN2YyZWFmMGNhZmE2OWJlZTVmYWJlNjcxMjJiNDM2
M2ZlNzIwHhcNMjMwMTAyMDYxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDAyMjljYTk4MDA5YzlhZDA2OTIyODg0Y2QxMWRmNTc4ZDhmZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0c31+6LJcOcm08nOHYY9IW/wZAL
zk+kF4sADRi1d/smU6BGIYGF6MeMERvkZrBNZQOulhwS7ZF2NDXsOaOlvjmnVxMT
1/dedJU4x+6dV5Y2SwCqUybw9v0Pi00XBATzpWi0/03XygESpi0fZ2O+kiWVqLta
Fx3qE0NDFS5EDCod2259JXQbbUg+Tgsg2zcK/RCskvUmaQ+zE3oSb0kLf+vM2KGr
SVhoOu3IyHlHuylOBmvGGnNKxH7Op1Cf7rzdeKn7msRSwmQ0hqfVEGrWrt1xj6KZ
tZnUmJvsbFY2CQKcWnkgt1ZACRl84gTYxRVhiVITqaQi94Yx5+jkJlXruQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFCACKcqYAJya0GkiiEzRHfV42P7QMB8GA1UdIwQY
MBaAFPV7x/Lq8Mr6ab7l+r5nEitDY/5yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh2SDh1cnd5dnBwdnVYNnZtY1NLME5qX25JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80NDQxYjQtZjk4MS00YzI2LTliOTkt
MTAxMDQ3M2Y0ZmU4LzEvSUFJcHlwZ0FuSnJRYVNLSVRORWQ5WGpZX3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80NDQxYjQtZjk4MS00YzI2LTliOTktMTAxMDQ3M2Y0ZmU4
LzEvOVh2SDh1cnd5dnBwdnVYNnZtY1NLME5qX25JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQDLhDYAwQC
uSewAwQCuUaQAwQCuW0gMBsEAgACMBUDBQAqAkUAAwUDKgUqgAMFAyoGTkAwDQYJ
KoZIhvcNAQELBQADggEBAI5k5Uf/5RkGcFfg4u5o3JEivonwWEmicJozTJ8PYMbI
+Pb7ly1DzlegW/efdmnXXjVnxc0zjfW/0j+xVwpmx7Q6T4K1sB5iB6rve3+r7x69
zY4EY4i2SRPpuvIxByTlruMSizwZUGhIn1FXDjeOjEiU7Pv9zmmaTa07HemX1t++
FCAYJfKjFsEfheOXUa3m48ZenqJw1WdQNv+Esph3BweeUf5zI06rzekaBtVF2TGz
YMWCKLWI7lsPTOW9qtyHGuaRBuOr7aeZkB6BcgsLy/coGUVCyuf9YNj6EM5zu0Re
KkGPRzSUO1GIkGeKnh9wUbM5jzQIAzaDGIPInQSP9AM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-fra.rpki-client.org