Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cO60N1ycn8KlNjNGQGbEKlCPf6E.roa
File: cO60N1ycn8KlNjNGQGbEKlCPf6E.roa (raw, json)
Hash identifier: LObBeldLGgUMpdHNoUnMQ/YcCWY3MkBHgkLuLOSTmIM=
Subject key identifier: 70:EE:B4:37:5C:9C:9F:C2:A5:36:33:46:40:66:C4:2A:50:8F:7F:A1
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 018A1C71938409223E83849C9728D6B69E50
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cO60N1ycn8KlNjNGQGbEKlCPf6E.roa
Signing time: Tue 22 Aug 2023 08:51:59 +0000
ROA not before: Tue 22 Aug 2023 08:51:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.114.199.0/24 maxlen: 24
195.114.206.0/24 maxlen: 24
195.114.200.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
195.114.201.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
45.155.242.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:71:93:84:09:22:3e:83:84:9c:97:28:d6:b6:9e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Aug 22 08:51:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70eeb4375c9c9fc2a53633464066c42a508f7fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6c:18:b7:cf:57:04:17:96:64:d2:4f:bd:eb:
2b:ea:55:a2:ea:b0:d5:ce:5f:44:ad:33:42:a1:97:
9b:e2:a0:4c:b4:21:68:88:af:08:bf:0b:84:53:20:
f8:6a:df:20:46:29:5a:2f:dd:41:f7:6d:b5:a0:01:
c9:7c:1e:af:c5:cd:ac:93:2d:58:3c:f9:4b:12:9f:
62:1f:af:6a:50:d7:fc:b2:05:1b:38:3d:4f:ea:d9:
f1:e8:88:13:ea:f1:a2:0d:fd:ee:66:10:78:ef:21:
b1:f2:ef:b3:ed:4a:b9:95:cb:56:a2:a2:66:e1:fd:
85:ff:13:13:ca:c9:94:6f:ea:f2:e4:c9:a0:c7:6f:
db:eb:02:9a:48:17:20:66:c0:8f:58:ae:7b:b7:82:
20:af:5e:23:4f:e9:b7:83:dd:bd:7c:8e:21:67:2d:
1a:df:5e:22:31:57:88:e3:61:f9:2b:12:a6:98:9a:
25:51:08:5f:2d:ef:18:40:87:0b:f8:d1:7d:a2:5d:
f7:d1:9e:61:d5:c7:32:f4:82:93:f5:c7:97:8b:02:
22:e1:42:9a:e9:f4:d3:c8:52:4d:4d:69:38:10:ec:
74:3f:9c:22:2b:3a:05:c7:27:96:1e:bd:fc:4d:f9:
55:e4:3d:39:75:4a:4e:04:35:0f:0c:40:f2:ba:4b:
80:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:EE:B4:37:5C:9C:9F:C2:A5:36:33:46:40:66:C4:2A:50:8F:7F:A1
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cO60N1ycn8KlNjNGQGbEKlCPf6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.242.0/23
194.143.217.0-194.143.218.255
194.143.221.0-194.143.223.255
195.114.199.0-195.114.201.255
195.114.206.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:70:a1:ca:82:57:fa:7e:54:1d:c7:22:5a:b5:da:be:d3:50:
15:21:15:03:bc:95:3e:1a:7e:78:8f:25:7f:fc:84:fb:cc:ad:
1b:e3:70:1d:96:d9:72:35:ff:a5:64:58:ff:43:80:4f:ec:e1:
18:ab:8d:5e:5b:2d:75:a7:9d:4f:08:97:8c:15:a0:94:30:3e:
b9:1b:3c:41:95:cf:87:8b:a9:13:f2:7d:ec:c0:0f:03:87:5a:
70:87:65:e4:93:a3:35:6e:7a:5a:31:2f:7c:e8:75:6d:f0:ea:
7f:ed:e8:1e:d4:5b:7e:58:69:23:04:9d:e3:0c:a3:89:28:58:
74:d0:fa:2c:f6:94:ab:71:39:e2:ea:e3:0d:44:ad:0b:d9:0d:
fa:06:6a:a5:5a:03:0f:f3:5e:25:65:e5:05:e9:b2:ef:eb:e1:
a1:3f:db:b1:99:49:3c:33:e5:34:1d:5a:38:54:26:79:a2:cf:
c9:ea:3d:36:28:74:8a:1c:de:e0:f9:dc:0d:a8:92:b4:fe:1d:
74:1c:20:03:f5:c9:97:f4:ae:99:9a:a8:20:39:f4:7f:87:98:
fb:2b:ee:49:48:68:fb:92:92:f0:dc:3f:64:a0:da:b2:db:36:
f2:8d:87:37:bb:c6:e3:77:14:4e:e6:1a:8b:98:d3:d6:29:dd:
57:51:c6:b5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYoccZOECSI+g4SclyjWtp5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjMwODIyMDg1MTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGVlYjQzNzVjOWM5ZmMyYTUzNjMzNDY0MDY2YzQyYTUwOGY3ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimwYt89XBBeWZNJPvesr6lWi6rDV
zl9ErTNCoZeb4qBMtCFoiK8IvwuEUyD4at8gRilaL91B9221oAHJfB6vxc2sky1Y
PPlLEp9iH69qUNf8sgUbOD1P6tnx6IgT6vGiDf3uZhB47yGx8u+z7Uq5lctWoqJm
4f2F/xMTysmUb+ry5Mmgx2/b6wKaSBcgZsCPWK57t4Igr14jT+m3g929fI4hZy0a
314iMVeI42H5KxKmmJolUQhfLe8YQIcL+NF9ol330Z5h1ccy9IKT9ceXiwIi4UKa
6fTTyFJNTWk4EOx0P5wiKzoFxyeWHr38TflV5D05dUpOBDUPDEDyukuAXQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHDutDdcnJ/CpTYzRkBmxCpQj3+hMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvY082ME4xeWNuOEtsTmpOR1FHYkVLbENQZjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBLZvyMAwD
BADCj9kDBADCj9owDAMEAMKP3QMEBcKPwDAMAwQAw3LHAwQBw3LIAwQAw3LOMA0G
CSqGSIb3DQEBCwUAA4IBAQBccKHKglf6flQdxyJatdq+01AVIRUDvJU+Gn54jyV/
/IT7zK0b43AdltlyNf+lZFj/Q4BP7OEYq41eWy11p51PCJeMFaCUMD65GzxBlc+H
i6kT8n3swA8Dh1pwh2Xkk6M1bnpaMS986HVt8Op/7ege1Ft+WGkjBJ3jDKOJKFh0
0Pos9pSrcTni6uMNRK0L2Q36BmqlWgMP814lZeUF6bLv6+GhP9uxmUk8M+U0HVo4
VCZ5os/J6j02KHSKHN7g+dwNqJK0/h10HCAD9cmX9K6ZmqggOfR/h5j7K+5JSGj7
kpLw3D9koNqy2zbyjYc3u8bjdxRO5hqLmNPWKd1XUca1
-----END CERTIFICATE-----
Generated at Tue Oct 17 09:43:51 2023 by rpki-client on console-ams.rpki-client.org