Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/B29KXbdy-KwapqCYIzfUR9FCEBM.roa
File: B29KXbdy-KwapqCYIzfUR9FCEBM.roa (raw, json)
Hash identifier: 27KH6p6T8Eu0guhx767TSX7sl9CnYmCvMAbSQaRHeaI=
Subject key identifier: 07:6F:4A:5D:B7:72:F8:AC:1A:A6:A0:98:23:37:D4:47:D1:42:10:13
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0189B57C71443B0B4EBD46223CAE9CBE4994
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/B29KXbdy-KwapqCYIzfUR9FCEBM.roa
Signing time: Wed 02 Aug 2023 09:02:58 +0000
ROA not before: Wed 02 Aug 2023 09:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 45.95.172.0/22 maxlen: 22
45.95.172.0/24 maxlen: 24
45.95.174.0/24 maxlen: 24
45.95.173.0/24 maxlen: 24
45.95.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:7c:71:44:3b:0b:4e:bd:46:22:3c:ae:9c:be:49:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 2 09:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=076f4a5db772f8ac1aa6a0982337d447d1421013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0e:f0:bd:49:a3:14:d1:c5:f6:b1:88:a2:4a:
16:82:13:6a:d5:3d:9a:92:30:6d:08:bd:e7:18:1c:
e9:10:dc:64:ad:30:eb:5b:77:68:44:2c:c4:15:7b:
d3:9a:1e:81:3c:1b:e8:7a:31:b8:7a:4b:b9:b6:e5:
c9:de:b2:b3:92:30:2b:b7:4d:a0:62:33:2a:33:a5:
53:30:a2:15:c7:5b:fc:b2:8b:ba:13:65:d8:ba:9e:
89:09:aa:08:18:70:dd:9a:af:bf:cd:44:5f:f5:6a:
0b:b3:b2:eb:f8:52:dc:db:ed:68:25:09:1e:eb:c4:
0d:c9:10:81:e5:a0:2a:8f:04:b1:c5:2f:1d:14:72:
3e:ea:61:ba:87:9e:a6:1f:b3:91:cd:93:ca:05:18:
82:21:3a:dc:1f:78:2c:43:43:f7:03:36:ef:33:0c:
80:28:36:f8:19:1e:ee:64:b7:2e:f6:cb:92:6d:c0:
7b:83:5b:24:bc:c6:2b:70:fc:17:cf:74:10:3c:a5:
60:05:d1:79:08:e2:6a:77:c3:c1:69:64:31:e6:bf:
18:31:6a:95:b6:42:9d:5e:13:1f:c6:de:01:dc:00:
57:4f:dc:40:52:3f:2d:5b:ce:6d:42:03:1f:20:15:
e7:c0:86:e8:37:a4:30:fe:83:ca:c1:ba:24:3a:c9:
8f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:6F:4A:5D:B7:72:F8:AC:1A:A6:A0:98:23:37:D4:47:D1:42:10:13
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/B29KXbdy-KwapqCYIzfUR9FCEBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.172.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:79:bd:03:f8:7e:4c:fe:b1:64:f6:76:70:e4:85:35:38:b9:
ce:cb:bb:25:11:54:e6:c2:8b:fb:64:7b:8b:6f:22:2b:aa:0e:
bd:0b:56:b5:71:8c:fb:95:39:48:29:15:10:85:05:bb:46:be:
e7:8b:73:0e:67:07:9f:50:cd:0a:97:ff:e6:ab:bd:3c:1c:c9:
89:9a:25:92:e0:ba:e6:01:37:2f:3e:69:e6:bc:4f:fd:7f:c5:
3c:59:23:74:c7:58:ed:5c:d5:8f:7a:cb:2d:23:24:fa:86:ab:
70:46:6a:43:cc:9e:2c:17:3f:2b:8c:86:fd:5e:eb:e0:36:b8:
1f:c1:b1:8b:ab:96:6e:93:2a:9a:1e:80:a4:c4:6f:b3:8a:2d:
d6:dc:ab:96:85:7a:ac:ae:20:05:e2:e2:36:39:f7:9e:60:c1:
c9:c8:46:b8:f2:17:66:10:2f:12:48:86:14:01:fb:95:14:db:
ec:56:57:3e:48:7a:fd:a8:f2:29:a8:cb:f5:d2:c1:29:9e:b8:
eb:06:bb:77:8c:5a:df:42:5d:c9:72:07:60:ca:13:f4:73:59:
cd:b9:4d:2e:39:24:a9:d7:08:4d:0e:12:98:b0:53:cd:d8:35:
76:2b:e2:91:4c:73:92:19:7e:c3:61:ed:d4:99:84:27:a9:eb:
a0:55:f6:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm1fHFEOwtOvUYiPK6cvkmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODAyMDkwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzZmNGE1ZGI3NzJmOGFjMWFhNmEwOTgyMzM3ZDQ0N2QxNDIxMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApg7wvUmjFNHF9rGIokoWghNq1T2a
kjBtCL3nGBzpENxkrTDrW3doRCzEFXvTmh6BPBvoejG4eku5tuXJ3rKzkjArt02g
YjMqM6VTMKIVx1v8sou6E2XYup6JCaoIGHDdmq+/zURf9WoLs7Lr+FLc2+1oJQke
68QNyRCB5aAqjwSxxS8dFHI+6mG6h56mH7ORzZPKBRiCITrcH3gsQ0P3AzbvMwyA
KDb4GR7uZLcu9suSbcB7g1skvMYrcPwXz3QQPKVgBdF5COJqd8PBaWQx5r8YMWqV
tkKdXhMfxt4B3ABXT9xAUj8tW85tQgMfIBXnwIboN6Qw/oPKwbokOsmPfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdvSl23cvisGqagmCM31EfRQhATMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvQjI5S1hiZHktS3dhcHFDWUl6ZlVSOUZDRUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV+sMA0G
CSqGSIb3DQEBCwUAA4IBAQBPeb0D+H5M/rFk9nZw5IU1OLnOy7slEVTmwov7ZHuL
byIrqg69C1a1cYz7lTlIKRUQhQW7Rr7ni3MOZwefUM0Kl//mq708HMmJmiWS4Lrm
ATcvPmnmvE/9f8U8WSN0x1jtXNWPesstIyT6hqtwRmpDzJ4sFz8rjIb9XuvgNrgf
wbGLq5ZukyqaHoCkxG+zii3W3KuWhXqsriAF4uI2OfeeYMHJyEa48hdmEC8SSIYU
AfuVFNvsVlc+SHr9qPIpqMv10sEpnrjrBrt3jFrfQl3JcgdgyhP0c1nNuU0uOSSp
1whNDhKYsFPN2DV2K+KRTHOSGX7DYe3UmYQnqeugVfaB
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:24 2024 by rpki-client on console-ams.rpki-client.org