Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/KQGsgw79kCJZr7CL_XvBw4ZPS-Y.roa
File: KQGsgw79kCJZr7CL_XvBw4ZPS-Y.roa (raw, json)
Hash identifier: MH3GnahS5huaQetx6doIQReZM2QeFDzs6VHszEwGJmY=
Subject key identifier: 29:01:AC:83:0E:FD:90:22:59:AF:B0:8B:FD:7B:C1:C3:86:4F:4B:E6
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0189CF52346D6C970648E849A49F0CBDE43F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/KQGsgw79kCJZr7CL_XvBw4ZPS-Y.roa
Signing time: Mon 07 Aug 2023 09:26:58 +0000
ROA not before: Mon 07 Aug 2023 09:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12348
IP address blocks: 45.145.227.0/24 maxlen: 24
45.86.153.0/24 maxlen: 24
204.11.0.0/24 maxlen: 24
45.134.111.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:52:34:6d:6c:97:06:48:e8:49:a4:9f:0c:bd:e4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 7 09:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2901ac830efd902259afb08bfd7bc1c3864f4be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c3:ae:b9:bc:d9:e8:4f:5f:fa:2d:6f:20:3f:
bc:6b:a7:fd:61:ce:af:41:2a:ea:9d:aa:26:f0:23:
0f:cd:ee:9d:df:03:94:d2:f1:b6:01:dd:ad:24:8e:
3a:11:8a:28:3c:2d:d7:e8:93:1c:69:b1:9a:a7:b4:
cd:9d:fa:f5:1c:21:ce:ae:69:2d:71:5d:95:1f:7f:
c2:83:57:2d:34:e1:0a:5e:61:ab:22:15:75:d3:a5:
9a:03:94:9a:b8:e4:72:9a:ac:7e:d6:4c:a0:bc:a1:
74:39:1c:3d:1a:84:9d:f8:0c:40:54:e8:df:56:f2:
b0:72:0e:51:d4:b7:0c:bf:bb:bf:0f:b2:2a:96:38:
83:8c:3a:a8:82:82:dc:76:14:46:d5:96:5e:c3:e6:
d2:e7:d6:72:b0:53:a8:e5:83:95:20:1d:61:f6:d6:
67:98:8b:f7:b1:b4:8a:76:07:06:ad:3c:7d:2d:ca:
ba:41:97:67:6d:1a:7d:3b:c8:2a:52:bd:4e:e7:25:
58:7b:b7:5f:0f:2c:7e:ff:d2:ce:5a:c3:5c:77:44:
13:e6:01:ca:02:cc:40:a4:81:6a:1b:ca:9b:ed:ae:
1a:15:6f:7d:b3:ef:b0:89:83:23:90:72:e5:69:20:
e3:24:3c:e5:20:c6:9c:5a:8c:c3:5a:da:4c:56:a9:
d1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:01:AC:83:0E:FD:90:22:59:AF:B0:8B:FD:7B:C1:C3:86:4F:4B:E6
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/KQGsgw79kCJZr7CL_XvBw4ZPS-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.153.0/24
45.134.111.0/24
45.145.227.0/24
204.11.0.0/24
Signature Algorithm: sha256WithRSAEncryption
20:35:ad:33:33:bf:f5:65:f6:65:fd:04:0f:24:b1:1e:b2:5a:
48:a2:61:62:51:d1:c0:11:b0:45:31:18:8c:9f:01:bb:85:ca:
dd:ca:db:9a:6b:1a:3d:5d:12:13:32:50:83:9b:52:14:fc:5f:
ef:ef:74:d6:0d:73:b4:34:43:12:e6:5e:d5:a9:da:2e:ec:af:
81:d7:ef:c8:b3:7e:8a:45:81:14:65:e8:a5:3c:58:8e:18:7e:
c8:a7:fd:5c:29:a6:02:fe:e7:ad:b5:ba:f3:0e:97:f8:a5:e3:
b8:6d:5a:c5:4f:b4:af:23:a8:2a:60:ae:37:ef:d4:cb:e6:ba:
38:bd:2b:e2:a7:84:d9:4c:80:00:1d:d5:73:38:9e:d6:d5:35:
b7:5c:e1:b4:d2:95:22:01:48:4f:a2:2d:26:54:51:a2:a2:c9:
39:5a:3a:da:cb:b0:2b:f0:b7:aa:e5:6c:92:89:1a:bd:a1:56:
2c:25:d9:05:d5:0f:b6:ef:8d:0c:49:80:ec:05:bc:d8:a0:16:
67:5d:4f:61:a8:1e:25:6e:37:8b:02:6f:1f:ed:26:26:8e:5b:
5f:47:31:61:91:00:11:34:f9:ec:fb:a3:93:59:ec:3f:54:b5:
d7:c4:5a:40:4c:75:2e:96:ba:9c:f6:89:ee:67:2e:18:e6:35:
66:b7:ab:f6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYnPUjRtbJcGSOhJpJ8MveQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwODA3MDkyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAxYWM4MzBlZmQ5MDIyNTlhZmIwOGJmZDdiYzFjMzg2NGY0YmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsOuubzZ6E9f+i1vID+8a6f9Yc6v
QSrqnaom8CMPze6d3wOU0vG2Ad2tJI46EYooPC3X6JMcabGap7TNnfr1HCHOrmkt
cV2VH3/Cg1ctNOEKXmGrIhV106WaA5SauORymqx+1kygvKF0ORw9GoSd+AxAVOjf
VvKwcg5R1LcMv7u/D7IqljiDjDqogoLcdhRG1ZZew+bS59ZysFOo5YOVIB1h9tZn
mIv3sbSKdgcGrTx9Lcq6QZdnbRp9O8gqUr1O5yVYe7dfDyx+/9LOWsNcd0QT5gHK
AsxApIFqG8qb7a4aFW99s++wiYMjkHLlaSDjJDzlIMacWozDWtpMVqnRQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCkBrIMO/ZAiWa+wi/17wcOGT0vmMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvS1FHc2d3NzlrQ0pacjdDTF9YdkJ3NFpQUy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVaZAwQA
LYZvAwQALZHjAwQAzAsAMA0GCSqGSIb3DQEBCwUAA4IBAQAgNa0zM7/1ZfZl/QQP
JLEeslpIomFiUdHAEbBFMRiMnwG7hcrdytuaaxo9XRITMlCDm1IU/F/v73TWDXO0
NEMS5l7Vqdou7K+B1+/Is36KRYEUZeilPFiOGH7Ip/1cKaYC/uettbrzDpf4peO4
bVrFT7SvI6gqYK4379TL5ro4vSvip4TZTIAAHdVzOJ7W1TW3XOG00pUiAUhPoi0m
VFGiosk5Wjray7Ar8Leq5WySiRq9oVYsJdkF1Q+2740MSYDsBbzYoBZnXU9hqB4l
bjeLAm8f7SYmjltfRzFhkQARNPns+6OTWew/VLXXxFpATHUulrqc9onuZy4Y5jVm
t6v2
-----END CERTIFICATE-----
Generated at Mon Dec 11 17:08:21 2023 by rpki-client on console-fra.rpki-client.org