Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/L--Kqghiue9ymrnkoqGY-nGmBHo.roa
File: L--Kqghiue9ymrnkoqGY-nGmBHo.roa (raw, json)
Hash identifier: aSFqGWgzMrB1UDXka7F94Su1CXfNS0PZcWxFvT0H+Ik=
Subject key identifier: 2F:EF:8A:AA:08:62:B9:EF:72:9A:B9:E4:A2:A1:98:FA:71:A6:04:7A
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018C93218B786B30F5061021DA111E03F418
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/L--Kqghiue9ymrnkoqGY-nGmBHo.roa
Signing time: Fri 22 Dec 2023 20:04:58 +0000
ROA not before: Fri 22 Dec 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51714
IP address blocks: 45.86.158.0/24 maxlen: 24
192.144.33.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:93:21:8b:78:6b:30:f5:06:10:21:da:11:1e:03:f4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Dec 22 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fef8aaa0862b9ef729ab9e4a2a198fa71a6047a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d0:97:63:ce:c4:c0:df:74:58:a7:76:5e:a1:
52:e4:9c:a1:24:b7:68:b7:7e:c9:08:70:f1:d7:7e:
70:25:2a:8b:04:de:1d:7b:9a:2c:a5:72:40:61:e2:
13:fc:61:b2:41:e9:ad:c2:1d:ae:20:c9:29:86:91:
6d:e4:7a:d2:72:ed:e9:b0:0c:bf:d6:7e:c6:75:b0:
cb:02:6b:4d:39:b5:44:1d:32:3f:d9:dc:f7:ea:cd:
e7:4f:ee:6d:07:ab:dd:21:ec:d2:ca:7e:9f:33:50:
d1:86:e0:d9:3c:c8:3d:85:97:6f:5e:31:fc:d3:da:
cf:1c:78:46:cf:1d:24:1f:b6:cb:b5:4f:2e:d5:c1:
f5:21:d9:a6:6c:77:8c:a9:61:a3:cd:89:08:d1:75:
51:ce:01:41:23:b8:c6:7c:4a:7b:b3:19:9f:8f:68:
31:c5:ba:8c:3b:6a:b6:fc:20:dd:6b:2d:e2:d9:11:
8b:d3:5c:44:3e:f8:ae:6a:38:25:62:c8:b0:59:1d:
12:f6:55:c5:80:00:4e:06:48:66:18:15:6b:60:c3:
de:09:94:88:24:5c:ab:1e:c3:0c:85:f9:30:58:e0:
36:82:1e:dc:79:48:25:1c:80:38:b9:7b:e1:98:32:
ee:52:9a:e2:40:c5:55:48:fe:13:3b:04:33:b6:7d:
e4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EF:8A:AA:08:62:B9:EF:72:9A:B9:E4:A2:A1:98:FA:71:A6:04:7A
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/L--Kqghiue9ymrnkoqGY-nGmBHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.158.0/24
192.144.33.0-192.144.34.255
IPv6:
2a09:ff00:103::/48
Signature Algorithm: sha256WithRSAEncryption
45:4b:1d:75:e3:15:9e:26:5a:67:a1:23:d5:cf:5d:33:9f:34:
3c:a7:3e:a7:88:1b:49:39:09:5a:9d:e0:7c:bb:7c:12:de:33:
ae:58:f7:95:ca:f6:70:08:fc:83:ca:6a:81:4c:75:d5:3b:0a:
23:fa:a6:52:10:e5:1e:08:3a:e9:dc:38:28:75:d2:49:8d:c9:
ee:34:9f:e6:60:b7:48:1f:92:ba:31:f2:02:5c:9b:85:e0:41:
d4:dd:dd:9f:e6:28:78:82:30:07:2c:82:02:5a:a9:06:6f:34:
79:74:42:24:fd:03:4a:fe:e7:b4:ad:7c:e6:62:55:f8:c5:8b:
6c:3e:86:9a:88:97:8c:98:af:12:d7:c8:a0:f1:a1:2c:ee:a3:
41:5a:08:fc:da:2f:99:27:46:0f:7f:62:15:dd:23:3e:7f:c4:
aa:6e:de:ec:38:85:81:2a:0c:b5:c8:1d:f5:fb:39:d3:e2:f9:
66:71:d9:e5:0f:f7:c2:9f:ba:c4:e7:9f:69:e9:3d:ed:f7:ec:
87:3d:0b:07:ad:de:b2:dc:cd:a0:09:57:2c:97:bc:af:3b:44:
b5:f9:87:c0:b4:c8:e7:5d:ba:01:52:82:ba:c4:e3:27:c5:c9:
df:9e:c5:9d:70:6c:be:65:20:44:a0:58:8d:64:24:dd:9b:be:
23:68:c0:52
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYyTIYt4azD1BhAh2hEeA/QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMxMjIyMjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVmOGFhYTA4NjJiOWVmNzI5YWI5ZTRhMmExOThmYTcxYTYwNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9CXY87EwN90WKd2XqFS5JyhJLdo
t37JCHDx135wJSqLBN4de5ospXJAYeIT/GGyQemtwh2uIMkphpFt5HrScu3psAy/
1n7GdbDLAmtNObVEHTI/2dz36s3nT+5tB6vdIezSyn6fM1DRhuDZPMg9hZdvXjH8
09rPHHhGzx0kH7bLtU8u1cH1IdmmbHeMqWGjzYkI0XVRzgFBI7jGfEp7sxmfj2gx
xbqMO2q2/CDday3i2RGL01xEPviuajglYsiwWR0S9lXFgABOBkhmGBVrYMPeCZSI
JFyrHsMMhfkwWOA2gh7ceUglHIA4uXvhmDLuUpriQMVVSP4TOwQztn3kewIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFC/viqoIYrnvcpq55KKhmPpxpgR6MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvTC0tS3FnaGl1ZTl5bXJua29xR1ktbkdtQkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQALVaeMAwD
BADAkCEDBADAkCIwDwQCAAIwCQMHACoJ/wABAzANBgkqhkiG9w0BAQsFAAOCAQEA
RUsddeMVniZaZ6Ej1c9dM580PKc+p4gbSTkJWp3gfLt8Et4zrlj3lcr2cAj8g8pq
gUx11TsKI/qmUhDlHgg66dw4KHXSSY3J7jSf5mC3SB+SujHyAlybheBB1N3dn+Yo
eIIwByyCAlqpBm80eXRCJP0DSv7ntK185mJV+MWLbD6GmoiXjJivEtfIoPGhLO6j
QVoI/NovmSdGD39iFd0jPn/Eqm7e7DiFgSoMtcgd9fs50+L5ZnHZ5Q/3wp+6xOef
aek97ffshz0LB63estzNoAlXLJe8rztEtfmHwLTI5126AVKCusTjJ8XJ357FnXBs
vmUgRKBYjWQk3Zu+I2jAUg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:23 2024 by rpki-client on console-fra.rpki-client.org