Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/3R33ZODyAQUphcAE_SZv2ZX3X78.roa
File: 3R33ZODyAQUphcAE_SZv2ZX3X78.roa (raw, json)
Hash identifier: K6PRry2238DQtyQXqArTroSY5RGrabmd10O4b96A+9U=
Subject key identifier: DD:1D:F7:64:E0:F2:01:05:29:85:C0:04:FD:26:6F:D9:95:F7:5F:BF
Certificate issuer: /CN=2805857ba7bd5dc820c61626c63349e3b7faa7d3
Certificate serial: 01857102EA4BF156166CAA26FF7769AA9122
Authority key identifier: 28:05:85:7B:A7:BD:5D:C8:20:C6:16:26:C6:33:49:E3:B7:FA:A7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAWFe6e9XcggxhYmxjNJ47f6p9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/3R33ZODyAQUphcAE_SZv2ZX3X78.roa
Signing time: Mon 02 Jan 2023 05:44:54 +0000
ROA not before: Mon 02 Jan 2023 05:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208638
IP address blocks: 45.91.16.0/22 maxlen: 24
2a0e:e40::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:ea:4b:f1:56:16:6c:aa:26:ff:77:69:aa:91:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2805857ba7bd5dc820c61626c63349e3b7faa7d3
Validity
Not Before: Jan 2 05:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1df764e0f201052985c004fd266fd995f75fbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bb:6d:60:a8:2f:35:a7:62:d3:cc:9d:58:3b:
45:73:c3:b3:a5:59:b2:19:3a:0f:b7:dc:3c:13:a8:
25:b9:59:5b:08:d7:8f:b3:65:a3:5e:5f:2d:ed:36:
1d:aa:23:51:e5:23:d2:82:c1:36:bd:a8:6e:b3:0e:
b5:00:c5:44:b9:84:69:4c:01:ed:d3:0b:49:e5:ba:
1d:83:6c:7a:28:32:e5:80:ce:47:9a:e7:b8:ca:91:
60:df:ad:70:35:74:33:04:bd:c1:fa:34:6b:fe:76:
a1:86:11:8a:b3:38:85:c1:00:80:a9:00:26:de:69:
a9:de:d6:1f:68:8c:4f:e3:9e:58:bb:42:3c:1f:53:
5b:2c:39:05:84:78:f0:64:29:07:ee:59:05:f8:83:
cb:5c:f2:fa:9f:e8:1f:bf:e2:57:46:15:c2:db:0e:
01:23:70:18:69:f4:be:af:4e:99:86:2a:ce:34:4b:
f2:40:be:53:31:bc:c5:8f:fe:d4:47:ca:16:95:c7:
75:80:a2:69:3e:f9:80:4b:58:dd:40:47:b7:70:3f:
08:a6:47:ec:d1:fa:ec:4f:43:18:07:fd:35:27:d1:
a9:6a:3e:8e:fe:c0:7b:c9:3d:bf:ba:65:4d:c0:a3:
48:cc:ee:b3:ee:0f:48:ea:92:82:64:fb:b3:11:90:
dc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1D:F7:64:E0:F2:01:05:29:85:C0:04:FD:26:6F:D9:95:F7:5F:BF
X509v3 Authority Key Identifier:
keyid:28:05:85:7B:A7:BD:5D:C8:20:C6:16:26:C6:33:49:E3:B7:FA:A7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAWFe6e9XcggxhYmxjNJ47f6p9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/3R33ZODyAQUphcAE_SZv2ZX3X78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/35a19e-edab-44c9-916a-16b5ebdd2040/1/KAWFe6e9XcggxhYmxjNJ47f6p9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.16.0/22
IPv6:
2a0e:e40::/29
Signature Algorithm: sha256WithRSAEncryption
80:0a:4f:03:0e:c9:06:48:f1:71:31:2f:c3:a7:fe:c6:bc:c5:
7c:10:65:ce:af:c5:6a:3e:2f:f7:c0:a8:86:c8:5a:dd:6e:0b:
91:1a:62:f1:94:a9:84:af:f8:b6:3e:d4:2e:4b:0d:20:b8:5a:
c8:78:2d:30:40:c0:63:d6:e0:bd:74:46:6e:82:ba:98:f5:02:
9e:55:28:f0:0f:07:02:03:c2:85:38:17:76:e9:ea:19:05:f8:
1e:b1:03:d8:ac:71:50:1e:c8:5c:46:4d:da:12:2a:3f:b9:1b:
9c:12:d1:35:da:6e:5c:a2:18:9c:26:6b:7a:56:0b:d1:82:e0:
e2:28:b9:fb:8d:e4:a4:90:b9:79:fe:07:72:62:7c:24:d1:c4:
ae:5b:72:de:aa:5f:ea:ae:76:3d:dd:98:fe:26:ad:72:05:cb:
9b:8c:b2:a5:40:21:c2:88:33:06:c0:c5:41:6e:1e:7f:59:44:
4f:69:82:1d:84:a7:a2:3e:72:10:ff:e3:0e:0a:84:d3:1f:9e:
69:8e:81:59:04:83:4a:0f:12:64:4e:02:e7:1b:61:25:9f:1d:
4a:bb:f9:79:31:a0:a4:f3:a9:be:f8:50:03:c6:b8:f2:2a:d8:
06:db:36:0a:32:b3:1b:54:44:0c:f7:4f:81:96:85:a9:e9:8a:
f5:49:49:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxAupL8VYWbKom/3dpqpEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDU4NTdiYTdiZDVkYzgyMGM2MTYyNmM2MzM0OWUzYjdm
YWE3ZDMwHhcNMjMwMTAyMDU0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFkZjc2NGUwZjIwMTA1Mjk4NWMwMDRmZDI2NmZkOTk1Zjc1ZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7ttYKgvNadi08ydWDtFc8OzpVmy
GToPt9w8E6gluVlbCNePs2WjXl8t7TYdqiNR5SPSgsE2vahusw61AMVEuYRpTAHt
0wtJ5bodg2x6KDLlgM5Hmue4ypFg361wNXQzBL3B+jRr/nahhhGKsziFwQCAqQAm
3mmp3tYfaIxP455Yu0I8H1NbLDkFhHjwZCkH7lkF+IPLXPL6n+gfv+JXRhXC2w4B
I3AYafS+r06ZhirONEvyQL5TMbzFj/7UR8oWlcd1gKJpPvmAS1jdQEe3cD8Ipkfs
0frsT0MYB/01J9Gpaj6O/sB7yT2/umVNwKNIzO6z7g9I6pKCZPuzEZDc4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN0d92Tg8gEFKYXABP0mb9mV91+/MB8GA1UdIwQY
MBaAFCgFhXunvV3IIMYWJsYzSeO3+qfTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FXRmU2ZTlYY2dneGhZbXhqTko0N2Y2cDlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8zNWExOWUtZWRhYi00NGM5LTkxNmEt
MTZiNWViZGQyMDQwLzEvM1IzM1pPRHlBUVVwaGNBRV9TWnYyWlgzWDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8zNWExOWUtZWRhYi00NGM5LTkxNmEtMTZiNWViZGQyMDQw
LzEvS0FXRmU2ZTlYY2dneGhZbXhqTko0N2Y2cDlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVsQMA0E
AgACMAcDBQMqDg5AMA0GCSqGSIb3DQEBCwUAA4IBAQCACk8DDskGSPFxMS/Dp/7G
vMV8EGXOr8VqPi/3wKiGyFrdbguRGmLxlKmEr/i2PtQuSw0guFrIeC0wQMBj1uC9
dEZugrqY9QKeVSjwDwcCA8KFOBd26eoZBfgesQPYrHFQHshcRk3aEio/uRucEtE1
2m5cohicJmt6VgvRguDiKLn7jeSkkLl5/gdyYnwk0cSuW3Leql/qrnY93Zj+Jq1y
BcubjLKlQCHCiDMGwMVBbh5/WURPaYIdhKeiPnIQ/+MOCoTTH55pjoFZBINKDxJk
TgLnG2Elnx1Ku/l5MaCk86m++FADxrjyKtgG2zYKMrMbVEQM90+BloWp6Yr1SUkV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:34 2024 by rpki-client on console-fra.rpki-client.org