Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/EWb8SUfkZXT_dNpQzlQh8xWwv3A.roa
File: EWb8SUfkZXT_dNpQzlQh8xWwv3A.roa (raw, json)
Hash identifier: yM5im+wIlYbJR9H6rhZCzH/pRA4kRBaMW17BYncN0jc=
Subject key identifier: 11:66:FC:49:47:E4:65:74:FF:74:DA:50:CE:54:21:F3:15:B0:BF:70
Certificate issuer: /CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Certificate serial: 01856C783A5E733B72BD9EDE2D244D4C4BE3
Authority key identifier: BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/EWb8SUfkZXT_dNpQzlQh8xWwv3A.roa
Signing time: Sun 01 Jan 2023 08:34:56 +0000
ROA not before: Sun 01 Jan 2023 08:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39855
IP address blocks: 45.141.212.0/23 maxlen: 24
79.143.138.0/24 maxlen: 24
79.143.136.0/24 maxlen: 24
45.135.168.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:3a:5e:73:3b:72:bd:9e:de:2d:24:4d:4c:4b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa7b4c01e929c38923981ab51c9727a1f9f07e
Validity
Not Before: Jan 1 08:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1166fc4947e46574ff74da50ce5421f315b0bf70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:e4:81:28:76:7b:70:eb:b2:0b:82:02:a4:
87:49:2a:2b:e4:e1:93:22:d1:2f:67:23:95:07:4b:
e4:63:4f:48:dd:ae:a7:38:77:a1:db:84:f4:fc:e6:
6f:cd:8c:b4:f3:dd:da:d0:14:08:ea:8d:b4:f3:60:
6c:e7:e1:76:81:9c:e3:61:06:6c:78:0e:f9:0a:76:
56:d8:c9:99:3b:34:2f:da:85:e4:68:b9:f2:f4:3e:
88:ad:96:6a:ca:64:de:2b:a7:60:fc:33:5c:03:85:
a3:9c:be:d8:c0:1c:30:70:50:f1:3b:bb:a9:80:3e:
75:1c:d9:be:e3:9b:63:e3:56:36:76:90:6f:14:9f:
ef:52:d6:13:af:5e:f8:2f:64:8f:f9:af:68:e6:1e:
ef:66:d7:be:ff:d5:e8:ca:61:7f:7c:03:24:b5:46:
47:a8:24:7a:75:c8:26:1e:a5:5a:f2:53:0e:48:a7:
10:53:27:93:e1:86:5b:99:04:ae:b5:54:b9:d7:c9:
37:6a:ee:e9:7c:3d:01:a1:84:92:1e:76:d4:4d:a5:
5d:7c:5f:13:72:81:26:22:5a:37:25:c6:05:2f:54:
5e:0e:0f:cd:27:2d:d3:1e:bd:ca:9c:7e:0c:7d:11:
5e:80:23:fa:e2:89:a2:33:62:60:2f:f2:a1:f7:8c:
bf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:66:FC:49:47:E4:65:74:FF:74:DA:50:CE:54:21:F3:15:B0:BF:70
X509v3 Authority Key Identifier:
keyid:BA:AA:7B:4C:01:E9:29:C3:89:23:98:1A:B5:1C:97:27:A1:F9:F0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp7TAHpKcOJI5gatRyXJ6H58H4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/EWb8SUfkZXT_dNpQzlQh8xWwv3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ab9e70-489a-4088-b28e-e68f6cf2c0d2/1/uqp7TAHpKcOJI5gatRyXJ6H58H4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.168.0/22
45.141.212.0/23
79.143.136.0/24
79.143.138.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:a1:6c:df:e6:57:a3:1c:fc:db:dd:73:6b:a5:d2:83:04:bd:
30:b9:5c:52:3f:db:b9:e1:d8:80:af:8b:f7:6d:99:b1:9c:ad:
a1:fa:04:b2:7c:a9:ad:ea:d7:cf:ff:f1:3b:de:3f:f2:bc:33:
31:6d:ab:f9:db:5f:63:df:e6:61:79:4c:1f:cf:17:b9:64:d2:
3c:a4:13:ea:89:f4:a7:dc:84:45:0f:8a:c6:17:52:b6:c7:b6:
b4:fa:41:21:eb:87:74:ff:80:52:c2:5e:36:54:1b:f3:d2:f7:
99:d4:48:dd:dd:a8:f7:7e:55:f4:68:50:e4:cb:76:af:31:11:
b1:6c:83:86:5d:24:96:f9:c5:bc:6a:4a:d3:5d:4f:cb:c9:e6:
17:58:7b:5f:83:09:49:f9:4e:5a:46:a0:07:0d:76:51:88:52:
6c:e9:8d:2a:80:ac:c2:44:70:5d:2d:b5:ab:d3:b3:f5:45:43:
54:44:05:4f:ff:3f:48:5d:5e:d4:6e:f9:84:56:fc:31:f5:b3:
24:d4:81:1c:ff:24:51:5c:6d:1e:02:22:eb:ea:a0:4d:5d:58:
5d:f0:5e:ef:8b:be:da:63:1e:15:ca:f9:84:03:cd:c6:6e:19:
0d:94:74:cf:26:e3:fd:ed:78:0f:5b:2e:a5:76:c2:9c:e8:01:
89:47:aa:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVseDpecztyvZ7eLSRNTEvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3YjRjMDFlOTI5YzM4OTIzOTgxYWI1MWM5NzI3YTFm
OWYwN2UwHhcNMjMwMTAxMDgzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY2ZmM0OTQ3ZTQ2NTc0ZmY3NGRhNTBjZTU0MjFmMzE1YjBiZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxafkgSh2e3DrsguCAqSHSSor5OGT
ItEvZyOVB0vkY09I3a6nOHeh24T0/OZvzYy0893a0BQI6o2082Bs5+F2gZzjYQZs
eA75CnZW2MmZOzQv2oXkaLny9D6IrZZqymTeK6dg/DNcA4WjnL7YwBwwcFDxO7up
gD51HNm+45tj41Y2dpBvFJ/vUtYTr174L2SP+a9o5h7vZte+/9XoymF/fAMktUZH
qCR6dcgmHqVa8lMOSKcQUyeT4YZbmQSutVS518k3au7pfD0BoYSSHnbUTaVdfF8T
coEmIlo3JcYFL1ReDg/NJy3THr3KnH4MfRFegCP64omiM2JgL/Kh94y/1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBFm/ElH5GV0/3TaUM5UIfMVsL9wMB8GA1UdIwQY
MBaAFLqqe0wB6SnDiSOYGrUclyeh+fB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUt
ZTY4ZjZjZjJjMGQyLzEvRVdiOFNVZmtaWFRfZE5wUXpsUWg4eFd3djNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYjllNzAtNDg5YS00MDg4LWIyOGUtZTY4ZjZjZjJjMGQy
LzEvdXFwN1RBSHBLY09KSTVnYXRSeVhKNkg1OEg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYeoAwQB
LY3UAwQAT4+IAwQAT4+KMA0GCSqGSIb3DQEBCwUAA4IBAQCtoWzf5lejHPzb3XNr
pdKDBL0wuVxSP9u54diAr4v3bZmxnK2h+gSyfKmt6tfP//E73j/yvDMxbav5219j
3+ZheUwfzxe5ZNI8pBPqifSn3IRFD4rGF1K2x7a0+kEh64d0/4BSwl42VBvz0veZ
1Ejd3aj3flX0aFDky3avMRGxbIOGXSSW+cW8akrTXU/LyeYXWHtfgwlJ+U5aRqAH
DXZRiFJs6Y0qgKzCRHBdLbWr07P1RUNURAVP/z9IXV7UbvmEVvwx9bMk1IEc/yRR
XG0eAiLr6qBNXVhd8F7vi77aYx4VyvmEA83GbhkNlHTPJuP97XgPWy6ldsKc6AGJ
R6qj
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:22 2024 by rpki-client on console-fra.rpki-client.org