Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/AIJD0iAxWeACdXCtczThuowYXJI.roa
File: AIJD0iAxWeACdXCtczThuowYXJI.roa (raw, json)
Hash identifier: Lg4UMtDRNEi2hyV+lvriBZWRlIPOS/6/ZYo8VCkuiYw=
Subject key identifier: 00:82:43:D2:20:31:59:E0:02:75:70:AD:73:34:E1:BA:8C:18:5C:92
Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial: 0189C6AC74CCDD8DABE964EF199FD740151C
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/AIJD0iAxWeACdXCtczThuowYXJI.roa
Signing time: Sat 05 Aug 2023 17:08:58 +0000
ROA not before: Sat 05 Aug 2023 17:08:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.147.71.0/24 maxlen: 24
45.147.68.0/23 maxlen: 23
45.147.70.0/24 maxlen: 24
45.135.136.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c6:ac:74:cc:dd:8d:ab:e9:64:ef:19:9f:d7:40:15:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Validity
Not Before: Aug 5 17:08:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=008243d2203159e0027570ad7334e1ba8c185c92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7f:10:31:ba:27:1a:f6:1d:ee:76:a5:10:3b:
67:db:17:52:a3:1c:4f:d4:20:02:bf:e2:a5:34:eb:
1c:3a:12:ad:12:c7:b9:e8:16:55:71:1c:1e:d8:e8:
63:95:6f:c0:18:a1:0d:b8:f8:01:b1:96:ce:4c:87:
65:8e:db:70:31:ed:35:6f:1f:e3:b9:51:1a:2b:96:
6e:28:5c:a0:78:27:8a:27:53:ab:f1:35:96:1c:1b:
89:d3:ee:dd:e6:df:d6:e0:15:f6:20:4a:c9:2d:3c:
ed:98:cb:59:12:dc:45:c1:31:39:30:a4:18:ec:99:
ed:46:42:90:12:44:95:a7:b3:9f:ca:44:9f:30:ed:
ba:17:45:46:70:c5:36:55:6d:21:27:0d:28:7f:5e:
a1:18:15:89:92:44:52:bd:92:88:44:b3:eb:b7:1c:
b6:21:85:04:d8:ee:50:50:db:a5:8a:1f:55:f3:d3:
45:d8:b9:a7:ce:4c:7c:7a:d9:0b:d1:fd:6b:49:db:
dc:99:86:35:e9:4a:85:7f:d5:9c:e4:b9:5b:e2:2a:
26:bc:1f:56:31:d8:50:62:d7:d9:46:5f:a2:00:f8:
e3:6d:5a:1e:5f:c2:9d:1c:90:9f:37:9c:19:12:57:
74:f3:8b:60:fc:7e:ba:8a:d1:21:c0:38:4a:e4:13:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:82:43:D2:20:31:59:E0:02:75:70:AD:73:34:E1:BA:8C:18:5C:92
X509v3 Authority Key Identifier:
keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/AIJD0iAxWeACdXCtczThuowYXJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.136.0/24
45.147.68.0/22
Signature Algorithm: sha256WithRSAEncryption
58:ef:19:2b:a9:b8:9e:f4:19:71:24:ed:d0:aa:63:b7:27:4e:
39:7f:8e:ff:5e:1f:a7:9b:24:0f:ff:e7:c8:71:15:1f:aa:43:
d4:84:88:fe:94:c2:73:ee:74:82:e7:16:af:5c:6d:55:9f:7d:
33:5f:d1:79:33:8f:37:f9:de:a8:7b:21:56:25:bb:ce:80:36:
63:95:c7:11:3d:0c:33:b4:76:7f:86:ff:21:37:72:6c:ab:15:
13:fc:3b:41:07:31:de:a3:6e:7a:c2:ae:e0:d5:7a:aa:6f:24:
fc:64:f2:99:52:78:85:41:50:da:2e:41:c1:3e:d1:ef:e0:3c:
04:c3:33:cd:3c:9a:01:29:ee:e3:71:91:e5:e9:a9:f1:5e:d9:
6a:22:75:ce:5d:51:5f:8a:29:c4:41:87:e5:4c:bc:0a:aa:dd:
3e:52:97:62:25:72:2f:82:67:0e:75:30:80:05:f1:30:da:63:
9a:d6:ad:c6:79:3a:59:41:e7:bc:2f:cb:a9:40:8b:28:1f:56:
0d:17:d1:01:5e:12:42:4c:32:aa:39:c6:f3:68:ab:c8:a5:0a:
4c:d0:bb:d1:6b:76:68:77:ca:8b:e7:13:68:3f:ab:07:5c:c7:
0c:6c:2d:a9:20:31:66:c5:dc:60:c6:0e:b9:f9:fe:c0:84:7b:
02:ad:a3:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnGrHTM3Y2r6WTvGZ/XQBUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjMwODA1MTcwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDgyNDNkMjIwMzE1OWUwMDI3NTcwYWQ3MzM0ZTFiYThjMTg1YzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm38QMbonGvYd7nalEDtn2xdSoxxP
1CACv+KlNOscOhKtEse56BZVcRwe2OhjlW/AGKENuPgBsZbOTIdljttwMe01bx/j
uVEaK5ZuKFygeCeKJ1Or8TWWHBuJ0+7d5t/W4BX2IErJLTztmMtZEtxFwTE5MKQY
7JntRkKQEkSVp7OfykSfMO26F0VGcMU2VW0hJw0of16hGBWJkkRSvZKIRLPrtxy2
IYUE2O5QUNulih9V89NF2Lmnzkx8etkL0f1rSdvcmYY16UqFf9Wc5Llb4iomvB9W
MdhQYtfZRl+iAPjjbVoeX8KdHJCfN5wZEld084tg/H66itEhwDhK5BPyaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFACCQ9IgMVngAnVwrXM04bqMGFySMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvQUlKRDBpQXhXZUFDZFhDdGN6VGh1b3dZWEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYeIAwQC
LZNEMA0GCSqGSIb3DQEBCwUAA4IBAQBY7xkrqbie9BlxJO3QqmO3J045f47/Xh+n
myQP/+fIcRUfqkPUhIj+lMJz7nSC5xavXG1Vn30zX9F5M483+d6oeyFWJbvOgDZj
lccRPQwztHZ/hv8hN3JsqxUT/DtBBzHeo256wq7g1XqqbyT8ZPKZUniFQVDaLkHB
PtHv4DwEwzPNPJoBKe7jcZHl6anxXtlqInXOXVFfiinEQYflTLwKqt0+UpdiJXIv
gmcOdTCABfEw2mOa1q3GeTpZQee8L8upQIsoH1YNF9EBXhJCTDKqOcbzaKvIpQpM
0LvRa3Zod8qL5xNoP6sHXMcMbC2pIDFmxdxgxg65+f7AhHsCraN6
-----END CERTIFICATE-----
Generated at Tue Nov 21 18:37:34 2023 by rpki-client on console-fra.rpki-client.org