Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Kbr39OP8qKuCCxcXZKDNHLJDT0k.roa
File: Kbr39OP8qKuCCxcXZKDNHLJDT0k.roa (raw, json)
Hash identifier: 2EPKc9JOZgktnt6KBrAe6w7pluOv5/jkr1vZ2/Alumw=
Subject key identifier: 29:BA:F7:F4:E3:FC:A8:AB:82:0B:17:17:64:A0:CD:1C:B2:43:4F:49
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018570F0A1B082042E50BF2510000A443EC0
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Kbr39OP8qKuCCxcXZKDNHLJDT0k.roa
Signing time: Mon 02 Jan 2023 05:24:56 +0000
ROA not before: Mon 02 Jan 2023 05:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.157.72.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a1:b0:82:04:2e:50:bf:25:10:00:0a:44:3e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jan 2 05:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29baf7f4e3fca8ab820b171764a0cd1cb2434f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:16:ed:ae:ac:97:80:36:ec:96:0f:52:7f:
2a:ab:6c:42:e6:ff:6e:35:69:8f:a9:a5:4f:23:90:
0a:ca:c2:2f:49:34:67:2e:bd:58:ba:43:2c:e9:84:
d9:36:ae:b2:f6:57:ba:ca:c5:a3:2e:2f:6a:35:8f:
c9:34:35:e6:1a:1d:87:be:9a:17:9a:c4:a3:d2:7e:
41:cd:bd:29:9d:f5:09:d3:88:82:a4:e0:29:b4:b3:
31:2c:37:ab:46:9d:71:30:bd:df:f8:e0:9c:96:34:
39:19:55:bd:89:58:95:48:73:49:8e:08:b4:16:d1:
18:8f:a0:fd:e9:dd:11:6f:58:dc:7e:60:e7:db:81:
2c:09:c8:88:c7:c3:b3:b9:81:36:81:8b:38:1e:96:
5d:ee:3d:4b:9e:52:ba:94:31:92:44:47:53:50:e3:
74:ca:58:6c:b6:db:09:8f:d9:75:b2:c4:c1:f0:20:
b2:c6:ce:29:0f:5d:90:87:19:04:f6:0d:1e:10:cb:
0f:84:60:c4:72:6b:7b:5f:db:4c:25:3b:d5:b4:1e:
8c:96:47:3f:83:69:1e:39:1a:a1:69:5b:58:34:91:
0e:81:fa:69:64:f5:2e:36:eb:ef:6b:10:a9:a7:b8:
c9:fe:10:db:66:be:ea:8f:61:61:16:82:a7:70:c7:
5b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BA:F7:F4:E3:FC:A8:AB:82:0B:17:17:64:A0:CD:1C:B2:43:4F:49
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/Kbr39OP8qKuCCxcXZKDNHLJDT0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.72.0/23
Signature Algorithm: sha256WithRSAEncryption
89:c1:54:9f:a4:9a:7b:ce:df:06:5c:fe:63:47:3e:84:1a:77:
ad:41:82:e3:5b:0e:ea:d1:aa:e5:69:c6:48:95:10:01:76:ac:
ed:55:32:7c:eb:82:4e:32:d3:44:9c:f4:9e:53:89:77:c3:18:
72:37:71:02:95:78:45:ce:23:b0:77:fa:6d:7a:1d:33:64:00:
ee:a5:ad:d1:4b:5e:7e:41:c8:95:24:31:5f:0e:2c:87:f9:7a:
b4:38:68:fe:61:5d:bd:8f:8e:36:ad:9e:a8:24:9f:6e:36:3f:
22:31:88:e5:98:bc:88:a1:9f:e9:c1:09:91:17:62:39:8d:bd:
96:41:d2:55:2e:99:3e:40:e5:2d:a6:06:13:30:43:7f:43:26:
7b:07:41:0a:8d:6a:73:74:35:87:de:bd:e8:93:76:5b:dd:b4:
38:2d:c4:8b:f7:80:0e:43:52:55:1b:7e:6f:8f:78:21:47:8c:
50:e4:eb:a5:8a:98:04:cc:68:16:87:e1:1e:c8:c1:3b:fe:e9:
4b:84:9c:9e:9f:24:26:b5:3a:16:65:50:1c:1f:e5:73:a2:c5:
40:4c:e4:f1:a6:77:8b:6f:77:f3:3d:a2:11:62:55:3c:ef:c6:
33:26:83:67:d9:07:27:ba:d1:ff:79:f0:52:99:0e:38:a4:bb:
46:1a:c1:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KGwggQuUL8lEAAKRD7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwMTAyMDUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJhZjdmNGUzZmNhOGFiODIwYjE3MTc2NGEwY2QxY2IyNDM0ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJAW7a6sl4A27JYPUn8qq2xC5v9u
NWmPqaVPI5AKysIvSTRnLr1YukMs6YTZNq6y9le6ysWjLi9qNY/JNDXmGh2HvpoX
msSj0n5Bzb0pnfUJ04iCpOAptLMxLDerRp1xML3f+OCcljQ5GVW9iViVSHNJjgi0
FtEYj6D96d0Rb1jcfmDn24EsCciIx8OzuYE2gYs4HpZd7j1LnlK6lDGSREdTUON0
ylhsttsJj9l1ssTB8CCyxs4pD12QhxkE9g0eEMsPhGDEcmt7X9tMJTvVtB6Mlkc/
g2keORqhaVtYNJEOgfppZPUuNuvvaxCpp7jJ/hDbZr7qj2FhFoKncMdbrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCm69/Tj/KirggsXF2SgzRyyQ09JMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvS2JyMzlPUDhxS3VDQ3hjWFpLRE5ITEpEVDBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZ1IMA0G
CSqGSIb3DQEBCwUAA4IBAQCJwVSfpJp7zt8GXP5jRz6EGnetQYLjWw7q0arlacZI
lRABdqztVTJ864JOMtNEnPSeU4l3wxhyN3EClXhFziOwd/pteh0zZADupa3RS15+
QciVJDFfDiyH+Xq0OGj+YV29j442rZ6oJJ9uNj8iMYjlmLyIoZ/pwQmRF2I5jb2W
QdJVLpk+QOUtpgYTMEN/QyZ7B0EKjWpzdDWH3r3ok3Zb3bQ4LcSL94AOQ1JVG35v
j3ghR4xQ5OulipgEzGgWh+EeyME7/ulLhJyenyQmtToWZVAcH+VzosVATOTxpneL
b3fzPaIRYlU878YzJoNn2QcnutH/efBSmQ44pLtGGsEO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org