Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/kzOB0hFhjt5QQP0cxgRO5_WDiwY.roa
File: kzOB0hFhjt5QQP0cxgRO5_WDiwY.roa (raw, json)
Hash identifier: Lp+hkp4l7A9F4J51tZDvt4Yg/ibaSP5OnTK602sbxho=
Subject key identifier: 93:33:81:D2:11:61:8E:DE:50:40:FD:1C:C6:04:4E:E7:F5:83:8B:06
Certificate issuer: /CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4
Certificate serial: 01856FC27EB042FF474AB77C42400D7F7A05
Authority key identifier: 0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/kzOB0hFhjt5QQP0cxgRO5_WDiwY.roa
Signing time: Sun 01 Jan 2023 23:54:55 +0000
ROA not before: Sun 01 Jan 2023 23:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208395
IP address blocks: 45.139.136.0/22 maxlen: 22
2a0e:b940::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:7e:b0:42:ff:47:4a:b7:7c:42:40:0d:7f:7a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4
Validity
Not Before: Jan 1 23:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=933381d211618ede5040fd1cc6044ee7f5838b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7f:a7:44:73:d9:ac:47:f8:6a:a9:eb:d7:51:
50:32:40:62:33:ae:69:ad:cb:28:a0:08:94:02:3d:
a0:15:bf:d6:41:dd:35:0f:12:c3:a8:9a:f2:fc:0a:
32:66:44:e7:3f:a7:f4:25:6a:e3:cd:8c:54:4f:a9:
2a:a6:21:b4:59:24:ef:69:77:07:e7:d7:50:0e:fe:
d5:cb:b0:84:3f:e4:a6:cf:72:83:de:df:88:9f:d9:
67:74:83:69:d1:62:34:0e:35:1f:77:39:59:01:17:
b0:14:00:e3:81:fd:90:71:ec:85:81:5f:b8:ff:bd:
d0:66:33:30:cb:19:69:a9:0e:de:8a:91:0c:66:ec:
ee:09:e2:fc:ca:c1:03:0f:6e:6e:4d:f8:1a:f4:35:
c0:6f:f8:80:e7:ca:88:4e:27:40:c2:74:cb:ff:d0:
f8:64:cb:54:77:76:d4:66:bc:93:14:d7:af:c6:1e:
3a:eb:21:18:a1:9d:55:0b:83:71:47:25:58:ec:96:
3f:1b:64:91:87:01:fb:39:41:04:be:56:2d:2c:ad:
95:a9:05:f4:1f:f2:55:8f:42:51:7c:f3:a0:31:90:
a7:89:aa:9d:7e:0b:7c:2d:09:52:2e:6b:c5:3d:ba:
fd:15:66:05:06:df:fe:c3:0c:00:94:3a:9d:2e:2c:
b6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:33:81:D2:11:61:8E:DE:50:40:FD:1C:C6:04:4E:E7:F5:83:8B:06
X509v3 Authority Key Identifier:
keyid:0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/kzOB0hFhjt5QQP0cxgRO5_WDiwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.136.0/22
IPv6:
2a0e:b940::/29
Signature Algorithm: sha256WithRSAEncryption
09:8e:08:36:4c:2b:7d:be:11:bf:bd:02:96:5b:ff:72:c1:6c:
98:ca:9c:1b:c9:05:a5:b9:8b:86:c0:c4:d3:2a:1c:44:ae:94:
12:96:ef:29:1b:79:87:6d:0e:22:f5:de:7c:15:0c:25:ab:36:
a6:a3:8f:bb:ac:cc:4c:b2:94:73:d1:7d:b5:da:8a:61:bc:10:
d2:24:90:41:d9:2d:e8:7d:16:5d:1d:5e:7d:75:e4:74:9a:e4:
5e:75:3d:3e:de:81:5d:c2:b0:6d:ac:d2:67:0f:70:31:e1:d4:
be:53:b4:ac:50:a6:e5:23:4c:d5:7c:c2:26:73:2a:99:8a:b5:
99:61:5c:09:81:6c:4b:97:aa:4d:ad:9d:20:63:1c:1b:1a:96:
f6:63:97:b0:57:99:87:81:20:58:89:64:fa:d7:d5:13:b2:e1:
bf:97:da:9f:4c:f4:c8:ad:1b:2b:9c:fa:7c:d1:da:2b:16:8c:
48:31:86:de:22:ae:b2:3e:b8:44:2c:fd:f6:8b:ec:9c:0e:28:
d5:53:80:0b:77:1b:5b:1f:14:97:4a:04:06:28:d2:09:b8:f6:
2c:0f:14:d7:e6:1c:07:eb:a1:8e:7d:27:ab:ea:69:13:38:1f:
48:3f:45:6e:f6:0e:46:61:d7:41:68:a7:7a:66:b6:44:1c:5f:
ec:18:7f:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvwn6wQv9HSrd8QkANf3oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGE3MDJmNjc3ZjMzNmQ5YjNlMzZjMzg0ZWJjOGM5ZmQ4
ODU5ZjQwHhcNMjMwMTAxMjM1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzMzODFkMjExNjE4ZWRlNTA0MGZkMWNjNjA0NGVlN2Y1ODM4YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H+nRHPZrEf4aqnr11FQMkBiM65p
rcsooAiUAj2gFb/WQd01DxLDqJry/AoyZkTnP6f0JWrjzYxUT6kqpiG0WSTvaXcH
59dQDv7Vy7CEP+Smz3KD3t+In9lndINp0WI0DjUfdzlZARewFADjgf2QceyFgV+4
/73QZjMwyxlpqQ7eipEMZuzuCeL8ysEDD25uTfga9DXAb/iA58qITidAwnTL/9D4
ZMtUd3bUZryTFNevxh466yEYoZ1VC4NxRyVY7JY/G2SRhwH7OUEEvlYtLK2VqQX0
H/JVj0JRfPOgMZCniaqdfgt8LQlSLmvFPbr9FWYFBt/+wwwAlDqdLiy2NwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJMzgdIRYY7eUED9HMYETuf1g4sGMB8GA1UdIwQY
MBaAFApKcC9nfzNtmz42w4TryMn9iFn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kYTViMzItMjBhNy00ZTBhLWI4MzQt
ZWYzMTcxNTYxMWFhLzEva3pPQjBoRmhqdDVRUVAwY3hnUk81X1dEaXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kYTViMzItMjBhNy00ZTBhLWI4MzQtZWYzMTcxNTYxMWFh
LzEvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYuIMA0E
AgACMAcDBQMqDrlAMA0GCSqGSIb3DQEBCwUAA4IBAQAJjgg2TCt9vhG/vQKWW/9y
wWyYypwbyQWluYuGwMTTKhxErpQSlu8pG3mHbQ4i9d58FQwlqzamo4+7rMxMspRz
0X212ophvBDSJJBB2S3ofRZdHV59deR0muRedT0+3oFdwrBtrNJnD3Ax4dS+U7Ss
UKblI0zVfMImcyqZirWZYVwJgWxLl6pNrZ0gYxwbGpb2Y5ewV5mHgSBYiWT619UT
suG/l9qfTPTIrRsrnPp80dorFoxIMYbeIq6yPrhELP32i+ycDijVU4ALdxtbHxSX
SgQGKNIJuPYsDxTX5hwH66GOfSer6mkTOB9IP0Vu9g5GYddBaKd6ZrZEHF/sGH9f
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:10 2024 by rpki-client on console-fra.rpki-client.org