Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/aWsNoo_EI-HGElmiOV9GVGM63Uw.roa
File: aWsNoo_EI-HGElmiOV9GVGM63Uw.roa (raw, json)
Hash identifier: 2A0OnGlJhkLT/u1L/x1yrAgq9tzjF//mQnoHkOO6g84=
Subject key identifier: 69:6B:0D:A2:8F:C4:23:E1:C6:12:59:A2:39:5F:46:54:63:3A:DD:4C
Certificate issuer: /CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Certificate serial: 01856D01C4EDADDA813CC63083E709048521
Authority key identifier: AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/aWsNoo_EI-HGElmiOV9GVGM63Uw.roa
Signing time: Sun 01 Jan 2023 11:05:10 +0000
ROA not before: Sun 01 Jan 2023 11:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211415
IP address blocks: 45.91.32.0/22 maxlen: 22
2a0e:ac0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c4:ed:ad:da:81:3c:c6:30:83:e7:09:04:85:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad5c2e74c6d46cc73c98a4c16087a8a3b3a6f759
Validity
Not Before: Jan 1 11:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=696b0da28fc423e1c61259a2395f4654633add4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c5:2b:da:6d:3b:44:69:54:81:8f:11:55:62:
d4:e5:d4:e5:60:b6:f8:41:bb:33:7a:a5:42:f8:25:
0a:8c:3a:ab:0f:97:2b:45:ee:13:df:17:31:79:9b:
15:46:c1:89:73:6e:1c:44:af:17:32:82:7b:0a:f1:
b9:0a:49:2d:99:68:ce:d3:43:1c:66:5c:e1:68:2e:
54:b2:e1:72:6e:70:d4:57:03:5c:ad:27:a2:0b:47:
b3:7e:de:3e:6c:4c:62:a8:15:e2:5a:67:26:db:21:
92:cd:16:5f:58:16:17:5b:bb:95:6b:d2:48:22:fb:
f3:88:8b:d6:f8:53:c1:77:ba:8e:c1:a7:a4:73:f2:
2e:30:01:da:f7:ab:7f:2a:09:31:48:d8:d9:e6:43:
4a:d8:3f:ca:58:fb:c0:b2:4e:a7:48:99:1b:48:da:
ea:40:3f:ae:f6:7a:de:bb:7d:c1:7f:3e:77:ab:4a:
95:0b:9a:4a:58:17:bf:a4:90:86:61:bd:a9:4c:b4:
9f:56:2a:3f:a4:3e:7e:b4:f0:32:c2:9e:71:df:8c:
05:43:a8:84:5d:40:59:bd:0c:86:40:e7:c5:75:94:
76:fa:ec:f8:59:b3:03:1f:9b:bc:04:86:1f:99:1e:
2d:d9:c9:43:2b:6b:bf:5f:c8:1c:26:45:de:ab:c6:
9a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:6B:0D:A2:8F:C4:23:E1:C6:12:59:A2:39:5F:46:54:63:3A:DD:4C
X509v3 Authority Key Identifier:
keyid:AD:5C:2E:74:C6:D4:6C:C7:3C:98:A4:C1:60:87:A8:A3:B3:A6:F7:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVwudMbUbMc8mKTBYIeoo7Om91k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/aWsNoo_EI-HGElmiOV9GVGM63Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5da375-99a9-4329-9d29-cec8931ce631/1/rVwudMbUbMc8mKTBYIeoo7Om91k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.32.0/22
IPv6:
2a0e:ac0::/29
Signature Algorithm: sha256WithRSAEncryption
93:22:2e:1e:a5:a8:10:6c:f5:88:1d:d3:23:d3:77:fd:98:2b:
25:6e:55:2e:f1:ea:86:34:b3:7a:61:75:52:05:fc:28:17:5e:
5f:6d:53:c2:78:cc:6b:92:26:d3:fb:72:21:22:4a:90:0f:a9:
c2:12:88:21:35:c5:93:f2:d6:40:03:6e:18:40:fb:5a:26:33:
b6:e7:5e:95:31:eb:96:20:1d:a7:f8:ca:f4:3c:d7:9e:3d:0c:
65:98:50:b6:d6:20:29:7e:3e:3f:40:94:a8:f6:c2:1f:9c:2d:
78:ff:f0:fa:de:a2:10:7a:b3:cb:2e:34:16:e9:33:5f:5c:c3:
69:68:47:e3:3e:f5:e3:2d:8f:0d:64:1b:87:f1:e9:0a:6a:0c:
ff:a4:c8:48:bc:13:40:8f:93:40:2d:ba:dc:0f:ff:4e:45:aa:
c8:27:92:78:d3:ff:f3:8a:4f:7a:26:25:cf:65:22:c6:51:a9:
03:97:f3:71:99:a9:fb:bb:24:b2:3e:12:ab:bf:60:4e:6b:a8:
78:0a:8f:88:d7:26:9f:4c:11:ea:72:8a:bc:31:21:b1:d9:3e:
1a:d8:26:62:8c:8e:8c:1f:a6:3a:a5:5c:d5:c8:88:21:4d:15:
57:11:47:51:ec:54:ba:87:15:b7:96:d7:a3:77:af:9d:6d:a8:
96:65:8f:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAcTtrdqBPMYwg+cJBIUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWMyZTc0YzZkNDZjYzczYzk4YTRjMTYwODdhOGEzYjNh
NmY3NTkwHhcNMjMwMTAxMTEwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTZiMGRhMjhmYzQyM2UxYzYxMjU5YTIzOTVmNDY1NDYzM2FkZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMUr2m07RGlUgY8RVWLU5dTlYLb4
QbszeqVC+CUKjDqrD5crRe4T3xcxeZsVRsGJc24cRK8XMoJ7CvG5CkktmWjO00Mc
ZlzhaC5UsuFybnDUVwNcrSeiC0ezft4+bExiqBXiWmcm2yGSzRZfWBYXW7uVa9JI
IvvziIvW+FPBd7qOwaekc/IuMAHa96t/KgkxSNjZ5kNK2D/KWPvAsk6nSJkbSNrq
QD+u9nreu33Bfz53q0qVC5pKWBe/pJCGYb2pTLSfVio/pD5+tPAywp5x34wFQ6iE
XUBZvQyGQOfFdZR2+uz4WbMDH5u8BIYfmR4t2clDK2u/X8gcJkXeq8aavQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGlrDaKPxCPhxhJZojlfRlRjOt1MMB8GA1UdIwQY
MBaAFK1cLnTG1GzHPJikwWCHqKOzpvdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjkt
Y2VjODkzMWNlNjMxLzEvYVdzTm9vX0VJLUhHRWxtaU9WOUdWR002M1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81ZGEzNzUtOTlhOS00MzI5LTlkMjktY2VjODkzMWNlNjMx
LzEvclZ3dWRNYlViTWM4bUtUQllJZW9vN09tOTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVsgMA0E
AgACMAcDBQMqDgrAMA0GCSqGSIb3DQEBCwUAA4IBAQCTIi4epagQbPWIHdMj03f9
mCslblUu8eqGNLN6YXVSBfwoF15fbVPCeMxrkibT+3IhIkqQD6nCEoghNcWT8tZA
A24YQPtaJjO2516VMeuWIB2n+Mr0PNeePQxlmFC21iApfj4/QJSo9sIfnC14//D6
3qIQerPLLjQW6TNfXMNpaEfjPvXjLY8NZBuH8ekKagz/pMhIvBNAj5NALbrcD/9O
RarIJ5J40//zik96JiXPZSLGUakDl/Nxman7uySyPhKrv2BOa6h4Co+I1yafTBHq
coq8MSGx2T4a2CZijI6MH6Y6pVzVyIghTRVXEUdR7FS6hxW3ltejd6+dbaiWZY+o
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:10 2024 by rpki-client on console-fra.rpki-client.org