Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1x5b7C3hzEcNhYAXAU1zkwalrDE.roa
File: 1x5b7C3hzEcNhYAXAU1zkwalrDE.roa (raw, json)
Hash identifier: SGfVW7+VmGxiSpL/K+jHyo1LgazgSaAUHbWptmb7zmI=
Subject key identifier: D7:1E:5B:EC:2D:E1:CC:47:0D:85:80:17:01:4D:73:93:06:A5:AC:31
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AE1D8DAC0A62B5E75C731AE13BF1F7897
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1x5b7C3hzEcNhYAXAU1zkwalrDE.roa
Signing time: Fri 29 Sep 2023 16:49:59 +0000
ROA not before: Fri 29 Sep 2023 16:49:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47757
IP address blocks: 45.88.139.0/24 maxlen: 24
45.81.114.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:d8:da:c0:a6:2b:5e:75:c7:31:ae:13:bf:1f:78:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 29 16:49:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d71e5bec2de1cc470d858017014d739306a5ac31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:f2:a4:c0:10:97:55:7e:03:c5:ce:0a:3e:
d2:77:23:90:ea:2d:d5:bb:88:e4:34:a4:c4:b9:9e:
d4:8a:cd:e8:b6:ec:83:7c:0f:7f:b9:90:b7:12:a6:
cd:3b:06:f4:6f:00:89:81:8d:01:9e:34:e2:e4:aa:
1e:15:46:6d:5f:8f:0e:aa:c3:b0:f7:f9:67:0b:f5:
97:50:f1:3b:55:50:f5:3e:ce:c9:af:d6:38:98:99:
67:c6:0c:bc:3b:79:d9:c4:d6:0c:2c:27:d7:a8:e0:
7c:65:f9:75:05:0e:70:1b:ff:99:a0:e9:8e:19:d1:
2d:a9:4f:b4:5e:5d:0d:df:1e:c5:ed:d3:f8:58:47:
d0:70:90:ee:31:38:bc:a6:f0:fb:b8:c0:7a:1c:16:
26:36:4c:8b:d4:2f:23:91:5b:e8:10:9e:d0:74:0d:
dc:de:81:60:62:b8:41:99:6f:11:33:6d:75:e1:8a:
2e:06:0d:e2:8c:ab:c7:5f:d4:56:59:77:95:c3:bc:
39:50:6f:14:78:59:0f:44:6c:3e:88:fa:bd:6b:89:
30:ec:63:89:08:4e:0d:fd:44:51:a9:cc:6e:e1:9b:
15:52:c6:92:03:2a:54:b4:53:0e:e3:14:1c:f8:54:
e9:a0:b4:3d:16:9d:ba:af:d1:14:db:da:73:88:d1:
f6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1E:5B:EC:2D:E1:CC:47:0D:85:80:17:01:4D:73:93:06:A5:AC:31
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1x5b7C3hzEcNhYAXAU1zkwalrDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.114.0/24
45.88.139.0/24
45.138.180.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:32:5b:00:67:21:33:66:2d:1b:70:49:e9:57:bf:6d:f1:51:
59:9e:0a:71:a5:96:51:4e:a1:a0:5d:42:14:17:a0:f7:21:c1:
63:4f:a9:be:83:ef:a7:3f:f3:e8:a2:88:ec:b9:a8:07:3c:16:
f9:c1:bf:a5:8b:4b:76:bd:6e:ac:47:87:18:0c:00:4b:d8:2e:
3e:24:71:e2:59:c6:df:33:8c:8e:12:25:c4:f0:29:84:00:be:
70:66:b8:52:b6:38:f0:b6:23:28:b9:d9:7c:6c:2e:dd:37:e5:
dd:26:19:3c:2d:bf:2b:f9:51:75:b4:ac:fe:f3:84:6e:15:29:
e3:2e:d6:b6:f2:22:f3:b0:d6:dc:ff:cd:1f:0f:33:24:22:d9:
34:ca:ea:8a:55:0f:0b:89:c0:e6:a6:6e:1c:f3:6c:28:9f:0d:
ae:85:e2:1b:8c:53:63:7a:22:c1:50:35:3d:2b:31:e4:1b:05:
49:ab:29:34:25:1f:73:83:5e:ed:d8:d2:a0:c4:a1:15:a5:e4:
73:35:27:8b:14:cd:7b:9c:ed:4d:99:c5:70:3b:0d:00:a5:a1:
b0:25:a7:32:e6:72:7e:e8:c8:4f:ee:bd:98:f7:e2:0c:e8:85:
9e:aa:f8:ce:ae:3f:7d:64:68:31:d5:93:6f:16:d1:b1:bd:82:
17:4c:af:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrh2NrApitedccxrhO/H3iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTI5MTY0OTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzFlNWJlYzJkZTFjYzQ3MGQ4NTgwMTcwMTRkNzM5MzA2YTVhYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FjypMAQl1V+A8XOCj7SdyOQ6i3V
u4jkNKTEuZ7Uis3otuyDfA9/uZC3EqbNOwb0bwCJgY0BnjTi5KoeFUZtX48OqsOw
9/lnC/WXUPE7VVD1Ps7Jr9Y4mJlnxgy8O3nZxNYMLCfXqOB8Zfl1BQ5wG/+ZoOmO
GdEtqU+0Xl0N3x7F7dP4WEfQcJDuMTi8pvD7uMB6HBYmNkyL1C8jkVvoEJ7QdA3c
3oFgYrhBmW8RM2114YouBg3ijKvHX9RWWXeVw7w5UG8UeFkPRGw+iPq9a4kw7GOJ
CE4N/URRqcxu4ZsVUsaSAypUtFMO4xQc+FTpoLQ9Fp26r9EU29pziNH2NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNceW+wt4cxHDYWAFwFNc5MGpawxMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMXg1YjdDM2h6RWNOaFlBWEFVMXprd2FsckRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVFyAwQA
LViLAwQALYq0MA0GCSqGSIb3DQEBCwUAA4IBAQCqMlsAZyEzZi0bcEnpV79t8VFZ
ngpxpZZRTqGgXUIUF6D3IcFjT6m+g++nP/PooojsuagHPBb5wb+li0t2vW6sR4cY
DABL2C4+JHHiWcbfM4yOEiXE8CmEAL5wZrhStjjwtiMoudl8bC7dN+XdJhk8Lb8r
+VF1tKz+84RuFSnjLta28iLzsNbc/80fDzMkItk0yuqKVQ8LicDmpm4c82wonw2u
heIbjFNjeiLBUDU9KzHkGwVJqyk0JR9zg17t2NKgxKEVpeRzNSeLFM17nO1NmcVw
Ow0ApaGwJacy5nJ+6MhP7r2Y9+IM6IWeqvjOrj99ZGgx1ZNvFtGxvYIXTK+y
-----END CERTIFICATE-----
Generated at Thu Oct 5 14:46:10 2023 by rpki-client on console-ams.rpki-client.org