Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AX1lZD0G7kHL6Vs1AFGOe8OW3wU.roa
File: AX1lZD0G7kHL6Vs1AFGOe8OW3wU.roa (raw, json)
Hash identifier: SEV4RSFUBztSRbKO/KRSoHh1S7s/z7/B1rl3o1ED2tw=
Subject key identifier: 01:7D:65:64:3D:06:EE:41:CB:E9:5B:35:00:51:8E:7B:C3:96:DF:05
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01857C5C9C90D98E0A8682DFD814E4E81BEF
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AX1lZD0G7kHL6Vs1AFGOe8OW3wU.roa
Signing time: Wed 04 Jan 2023 10:38:42 +0000
ROA not before: Wed 04 Jan 2023 10:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:5c:9c:90:d9:8e:0a:86:82:df:d8:14:e4:e8:1b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 4 10:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017d65643d06ee41cbe95b3500518e7bc396df05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:38:84:8b:4c:81:ee:f8:a2:06:d0:e4:bf:e2:
83:ef:86:63:f2:f5:da:74:b5:ef:25:a1:2c:17:57:
9e:92:4b:4f:2d:ae:58:a1:0e:20:b5:63:9b:ba:ad:
e9:fa:fc:54:ee:ac:5a:e6:db:7e:e0:6c:cc:33:af:
b4:fe:3b:d6:4c:c9:94:96:3a:c1:01:ab:0c:8b:87:
a9:53:93:ba:31:60:03:d5:bc:28:81:b7:f1:eb:e1:
4f:10:6f:c5:1b:40:5c:a1:d0:e8:56:f4:58:c4:ee:
c8:41:51:a5:b4:8d:1c:41:6d:f0:4f:cc:a8:64:b5:
ca:8e:d6:83:90:9f:89:5b:6b:b9:5d:67:fb:8a:bd:
2a:a8:5c:c5:de:6b:7e:2d:c9:f3:8a:90:79:d2:27:
b6:d5:6a:ec:4d:10:4d:c6:cf:f7:73:24:3b:42:4d:
b9:8e:60:a4:d0:2c:05:f8:a3:17:c0:0a:90:c9:21:
ae:a4:9d:dd:b2:36:e6:0a:51:65:2f:7d:a5:7f:08:
a5:b5:24:ef:0a:0c:5c:1e:d1:d0:8d:fb:09:a1:93:
06:67:80:fe:77:a4:96:b2:da:e6:fd:96:3e:07:e9:
70:67:eb:c5:00:a5:cd:76:e8:1f:61:a4:50:22:66:
ce:e1:4d:0f:41:0d:34:82:3e:0d:6e:1c:35:90:cb:
b1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7D:65:64:3D:06:EE:41:CB:E9:5B:35:00:51:8E:7B:C3:96:DF:05
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/AX1lZD0G7kHL6Vs1AFGOe8OW3wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/24
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
21:ed:e4:1c:44:d8:22:45:2a:f9:e9:53:5e:e1:3e:1c:44:36:
60:69:8d:35:e5:9a:bc:5d:97:86:42:1f:f9:f3:75:8e:52:56:
a6:4a:74:ba:66:ec:1e:0b:41:81:09:d2:51:8f:c0:1b:c3:05:
10:6f:0b:9a:e1:90:9c:a8:c3:40:2c:2b:47:cb:3b:d6:db:cd:
5a:72:27:22:bc:7b:29:47:bb:f2:f8:32:8f:ad:f6:ab:cd:31:
7f:69:b5:f8:c5:aa:78:52:90:68:1e:ac:b6:a3:cb:f9:d8:db:
96:36:cb:25:b0:0f:c9:fc:15:7c:74:25:1d:26:93:7e:c9:04:
8b:2c:3f:0e:03:43:15:24:e0:5c:b9:62:0c:7d:6f:32:61:fd:
40:cd:57:97:9f:ef:a7:c0:49:48:6e:6c:5c:cb:e8:7e:dd:be:
c3:fa:63:fc:77:aa:bb:ee:61:fe:fa:b9:12:f2:09:89:77:5e:
0d:95:3c:df:31:91:a4:9b:b3:00:25:b7:1b:8e:26:b4:21:aa:
3e:59:47:25:69:37:27:34:21:91:4c:2a:d5:54:7f:55:59:bb:
c7:3e:34:f9:aa:18:70:e0:9f:fa:ca:e9:f6:d1:56:45:95:6c:
4f:a0:54:3d:a3:11:a2:64:b8:ef:e9:74:40:b7:48:de:e3:07:
34:31:30:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV8XJyQ2Y4KhoLf2BTk6BvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTA0MTAzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdkNjU2NDNkMDZlZTQxY2JlOTViMzUwMDUxOGU3YmMzOTZkZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDiEi0yB7viiBtDkv+KD74Zj8vXa
dLXvJaEsF1eekktPLa5YoQ4gtWObuq3p+vxU7qxa5tt+4GzMM6+0/jvWTMmUljrB
AasMi4epU5O6MWAD1bwogbfx6+FPEG/FG0BcodDoVvRYxO7IQVGltI0cQW3wT8yo
ZLXKjtaDkJ+JW2u5XWf7ir0qqFzF3mt+LcnzipB50ie21WrsTRBNxs/3cyQ7Qk25
jmCk0CwF+KMXwAqQySGupJ3dsjbmClFlL32lfwiltSTvCgxcHtHQjfsJoZMGZ4D+
d6SWstrm/ZY+B+lwZ+vFAKXNdugfYaRQImbO4U0PQQ00gj4Nbhw1kMuxNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAF9ZWQ9Bu5By+lbNQBRjnvDlt8FMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQVgxbFpEMEc3a0hMNlZzMUFGR09lOE9XM3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ28AwQA
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQAh7eQcRNgiRSr56VNe4T4cRDZg
aY015Zq8XZeGQh/583WOUlamSnS6ZuweC0GBCdJRj8AbwwUQbwua4ZCcqMNALCtH
yzvW281acicivHspR7vy+DKPrfarzTF/abX4xap4UpBoHqy2o8v52NuWNsslsA/J
/BV8dCUdJpN+yQSLLD8OA0MVJOBcuWIMfW8yYf1AzVeXn++nwElIbmxcy+h+3b7D
+mP8d6q77mH++rkS8gmJd14NlTzfMZGkm7MAJbcbjia0Iao+WUclaTcnNCGRTCrV
VH9VWbvHPjT5qhhw4J/6yun20VZFlWxPoFQ9oxGiZLjv6XRAt0je4wc0MTAs
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org