Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/y55Mwg9kqotQ5G0c9iROa2eVR4Q.roa
File: y55Mwg9kqotQ5G0c9iROa2eVR4Q.roa (raw, json)
Hash identifier: FkiuHaiKim3JW1Po/3X1LSpiL2ZiumfwzxMGYChopTk=
Subject key identifier: CB:9E:4C:C2:0F:64:AA:8B:50:E4:6D:1C:F6:24:4E:6B:67:95:47:84
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A3C6447CDBECEBD1A83DE7CC09734D1BC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/y55Mwg9kqotQ5G0c9iROa2eVR4Q.roa
Signing time: Mon 28 Aug 2023 13:45:19 +0000
ROA not before: Mon 28 Aug 2023 13:45:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 45.9.30.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:64:47:cd:be:ce:bd:1a:83:de:7c:c0:97:34:d1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 28 13:45:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb9e4cc20f64aa8b50e46d1cf6244e6b67954784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1c:21:f4:c8:c2:d6:fb:fb:78:e2:91:8d:58:
70:00:28:ce:c8:8f:11:44:48:a8:f0:93:cf:04:0b:
3a:63:dc:2d:f8:ce:5a:88:df:21:e6:0c:b8:ec:9c:
2e:22:a4:21:3c:ed:36:cf:0c:24:8c:00:ba:50:ca:
2e:4d:8c:d4:2f:0b:90:6e:41:2b:5e:8f:2f:da:12:
7f:15:8b:bb:56:15:a9:6b:d0:94:2a:d3:a6:85:e5:
0a:96:f1:07:ba:cb:e0:c9:a4:c8:bf:7e:38:5b:49:
74:e2:c2:d6:54:72:64:8a:42:f4:f0:3d:f8:b1:2e:
8b:4b:b3:6b:f1:8b:67:ad:99:21:21:35:ce:ae:47:
4a:ca:0f:fc:a7:af:ef:02:5a:a5:6a:50:26:7a:25:
be:af:a8:32:e5:59:bb:22:91:d0:c5:c8:29:4d:ae:
f2:87:fe:a1:bc:78:2b:8c:93:ad:fa:f5:0b:fa:ff:
8b:75:82:db:ab:39:d1:3f:e5:2f:91:2d:d3:63:cc:
38:f2:af:a8:21:d2:77:b6:6a:a5:2f:97:b4:c6:26:
61:d1:c1:ca:c0:df:c1:3e:57:ff:63:98:61:7e:3c:
8c:12:57:9d:cb:89:a9:a2:69:1a:3d:a5:f3:73:60:
48:a3:46:f3:fb:81:c5:b0:67:8d:8a:d1:6c:a6:01:
7d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9E:4C:C2:0F:64:AA:8B:50:E4:6D:1C:F6:24:4E:6B:67:95:47:84
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/y55Mwg9kqotQ5G0c9iROa2eVR4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.81.112.0/22
45.88.137.0/24
45.132.180.0/24
Signature Algorithm: sha256WithRSAEncryption
03:2d:e8:f3:e1:f6:f4:ed:88:fc:2e:04:f9:00:c6:4c:3e:b9:
e5:56:83:93:4c:38:b2:2c:fe:0f:72:ef:6a:0e:e8:01:1a:0b:
ab:1a:ac:72:29:6a:1c:d4:e6:12:d0:b8:f4:25:fe:aa:46:61:
28:89:4f:86:5c:fd:6c:79:72:1e:00:19:9d:68:31:16:77:ec:
f2:57:38:99:b0:7f:41:ba:cb:87:53:b7:d7:8a:4a:ac:eb:88:
6a:b7:7c:00:03:d4:96:0d:a8:de:79:30:e8:a8:f3:4b:cb:00:
53:ad:2e:2d:76:bb:71:9f:07:1c:45:29:49:43:72:51:39:64:
15:ac:a7:dd:8d:99:36:57:69:4d:ed:42:38:76:d9:09:05:5c:
cf:ab:73:49:a3:6b:f2:24:17:08:8a:bd:03:e9:21:52:ce:e5:
2e:58:f1:d7:a2:da:1b:23:83:11:74:11:e1:20:5f:4b:c4:3a:
b0:a2:eb:6f:fb:f9:4c:89:9a:0e:67:f7:0a:1a:88:83:cc:ac:
86:65:03:32:17:06:22:fb:dd:e6:da:3e:59:7a:b0:5a:65:60:
81:ad:f9:7d:eb:51:09:ec:d6:be:17:11:5b:e2:44:af:02:79:
2a:43:59:dc:04:46:52:85:8a:c8:9a:55:9d:69:57:56:83:a9:
af:a5:14:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYo8ZEfNvs69GoPefMCXNNG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODI4MTM0NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjllNGNjMjBmNjRhYThiNTBlNDZkMWNmNjI0NGU2YjY3OTU0Nzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxwh9MjC1vv7eOKRjVhwACjOyI8R
REio8JPPBAs6Y9wt+M5aiN8h5gy47JwuIqQhPO02zwwkjAC6UMouTYzULwuQbkEr
Xo8v2hJ/FYu7VhWpa9CUKtOmheUKlvEHusvgyaTIv344W0l04sLWVHJkikL08D34
sS6LS7Nr8YtnrZkhITXOrkdKyg/8p6/vAlqlalAmeiW+r6gy5Vm7IpHQxcgpTa7y
h/6hvHgrjJOt+vUL+v+LdYLbqznRP+UvkS3TY8w48q+oIdJ3tmqlL5e0xiZh0cHK
wN/BPlf/Y5hhfjyMEledy4mpomkaPaXzc2BIo0bz+4HFsGeNitFspgF9mQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMueTMIPZKqLUORtHPYkTmtnlUeEMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveTU1TXdnOWtxb3RRNUcwYzlpUk9hMmVWUjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQkeAwQC
LVFwAwQALViJAwQALYS0MA0GCSqGSIb3DQEBCwUAA4IBAQADLejz4fb07Yj8LgT5
AMZMPrnlVoOTTDiyLP4Pcu9qDugBGgurGqxyKWoc1OYS0Lj0Jf6qRmEoiU+GXP1s
eXIeABmdaDEWd+zyVziZsH9BusuHU7fXikqs64hqt3wAA9SWDajeeTDoqPNLywBT
rS4tdrtxnwccRSlJQ3JROWQVrKfdjZk2V2lN7UI4dtkJBVzPq3NJo2vyJBcIir0D
6SFSzuUuWPHXotobI4MRdBHhIF9LxDqwoutv+/lMiZoOZ/cKGoiDzKyGZQMyFwYi
+93m2j5ZerBaZWCBrfl961EJ7Na+FxFb4kSvAnkqQ1ncBEZShYrImlWdaVdWg6mv
pRSp
-----END CERTIFICATE-----
Generated at Wed Aug 30 11:22:27 2023 by rpki-client on console-ams.rpki-client.org