Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/q0izo8JQsJTSv2Mb6OjiP18Vg-w.roa
File: q0izo8JQsJTSv2Mb6OjiP18Vg-w.roa (raw, json)
Hash identifier: ouyV7BayFv1vvbpj9WXSbqBgQaBH6dJ0j9MlFkZYiTM=
Subject key identifier: AB:48:B3:A3:C2:50:B0:94:D2:BF:63:1B:E8:E8:E2:3F:5F:15:83:EC
Certificate issuer: /CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Certificate serial: 01856EA6C3D32F7D44FF84D7E487546B1B82
Authority key identifier: D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/q0izo8JQsJTSv2Mb6OjiP18Vg-w.roa
Signing time: Sun 01 Jan 2023 18:45:00 +0000
ROA not before: Sun 01 Jan 2023 18:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62020
IP address blocks: 91.246.55.0/24 maxlen: 24
45.159.12.0/24 maxlen: 24
45.159.15.0/24 maxlen: 24
45.159.13.0/24 maxlen: 24
185.9.0.0/22 maxlen: 22
2a03:4440::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c3:d3:2f:7d:44:ff:84:d7:e4:87:54:6b:1b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c35bc9b7f8550be3e467c54a9d3a66e2443bd4
Validity
Not Before: Jan 1 18:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab48b3a3c250b094d2bf631be8e8e23f5f1583ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:a4:8d:ca:19:ee:7a:c5:be:2b:3b:02:99:
fa:b1:21:55:69:18:76:cd:43:71:5d:01:17:34:df:
c6:3e:8a:67:55:c3:d6:41:46:db:b4:cd:86:4d:40:
e5:48:53:2b:a3:c4:e7:27:d0:7d:4c:2e:e9:7a:8a:
c3:11:f7:79:84:57:04:ab:06:28:0d:4b:85:4a:ea:
71:1f:f1:b1:39:04:e2:f0:b9:e4:a6:0a:e0:67:81:
a2:8e:88:5e:4a:5f:8d:52:a1:ab:8b:b4:ea:94:07:
45:de:1e:ba:3b:a9:09:b2:d7:85:b5:a0:1f:91:31:
46:52:ee:15:5a:89:19:9e:2e:37:d7:9d:6f:47:90:
9c:cc:72:09:dd:13:3c:c3:20:25:d7:bd:e0:65:6c:
4a:46:0a:47:f3:e5:e2:bc:b6:fa:a7:16:8c:90:02:
7c:d5:38:39:9e:d6:0e:fe:ff:61:62:7b:8b:f7:82:
03:96:7d:ca:ef:20:fe:41:7b:a5:f0:4d:0a:da:08:
40:37:fc:2a:b5:4e:f6:0f:3d:0c:2b:0e:44:01:95:
cd:49:76:2d:a4:22:a6:8d:8e:93:ce:20:a5:c3:ec:
cd:7a:14:14:db:74:7c:5b:cf:e7:ed:1e:1f:5c:ac:
f0:34:54:10:a9:52:67:d9:29:36:a0:b9:6b:da:1a:
53:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:48:B3:A3:C2:50:B0:94:D2:BF:63:1B:E8:E8:E2:3F:5F:15:83:EC
X509v3 Authority Key Identifier:
keyid:D3:C3:5B:C9:B7:F8:55:0B:E3:E4:67:C5:4A:9D:3A:66:E2:44:3B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08Nbybf4VQvj5GfFSp06ZuJEO9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/q0izo8JQsJTSv2Mb6OjiP18Vg-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/8ba8bb-c1c0-4d35-90a7-cda5c3766f03/1/08Nbybf4VQvj5GfFSp06ZuJEO9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.12.0/23
45.159.15.0/24
91.246.55.0/24
185.9.0.0/22
IPv6:
2a03:4440::/32
Signature Algorithm: sha256WithRSAEncryption
7d:e5:4e:e2:da:bc:cf:23:69:16:50:6b:c6:64:13:3b:02:96:
b5:e7:31:2c:7c:8a:41:59:f9:ee:09:68:e1:d0:f3:8a:89:11:
14:f5:99:5b:25:cd:b6:fc:09:15:e6:ad:85:1b:5b:34:a7:79:
34:b4:c5:b4:33:18:53:26:b5:7e:8c:93:27:17:00:63:ee:9d:
7d:1f:04:a8:f4:60:e4:61:07:7f:a0:c1:29:6e:8d:63:a9:da:
8a:83:69:6e:61:8b:9d:2a:16:94:1b:b0:61:88:3c:c9:9b:4e:
15:2d:7b:5f:5a:54:8b:ad:8d:30:9c:75:95:90:02:f4:f0:95:
bc:d0:73:c3:99:6b:d6:bf:9f:b9:8c:03:87:e2:53:b6:c5:1f:
60:7e:ba:11:c3:d0:5c:55:09:da:11:c1:9a:48:38:46:12:31:
26:30:f1:6e:02:15:26:8f:9c:36:99:19:86:4e:6f:5f:75:c4:
de:7f:dd:a0:8f:33:83:bb:a3:05:65:de:94:85:1b:4a:4f:1a:
76:99:3d:e3:86:50:65:4a:8b:4e:a6:c9:6c:a7:1e:b8:fd:48:
07:1a:aa:12:55:f2:8d:c2:17:a3:17:cc:1a:a9:c7:43:72:da:
ee:93:e8:2b:4e:8b:83:7d:ec:26:f2:36:a7:22:60:c7:88:c0:
e1:8c:4d:b2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVupsPTL31E/4TX5IdUaxuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzM1YmM5YjdmODU1MGJlM2U0NjdjNTRhOWQzYTY2ZTI0
NDNiZDQwHhcNMjMwMTAxMTg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQ4YjNhM2MyNTBiMDk0ZDJiZjYzMWJlOGU4ZTIzZjVmMTU4M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPikjcoZ7nrFvis7Apn6sSFVaRh2
zUNxXQEXNN/GPopnVcPWQUbbtM2GTUDlSFMro8TnJ9B9TC7peorDEfd5hFcEqwYo
DUuFSupxH/GxOQTi8LnkpgrgZ4GijoheSl+NUqGri7TqlAdF3h66O6kJsteFtaAf
kTFGUu4VWokZni43151vR5CczHIJ3RM8wyAl173gZWxKRgpH8+XivLb6pxaMkAJ8
1Tg5ntYO/v9hYnuL94IDln3K7yD+QXul8E0K2ghAN/wqtU72Dz0MKw5EAZXNSXYt
pCKmjY6TziClw+zNehQU23R8W8/n7R4fXKzwNFQQqVJn2Sk2oLlr2hpT7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKtIs6PCULCU0r9jG+jo4j9fFYPsMB8GA1UdIwQY
MBaAFNPDW8m3+FUL4+RnxUqdOmbiRDvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTct
Y2RhNWMzNzY2ZjAzLzEvcTBpem84SlFzSlRTdjJNYjZPamlQMThWZy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84YmE4YmItYzFjMC00ZDM1LTkwYTctY2RhNWMzNzY2ZjAz
LzEvMDhOYnliZjRWUXZqNUdmRlNwMDZadUpFTzlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBLZ8MAwQA
LZ8PAwQAW/Y3AwQCuQkAMA0EAgACMAcDBQAqA0RAMA0GCSqGSIb3DQEBCwUAA4IB
AQB95U7i2rzPI2kWUGvGZBM7Apa15zEsfIpBWfnuCWjh0POKiREU9ZlbJc22/AkV
5q2FG1s0p3k0tMW0MxhTJrV+jJMnFwBj7p19HwSo9GDkYQd/oMEpbo1jqdqKg2lu
YYudKhaUG7BhiDzJm04VLXtfWlSLrY0wnHWVkAL08JW80HPDmWvWv5+5jAOH4lO2
xR9gfroRw9BcVQnaEcGaSDhGEjEmMPFuAhUmj5w2mRmGTm9fdcTef92gjzODu6MF
Zd6UhRtKTxp2mT3jhlBlSotOpslspx64/UgHGqoSVfKNwhejF8waqcdDctruk+gr
TouDfewm8janImDHiMDhjE2y
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:13 2024 by rpki-client on console-ams.rpki-client.org