Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/9Ryxtqed5bTykW5NxpeIgeLZSuE.roa
File: 9Ryxtqed5bTykW5NxpeIgeLZSuE.roa (raw, json)
Hash identifier: KlHLXLOpSf/SsUxq1fowLbqBx8ab/jxWul7iRQjeXLk=
Subject key identifier: F5:1C:B1:B6:A7:9D:E5:B4:F2:91:6E:4D:C6:97:88:81:E2:D9:4A:E1
Certificate issuer: /CN=c4729af13d3d156f411976b176e554fa671d76f7
Certificate serial: 018996ECC95FEF69E6EF61E182FBC6043626
Authority key identifier: C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/9Ryxtqed5bTykW5NxpeIgeLZSuE.roa
Signing time: Thu 27 Jul 2023 10:37:27 +0000
ROA not before: Thu 27 Jul 2023 10:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202629
IP address blocks: 45.153.29.0/24 maxlen: 24
45.153.28.0/24 maxlen: 24
45.153.28.0/22 maxlen: 24
45.153.31.0/24 maxlen: 24
45.153.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:ec:c9:5f:ef:69:e6:ef:61:e1:82:fb:c6:04:36:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4729af13d3d156f411976b176e554fa671d76f7
Validity
Not Before: Jul 27 10:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f51cb1b6a79de5b4f2916e4dc6978881e2d94ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d3:2d:bb:a9:12:a1:55:c4:5c:dc:fb:1c:d6:
2e:ca:64:d4:82:25:ca:2b:01:5f:25:be:1d:e9:d9:
39:9a:ba:d8:9d:70:38:ed:00:1a:c0:9a:c3:72:f0:
60:05:7c:4d:4c:65:2c:3f:14:44:47:79:5d:ca:07:
cb:1b:3b:f2:33:3c:d2:ed:a4:26:51:8e:f2:ef:4d:
37:0f:d7:6f:49:b3:29:14:08:e1:7d:7d:3f:3e:be:
d1:3e:e1:09:4b:e9:f4:99:00:31:2b:94:e2:8f:ee:
a9:5b:62:c5:10:48:ea:e8:23:b8:3c:af:1e:25:28:
e1:d3:ce:ea:a2:de:ee:69:54:29:31:5b:76:97:1d:
99:88:05:2d:05:97:0f:63:1f:9a:dc:46:da:ea:b3:
70:4d:fe:8d:78:97:d1:06:58:0b:8e:d8:5f:b4:b4:
29:64:6f:89:a1:32:fe:56:0c:90:ea:3f:ff:d2:95:
e1:11:a7:d0:d0:1e:72:ff:74:62:60:47:31:5f:47:
b8:60:54:9e:16:ba:fa:d6:63:5e:b4:e5:a0:42:61:
2b:9c:39:7b:2d:c5:96:2c:dc:89:ab:91:e1:98:52:
74:25:f7:83:3b:f5:4c:c6:f5:fd:23:58:32:ca:e8:
b5:fe:f9:de:61:5c:a2:f7:29:12:f4:d1:4b:b3:76:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1C:B1:B6:A7:9D:E5:B4:F2:91:6E:4D:C6:97:88:81:E2:D9:4A:E1
X509v3 Authority Key Identifier:
keyid:C4:72:9A:F1:3D:3D:15:6F:41:19:76:B1:76:E5:54:FA:67:1D:76:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xHKa8T09FW9BGXaxduVU-mcddvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/9Ryxtqed5bTykW5NxpeIgeLZSuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/95e060-fa2a-4057-9578-b0898fbb1cab/1/xHKa8T09FW9BGXaxduVU-mcddvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.28.0/22
Signature Algorithm: sha256WithRSAEncryption
81:cf:7c:13:58:c7:17:a4:3a:55:e5:62:1f:59:12:c4:94:ad:
26:37:ef:6a:05:f3:61:70:02:49:9c:c8:3c:95:31:72:d9:6d:
c2:49:3c:b1:f3:06:1c:7c:9c:66:0b:4d:4d:6a:7c:8e:f3:6f:
32:f7:ff:19:a8:f1:ce:6a:3c:0b:31:7d:ff:24:d5:be:7c:d3:
4b:7e:aa:f6:24:3d:a1:81:c2:1e:90:a7:f6:3d:a1:e9:6f:42:
cb:ff:bc:4d:cc:a5:b9:92:d1:ff:84:8e:d2:81:a9:3a:cc:a1:
73:62:b5:8d:78:3d:40:1e:9a:28:b2:bf:3a:ef:ae:cc:e8:45:
c2:83:01:29:5f:0e:f6:7c:71:80:e2:3b:c9:e5:1a:3e:50:c7:
e7:9f:eb:4c:65:e8:57:4b:a7:0e:fa:0d:64:ad:90:0e:b3:e5:
6e:68:90:d7:16:25:42:a5:1e:ee:ad:f6:02:5b:e7:40:2b:c0:
ba:30:11:35:f5:e8:39:05:24:7d:3e:2c:da:65:dd:f7:93:25:
c6:8a:88:aa:ab:43:c3:28:b6:51:de:e6:11:cf:de:26:c3:91:
9d:fa:e5:d8:b7:c4:0f:05:61:93:6e:5b:1c:c2:f2:08:43:43:
f6:43:18:7a:50:8f:18:d0:6c:63:3a:d7:95:2a:4e:2b:8f:6d:
d3:65:83:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmW7Mlf72nm72HhgvvGBDYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NzI5YWYxM2QzZDE1NmY0MTE5NzZiMTc2ZTU1NGZhNjcx
ZDc2ZjcwHhcNMjMwNzI3MTAzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFjYjFiNmE3OWRlNWI0ZjI5MTZlNGRjNjk3ODg4MWUyZDk0YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNMtu6kSoVXEXNz7HNYuymTUgiXK
KwFfJb4d6dk5mrrYnXA47QAawJrDcvBgBXxNTGUsPxRER3ldygfLGzvyMzzS7aQm
UY7y7003D9dvSbMpFAjhfX0/Pr7RPuEJS+n0mQAxK5Tij+6pW2LFEEjq6CO4PK8e
JSjh087qot7uaVQpMVt2lx2ZiAUtBZcPYx+a3Eba6rNwTf6NeJfRBlgLjthftLQp
ZG+JoTL+VgyQ6j//0pXhEafQ0B5y/3RiYEcxX0e4YFSeFrr61mNetOWgQmErnDl7
LcWWLNyJq5HhmFJ0JfeDO/VMxvX9I1gyyui1/vneYVyi9ykS9NFLs3ZoQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUcsbanneW08pFuTcaXiIHi2UrhMB8GA1UdIwQY
MBaAFMRymvE9PRVvQRl2sXblVPpnHXb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1Nzgt
YjA4OThmYmIxY2FiLzEvOVJ5eHRxZWQ1YlR5a1c1TnhwZUlnZUxaU3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NWUwNjAtZmEyYS00MDU3LTk1NzgtYjA4OThmYmIxY2Fi
LzEveEhLYThUMDlGVzlCR1hheGR1VlUtbWNkZHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCBz3wTWMcXpDpV5WIfWRLElK0mN+9qBfNhcAJJnMg8
lTFy2W3CSTyx8wYcfJxmC01NanyO828y9/8ZqPHOajwLMX3/JNW+fNNLfqr2JD2h
gcIekKf2PaHpb0LL/7xNzKW5ktH/hI7Sgak6zKFzYrWNeD1AHpoosr86767M6EXC
gwEpXw72fHGA4jvJ5Ro+UMfnn+tMZehXS6cO+g1krZAOs+VuaJDXFiVCpR7urfYC
W+dAK8C6MBE19eg5BSR9PizaZd33kyXGioiqq0PDKLZR3uYRz94mw5Gd+uXYt8QP
BWGTblscwvIIQ0P2Qxh6UI8Y0GxjOteVKk4rj23TZYNr
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:26 2024 by rpki-client on console-fra.rpki-client.org