Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/J13zfAmpaiah5LHfYQOLATLLRfQ.roa
File: J13zfAmpaiah5LHfYQOLATLLRfQ.roa (raw, json)
Hash identifier: atXhhZjjzK+ep8amWPlcicYq5Vkvv89gHdNVOoG3g64=
Subject key identifier: 27:5D:F3:7C:09:A9:6A:26:A1:E4:B1:DF:61:03:8B:01:32:CB:45:F4
Certificate issuer: /CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Certificate serial: 0186A0063E53A97B7F88D256AB8D831C6D7F
Authority key identifier: 72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/J13zfAmpaiah5LHfYQOLATLLRfQ.roa
Signing time: Thu 02 Mar 2023 01:53:29 +0000
ROA not before: Thu 02 Mar 2023 01:53:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15695
IP address blocks: 45.93.87.0/24 maxlen: 24
185.62.116.0/24 maxlen: 24
2a00:cb8:353::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a0:06:3e:53:a9:7b:7f:88:d2:56:ab:8d:83:1c:6d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e81fb5cf0fb32c4575f8413acbd41aa84b82f4
Validity
Not Before: Mar 2 01:53:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=275df37c09a96a26a1e4b1df61038b0132cb45f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:82:e1:60:26:8f:a5:d3:91:4e:1c:11:b2:93:
6a:18:4c:97:57:e7:d2:66:c0:31:7e:90:d2:9c:01:
61:9b:72:0b:f1:c4:da:e2:77:55:45:4f:20:2f:0f:
17:a0:84:da:29:af:34:02:1c:f8:75:1d:6f:84:b9:
59:71:ca:2a:52:a2:cf:d6:a4:25:68:51:19:69:a6:
de:c4:2b:66:cf:a2:59:a5:66:8d:df:40:62:ed:e4:
e3:d2:d1:8c:2b:ab:9b:d4:68:c5:c3:7d:56:6c:04:
09:62:37:eb:af:f8:36:26:98:18:2a:0a:90:4f:4a:
24:de:9b:c5:a6:95:e4:dd:64:08:97:69:04:8e:f5:
96:04:7f:a5:86:43:1a:a7:4e:dc:4b:b4:79:8d:9e:
a7:85:02:0a:5b:e6:19:e9:e9:69:1a:7b:c3:90:dd:
c2:b5:19:6e:3c:b3:65:5e:48:2f:85:2c:71:7f:78:
ad:2a:20:34:78:80:f3:a2:6e:94:2e:37:46:8a:46:
7e:b7:b5:f2:b2:b6:29:41:1a:9a:73:ab:5e:0d:3d:
42:98:5a:a7:ba:4d:02:35:09:2e:f6:0a:8e:db:e9:
77:93:0f:33:67:9a:25:64:85:f5:2f:e2:f1:4f:9e:
6f:5a:20:df:28:fe:95:cb:6d:9d:ed:0e:b7:c1:b6:
87:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5D:F3:7C:09:A9:6A:26:A1:E4:B1:DF:61:03:8B:01:32:CB:45:F4
X509v3 Authority Key Identifier:
keyid:72:E8:1F:B5:CF:0F:B3:2C:45:75:F8:41:3A:CB:D4:1A:A8:4B:82:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cugftc8PsyxFdfhBOsvUGqhLgvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/J13zfAmpaiah5LHfYQOLATLLRfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f068a7-5f8c-4f32-ab94-cda6e19ffb88/1/cugftc8PsyxFdfhBOsvUGqhLgvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.87.0/24
185.62.116.0/24
IPv6:
2a00:cb8:353::/48
Signature Algorithm: sha256WithRSAEncryption
a1:1e:ad:45:ff:dc:37:33:a4:fd:6d:e3:2e:9f:5e:fa:a4:02:
36:ba:5c:11:1b:a6:c2:ae:58:c9:67:1e:2f:26:00:98:97:ab:
ab:7e:00:4f:c3:ec:e5:88:48:ec:b6:04:c8:88:aa:0f:99:dd:
be:b6:f8:16:0f:2e:ce:68:e8:8f:79:96:75:5e:5a:f8:14:43:
88:19:ca:19:57:48:cf:f5:6b:4c:6f:7e:43:cd:3d:1f:a6:bb:
59:0d:95:ce:5d:85:ce:98:e4:b9:8e:5e:48:b2:7f:f2:7f:15:
6f:e5:04:59:83:cb:c0:39:fe:96:48:63:00:c5:33:03:c8:c8:
5c:ce:f6:d2:2b:d7:6d:f1:3f:76:21:9d:95:3a:0c:b9:e7:c2:
8f:2e:e2:28:0a:26:2b:21:c9:0a:25:f3:3d:d3:2a:d8:6c:cf:
b3:f0:88:d6:a6:86:d1:4f:58:82:fe:fc:72:af:ed:c4:41:73:
18:88:38:62:1a:4a:86:82:a4:8f:66:d7:05:0d:09:2d:2f:cb:
35:c2:d3:3c:3f:24:19:09:3f:9c:51:ab:dd:1b:f2:d3:ae:75:
1d:1e:40:23:34:cf:4c:c7:d6:01:5b:f9:4c:eb:c6:f4:18:bc:
45:e8:03:13:a1:a0:35:e4:a4:24:88:32:47:fd:a5:e0:09:f9:
c0:c4:0f:36
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYagBj5TqXt/iNJWq42DHG1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTgxZmI1Y2YwZmIzMmM0NTc1Zjg0MTNhY2JkNDFhYTg0
YjgyZjQwHhcNMjMwMzAyMDE1MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVkZjM3YzA5YTk2YTI2YTFlNGIxZGY2MTAzOGIwMTMyY2I0NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjILhYCaPpdORThwRspNqGEyXV+fS
ZsAxfpDSnAFhm3IL8cTa4ndVRU8gLw8XoITaKa80Ahz4dR1vhLlZccoqUqLP1qQl
aFEZaabexCtmz6JZpWaN30Bi7eTj0tGMK6ub1GjFw31WbAQJYjfrr/g2JpgYKgqQ
T0ok3pvFppXk3WQIl2kEjvWWBH+lhkMap07cS7R5jZ6nhQIKW+YZ6elpGnvDkN3C
tRluPLNlXkgvhSxxf3itKiA0eIDzom6ULjdGikZ+t7XysrYpQRqac6teDT1CmFqn
uk0CNQku9gqO2+l3kw8zZ5olZIX1L+LxT55vWiDfKP6Vy22d7Q63wbaHLQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCdd83wJqWomoeSx32EDiwEyy0X0MB8GA1UdIwQY
MBaAFHLoH7XPD7MsRXX4QTrL1BqoS4L0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQt
Y2RhNmUxOWZmYjg4LzEvSjEzemZBbXBhaWFoNUxIZllRT0xBVExMUmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDY4YTctNWY4Yy00ZjMyLWFiOTQtY2RhNmUxOWZmYjg4
LzEvY3VnZnRjOFBzeXhGZGZoQk9zdlVHcWhMZ3ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALV1XAwQA
uT50MA8EAgACMAkDBwAqAAy4A1MwDQYJKoZIhvcNAQELBQADggEBAKEerUX/3Dcz
pP1t4y6fXvqkAja6XBEbpsKuWMlnHi8mAJiXq6t+AE/D7OWISOy2BMiIqg+Z3b62
+BYPLs5o6I95lnVeWvgUQ4gZyhlXSM/1a0xvfkPNPR+mu1kNlc5dhc6Y5LmOXkiy
f/J/FW/lBFmDy8A5/pZIYwDFMwPIyFzO9tIr123xP3YhnZU6DLnnwo8u4igKJish
yQol8z3TKthsz7PwiNamhtFPWIL+/HKv7cRBcxiIOGIaSoaCpI9m1wUNCS0vyzXC
0zw/JBkJP5xRq90b8tOudR0eQCM0z0zH1gFb+UzrxvQYvEXoAxOhoDXkpCSIMkf9
peAJ+cDEDzY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:12 2023 by rpki-client on console-fra.rpki-client.org