Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-Aq21D-TZATwiWYj7aoczEUZEmk.roa
File: 1-Aq21D-TZATwiWYj7aoczEUZEmk.roa (raw, json)
Hash identifier: d0u9uhA8SR/kwvXX331wX+OiSr9QayuF//NnXb3m8GE=
Subject key identifier: F8:0A:B6:D4:3F:93:64:04:F0:89:66:23:ED:AA:1C:CC:45:19:12:69
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018C3A3312D23D5EB27F532217EC597259DD
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-Aq21D-TZATwiWYj7aoczEUZEmk.roa
Signing time: Tue 05 Dec 2023 13:37:54 +0000
ROA not before: Tue 05 Dec 2023 13:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41745
IP address blocks: 45.89.63.0/24 maxlen: 32
45.144.232.0/24 maxlen: 32
45.144.233.0/24 maxlen: 32
45.144.235.0/24 maxlen: 32
45.144.234.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:33:12:d2:3d:5e:b2:7f:53:22:17:ec:59:72:59:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Dec 5 13:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f80ab6d43f936404f0896623edaa1ccc45191269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d6:5b:29:85:91:59:45:3c:25:e2:f4:64:b2:
57:a1:af:ff:1c:55:61:6c:7e:58:8f:8c:cb:3d:c0:
e7:88:33:3b:bb:21:71:5b:0f:9d:53:93:04:00:11:
ce:7f:ea:73:b7:47:80:fd:da:77:6c:28:93:57:da:
9e:44:5c:3d:38:ce:de:3b:35:de:67:d0:9c:f7:99:
8c:35:5e:e1:15:ac:d5:c9:4e:6e:13:08:a2:94:7b:
00:2b:89:3b:ad:50:61:b6:1f:9e:91:e3:fc:0a:1f:
80:73:85:a7:e6:8d:9f:87:f1:c0:5f:82:9d:1e:55:
5a:22:c8:7f:03:a9:a8:f1:42:3a:d1:26:2b:c4:ee:
df:ad:51:d0:69:fd:59:48:43:1d:76:95:d2:6b:27:
dc:bd:a4:62:12:85:cc:03:a8:db:e5:26:7f:2b:fe:
10:e8:f1:10:73:ed:91:10:61:6d:dd:7c:36:f6:39:
d0:0f:31:2c:de:22:1c:61:5d:0b:58:80:c9:f8:68:
78:ac:87:51:44:40:ed:bb:02:cb:5a:75:19:b7:64:
aa:40:fb:f6:6a:71:77:28:9b:7f:97:e7:df:26:dc:
ff:e6:6a:4b:c3:f9:f0:ce:51:8d:e5:81:b0:ca:f4:
ea:55:75:b6:07:40:50:13:5b:d2:9f:a9:dd:81:cf:
75:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0A:B6:D4:3F:93:64:04:F0:89:66:23:ED:AA:1C:CC:45:19:12:69
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/1-Aq21D-TZATwiWYj7aoczEUZEmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.63.0/24
45.144.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:ab:6f:87:3b:3d:12:94:c3:c5:f5:fe:4f:9a:e0:b1:a3:05:
df:db:a5:fc:89:b2:ab:de:79:9f:38:92:db:a8:1e:f7:58:61:
9e:0f:97:62:be:05:4a:c9:29:cf:e5:4d:67:62:35:51:27:02:
d6:11:1b:96:b8:40:ad:7a:1c:d4:b1:77:78:4f:bb:a5:f1:f4:
2c:ff:4a:39:60:71:08:b8:25:fd:d6:23:13:82:92:15:d3:22:
48:8f:8d:f9:16:a8:1d:0c:3a:f4:34:3a:c6:6b:0d:c3:f5:6e:
2d:f3:73:9f:e2:c9:8f:08:66:bc:6b:1e:bd:de:0c:25:0c:44:
5e:62:d1:98:24:32:7c:25:23:d6:30:fe:e1:11:5f:a7:bf:cd:
ca:99:15:41:fb:06:88:79:0b:d1:39:56:51:4a:c3:a7:59:1e:
48:77:dc:09:27:a7:07:16:0b:bd:77:26:74:e9:c1:78:fa:d6:
69:d0:06:73:d9:45:9e:5a:f3:23:05:1d:28:a9:6d:91:c3:c1:
6a:e0:97:4e:6d:cc:5a:e9:36:72:56:62:d8:08:78:78:5b:f8:
37:2c:6d:95:a9:57:6d:42:b0:01:2a:74:7e:39:6c:28:27:69:
6a:75:34:ee:9d:43:3f:8c:8a:cf:a3:03:89:7f:b3:77:ec:c9:
f8:b4:64:17
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYw6MxLSPV6yf1MiF+xZclndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMxMjA1MTMzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBhYjZkNDNmOTM2NDA0ZjA4OTY2MjNlZGFhMWNjYzQ1MTkxMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdZbKYWRWUU8JeL0ZLJXoa//HFVh
bH5Yj4zLPcDniDM7uyFxWw+dU5MEABHOf+pzt0eA/dp3bCiTV9qeRFw9OM7eOzXe
Z9Cc95mMNV7hFazVyU5uEwiilHsAK4k7rVBhth+ekeP8Ch+Ac4Wn5o2fh/HAX4Kd
HlVaIsh/A6mo8UI60SYrxO7frVHQaf1ZSEMddpXSayfcvaRiEoXMA6jb5SZ/K/4Q
6PEQc+2REGFt3Xw29jnQDzEs3iIcYV0LWIDJ+Gh4rIdRREDtuwLLWnUZt2SqQPv2
anF3KJt/l+ffJtz/5mpLw/nwzlGN5YGwyvTqVXW2B0BQE1vSn6ndgc91XQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPgKttQ/k2QE8IlmI+2qHMxFGRJpMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvMS1BcTIxRC1UWkFUd2lXWWo3YW9jekVVWkVtay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvMzBkYzg1LTJkZDgtNGIxYy1iMTUxLTRiZDYzYWRjNzM1
NC8xL3Y0UVJOVVhaQUFkZzltQmlwQ0laTTZMcFdkZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC1ZPwME
Ai2Q6DANBgkqhkiG9w0BAQsFAAOCAQEAaqtvhzs9EpTDxfX+T5rgsaMF39ul/Imy
q955nziS26ge91hhng+XYr4FSskpz+VNZ2I1UScC1hEblrhArXoc1LF3eE+7pfH0
LP9KOWBxCLgl/dYjE4KSFdMiSI+N+RaoHQw69DQ6xmsNw/VuLfNzn+LJjwhmvGse
vd4MJQxEXmLRmCQyfCUj1jD+4RFfp7/NypkVQfsGiHkL0TlWUUrDp1keSHfcCSen
BxYLvXcmdOnBePrWadAGc9lFnlrzIwUdKKltkcPBauCXTm3MWuk2clZi2Ah4eFv4
NyxtlalXbUKwASp0fjlsKCdpanU07p1DP4yKz6MDiX+zd+zJ+LRkFw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:36 2024 by rpki-client on console-fra.rpki-client.org