Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/KgIoG2qIkvnpL9kuEWXVc4NhIF8.roa
File: KgIoG2qIkvnpL9kuEWXVc4NhIF8.roa (raw, json)
Hash identifier: paYl6Z7xbiSu4TMj6r0EWdJU1QlV8FeFL+AQqPpA0uw=
Subject key identifier: 2A:02:28:1B:6A:88:92:F9:E9:2F:D9:2E:11:65:D5:73:83:61:20:5F
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 01856BC0F5FB5E1402A4D69D18AEFA16AEB9
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/KgIoG2qIkvnpL9kuEWXVc4NhIF8.roa
Signing time: Sun 01 Jan 2023 05:14:46 +0000
ROA not before: Sun 01 Jan 2023 05:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208226
IP address blocks: 45.140.164.0/24 maxlen: 24
45.140.165.0/24 maxlen: 24
2a0e:4007:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c0:f5:fb:5e:14:02:a4:d6:9d:18:ae:fa:16:ae:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 05:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a02281b6a8892f9e92fd92e1165d5738361205f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:35:d8:a8:fc:7f:74:1e:46:24:22:f7:5a:ff:
d8:0d:5c:34:0d:e7:17:7d:bd:92:8b:d7:3e:f5:29:
9f:ae:c3:5c:ce:35:ea:7d:d6:01:8b:75:34:06:0d:
1c:20:72:f6:72:50:37:bc:a9:08:e7:74:e9:03:d3:
2a:ca:4c:cb:d6:42:06:66:47:d7:27:b3:77:e1:d1:
5b:77:f5:17:35:ab:95:fa:50:02:0a:03:3a:80:88:
33:65:05:a3:95:3b:17:50:a9:9a:4e:6e:a2:2b:78:
f1:70:5d:5c:4d:86:18:ab:a0:f8:a7:4f:b6:4a:1a:
9d:da:d8:61:05:fb:ab:24:9b:7f:7f:76:67:92:13:
5e:34:19:33:70:03:56:dd:7b:c3:29:75:60:98:4e:
8e:95:a6:24:ba:d8:7b:26:91:c8:fa:cc:3e:11:b1:
f4:f4:05:5e:fa:9e:4c:1a:6d:c0:a2:bc:40:39:e5:
0b:42:64:19:62:a0:36:45:18:b2:43:b1:06:3c:d4:
cd:3d:21:a4:f2:84:ab:f6:c7:38:8e:9b:c6:c7:f1:
e5:10:a0:a4:67:fe:2a:2a:00:ed:d1:23:f1:dc:4f:
c0:e4:40:68:ea:c0:54:fa:9c:e8:1d:dd:ed:64:17:
22:ab:d4:a8:21:73:7c:dd:26:ae:33:b0:a4:6e:3e:
52:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:02:28:1B:6A:88:92:F9:E9:2F:D9:2E:11:65:D5:73:83:61:20:5F
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/KgIoG2qIkvnpL9kuEWXVc4NhIF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.164.0/23
IPv6:
2a0e:4007:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
25:29:04:39:36:5c:3f:83:ad:4d:89:51:96:f4:52:70:73:a4:
2f:e5:87:80:54:75:fb:01:d5:a3:13:4d:3a:26:30:0f:54:61:
75:ce:13:52:c5:83:bd:c2:df:59:42:45:2e:f3:b4:aa:19:c0:
52:70:0d:e6:dd:e8:ed:ec:4e:db:5f:12:19:7f:02:5d:a9:00:
1b:f5:80:1b:0c:b7:5d:82:8b:c6:b8:ee:34:cd:56:88:9a:0a:
d6:35:e9:d9:7e:ce:8a:a5:64:b3:2e:6c:c0:b1:8c:5a:9c:99:
fb:16:18:1f:96:f1:01:59:c4:db:12:4e:ca:b0:8f:81:3a:01:
6d:b3:bb:f1:b5:59:5e:da:24:1e:c5:bb:d0:58:63:3d:ab:a0:
c2:fd:cb:2e:57:32:92:64:65:62:65:fd:a7:56:c4:0d:8e:d2:
39:04:23:ec:68:db:62:32:6d:ce:b4:e1:f4:b7:c4:5d:51:d8:
d8:73:2f:53:fe:00:77:29:20:9b:64:e5:0a:4d:41:fa:fc:24:
09:f6:61:90:8b:01:5c:09:30:1c:30:09:00:83:dc:13:81:43:
3a:43:04:32:43:30:45:fc:37:2c:d2:22:02:a5:8c:55:7f:10:
5d:e6:35:e0:8b:96:ab:3f:79:10:85:24:3b:f5:33:26:83:3a:
0d:79:4b:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrwPX7XhQCpNadGK76Fq65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTAxMDUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTAyMjgxYjZhODg5MmY5ZTkyZmQ5MmUxMTY1ZDU3MzgzNjEyMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizXYqPx/dB5GJCL3Wv/YDVw0DecX
fb2Si9c+9SmfrsNczjXqfdYBi3U0Bg0cIHL2clA3vKkI53TpA9MqykzL1kIGZkfX
J7N34dFbd/UXNauV+lACCgM6gIgzZQWjlTsXUKmaTm6iK3jxcF1cTYYYq6D4p0+2
Shqd2thhBfurJJt/f3ZnkhNeNBkzcANW3XvDKXVgmE6OlaYkuth7JpHI+sw+EbH0
9AVe+p5MGm3AorxAOeULQmQZYqA2RRiyQ7EGPNTNPSGk8oSr9sc4jpvGx/HlEKCk
Z/4qKgDt0SPx3E/A5EBo6sBU+pzoHd3tZBciq9SoIXN83SauM7Ckbj5STQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoCKBtqiJL56S/ZLhFl1XODYSBfMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvS2dJb0cycUlrdm5wTDlrdUVXWFZjNE5oSUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLYykMA8E
AgACMAkDBwAqDkAH//4wDQYJKoZIhvcNAQELBQADggEBACUpBDk2XD+DrU2JUZb0
UnBzpC/lh4BUdfsB1aMTTTomMA9UYXXOE1LFg73C31lCRS7ztKoZwFJwDebd6O3s
TttfEhl/Al2pABv1gBsMt12Ci8a47jTNVoiaCtY16dl+zoqlZLMubMCxjFqcmfsW
GB+W8QFZxNsSTsqwj4E6AW2zu/G1WV7aJB7Fu9BYYz2roML9yy5XMpJkZWJl/adW
xA2O0jkEI+xo22Iybc604fS3xF1R2NhzL1P+AHcpIJtk5QpNQfr8JAn2YZCLAVwJ
MBwwCQCD3BOBQzpDBDJDMEX8NyzSIgKljFV/EF3mNeCLlqs/eRCFJDv1MyaDOg15
S0Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:23 2023 by rpki-client on console-fra.rpki-client.org