Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/oAX6rKNzf-FIoeKtE5rx1YM9yfI.roa
File: oAX6rKNzf-FIoeKtE5rx1YM9yfI.roa (raw, json)
Hash identifier: oPex6TQG1y1zqinw7n2VOo5FxbSqANG+zDZP1mCbb6Y=
Subject key identifier: A0:05:FA:AC:A3:73:7F:E1:48:A1:E2:AD:13:9A:F1:D5:83:3D:C9:F2
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 01856BC0EF293968A335DBAE487856FC44CF
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/oAX6rKNzf-FIoeKtE5rx1YM9yfI.roa
Signing time: Sun 01 Jan 2023 05:14:44 +0000
ROA not before: Sun 01 Jan 2023 05:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48430
IP address blocks: 45.155.52.0/22 maxlen: 24
45.91.52.0/22 maxlen: 22
45.89.60.0/22 maxlen: 22
45.140.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c0:ef:29:39:68:a3:35:db:ae:48:78:56:fc:44:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 05:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a005faaca3737fe148a1e2ad139af1d5833dc9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:54:8e:cc:02:80:d9:76:9a:d3:bb:e9:99:83:
34:96:d9:6f:17:e7:02:8b:fe:c7:41:e3:63:fb:fa:
7c:ea:d4:b4:3a:21:9a:8d:a4:e1:a6:ac:e6:18:3e:
66:f2:ac:a5:2f:a0:ae:dc:62:00:5a:c6:68:5c:b9:
2e:e2:12:6f:59:9d:bd:47:16:c1:ba:de:ba:29:7d:
ef:8b:51:84:e0:2c:c3:47:6c:52:51:5d:dd:9b:08:
eb:3b:ae:f5:87:b5:33:64:c5:b7:f8:c1:0e:0c:af:
82:68:81:ea:55:65:8c:c5:3a:60:89:aa:73:6f:25:
40:a9:08:84:33:75:7c:ae:60:a6:3f:21:c6:af:2d:
de:c2:a9:95:9b:df:aa:23:3d:13:ed:d0:ae:61:47:
12:4c:c1:24:75:ca:92:f0:9a:3d:fd:ce:49:3c:f7:
79:ed:ee:4d:9d:61:da:be:c4:9b:89:60:59:2b:ca:
18:ad:10:a0:43:4e:a7:61:fd:08:0c:28:4b:ff:7f:
e1:1a:2d:45:50:95:8c:a5:8b:ef:3b:93:c1:f1:1c:
5f:93:d1:b1:26:33:b7:ab:97:b0:2c:93:59:40:ea:
8c:cb:01:f4:a0:c3:e7:d2:18:bb:ae:92:d9:8f:74:
62:37:4d:d9:05:47:63:45:10:6f:67:2b:76:a8:68:
09:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:05:FA:AC:A3:73:7F:E1:48:A1:E2:AD:13:9A:F1:D5:83:3D:C9:F2
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/oAX6rKNzf-FIoeKtE5rx1YM9yfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.60.0/22
45.91.52.0/22
45.140.166.0/24
45.155.52.0/22
Signature Algorithm: sha256WithRSAEncryption
54:6d:d2:0c:c8:04:90:35:ce:78:38:b4:92:f4:f5:c3:40:20:
d0:93:dc:19:4a:67:ec:5e:17:f0:d1:f3:64:8a:6e:95:be:ad:
7b:58:c2:35:87:03:2e:41:f1:13:3b:a0:77:82:d7:1f:1b:2f:
ec:5c:80:82:7f:4f:4b:45:87:d4:3b:3a:cd:ee:7a:dc:19:81:
f0:e5:7f:b3:be:cf:e5:13:39:55:fd:4e:45:ac:44:57:27:3e:
2a:a8:e4:c9:35:ce:de:fc:48:55:65:73:c7:8f:f1:b9:67:55:
0b:c5:67:0f:0a:0d:15:0b:bc:7b:d0:75:09:86:e8:7c:42:21:
74:1a:14:fb:49:b1:0b:9e:1e:0e:ec:1c:99:ae:18:f0:be:7f:
19:96:a9:c5:9d:28:c6:39:cf:3e:b2:19:5b:33:4a:e8:81:7a:
50:5a:ca:2a:f3:df:f3:86:14:52:08:a5:ab:13:61:bd:9c:56:
57:c7:57:dc:48:7f:e3:31:d8:28:48:ba:66:44:e2:a6:b4:5d:
f4:70:21:4d:d5:07:23:3e:5a:66:86:68:02:f8:a4:f6:58:39:
27:84:95:87:2c:d0:8d:92:ef:7f:f2:75:a5:89:d1:d7:d1:e4:
af:4f:9f:66:e4:45:95:eb:6e:b0:aa:c9:9c:6d:61:ba:20:ce:
76:07:c8:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVrwO8pOWijNduuSHhW/ETPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMTAxMDUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA1ZmFhY2EzNzM3ZmUxNDhhMWUyYWQxMzlhZjFkNTgzM2RjOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1SOzAKA2Xaa07vpmYM0ltlvF+cC
i/7HQeNj+/p86tS0OiGajaThpqzmGD5m8qylL6Cu3GIAWsZoXLku4hJvWZ29RxbB
ut66KX3vi1GE4CzDR2xSUV3dmwjrO671h7UzZMW3+MEODK+CaIHqVWWMxTpgiapz
byVAqQiEM3V8rmCmPyHGry3ewqmVm9+qIz0T7dCuYUcSTMEkdcqS8Jo9/c5JPPd5
7e5NnWHavsSbiWBZK8oYrRCgQ06nYf0IDChL/3/hGi1FUJWMpYvvO5PB8Rxfk9Gx
JjO3q5ewLJNZQOqMywH0oMPn0hi7rpLZj3RiN03ZBUdjRRBvZyt2qGgJvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKAF+qyjc3/hSKHirROa8dWDPcnyMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvb0FYNnJLTnpmLUZJb2VLdEU1cngxWU05eWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVk8AwQC
LVs0AwQALYymAwQCLZs0MA0GCSqGSIb3DQEBCwUAA4IBAQBUbdIMyASQNc54OLSS
9PXDQCDQk9wZSmfsXhfw0fNkim6Vvq17WMI1hwMuQfETO6B3gtcfGy/sXICCf09L
RYfUOzrN7nrcGYHw5X+zvs/lEzlV/U5FrERXJz4qqOTJNc7e/EhVZXPHj/G5Z1UL
xWcPCg0VC7x70HUJhuh8QiF0GhT7SbELnh4O7ByZrhjwvn8ZlqnFnSjGOc8+shlb
M0rogXpQWsoq89/zhhRSCKWrE2G9nFZXx1fcSH/jMdgoSLpmROKmtF30cCFN1Qcj
PlpmhmgC+KT2WDknhJWHLNCNku9/8nWlidHX0eSvT59m5EWV626wqsmcbWG6IM52
B8gA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:11 2023 by rpki-client on console-ams.rpki-client.org