Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/FapKcPdiOgl28kr4D3ANYfCrUjM.roa
File: FapKcPdiOgl28kr4D3ANYfCrUjM.roa (raw, json)
Hash identifier: tyFuWlpuN1FBdYJ2ReuzFDr2UPXVecTGHW7wMqbaB6Q=
Subject key identifier: 15:AA:4A:70:F7:62:3A:09:76:F2:4A:F8:0F:70:0D:61:F0:AB:52:33
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42CCF500D6579F2E1C356EA80CAEE8
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/FapKcPdiOgl28kr4D3ANYfCrUjM.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58299
IP address blocks: 45.11.251.0/24 maxlen: 24
45.11.249.0/24 maxlen: 24
45.11.250.0/24 maxlen: 24
45.11.248.0/24 maxlen: 24
2a0e:8f05::/32 maxlen: 48
2a0e:8f07::/32 maxlen: 48
2a0e:8f06::/32 maxlen: 48
2a0e:8f04::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cc:f5:00:d6:57:9f:2e:1c:35:6e:a8:0c:ae:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15aa4a70f7623a0976f24af80f700d61f0ab5233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:3f:a4:eb:ba:01:35:e7:c9:b8:15:e0:db:
bb:b6:f5:f0:be:5a:a0:98:bb:5e:68:27:07:17:2b:
f0:28:fa:a6:3b:1f:f5:9a:a4:3d:13:99:44:09:32:
5d:a9:ae:26:a8:1e:1e:5f:8a:ef:11:58:49:bb:0d:
cc:7a:4e:4a:dd:87:39:86:ad:8c:ec:e9:e9:d4:73:
17:ec:f1:82:06:38:c0:f6:05:fe:ae:9d:b2:a2:44:
b4:a6:86:4c:2d:86:03:fb:0c:92:33:b6:bc:28:61:
3e:8e:c7:c4:6f:46:e3:c7:26:9e:3a:0b:eb:e0:f7:
77:e8:4b:2a:e2:a3:aa:12:ed:80:ef:2f:ae:73:35:
ce:a2:2a:d4:3e:71:29:ff:28:b5:99:06:32:42:43:
a3:68:e0:77:e9:a4:13:93:52:ff:f3:16:c0:c8:4c:
b7:53:d7:bf:5c:9b:e7:7d:08:e0:c7:ef:23:68:ee:
cb:bd:40:43:65:bd:f9:26:a3:cf:20:a8:f3:cc:3b:
da:1a:5a:9d:7f:66:7f:fd:0a:18:3f:c5:06:e3:ef:
04:1d:63:1a:a2:ac:01:09:69:d3:f1:2f:5d:9a:17:
d1:a5:02:91:3b:42:13:8f:50:94:c9:b0:00:2c:38:
61:c5:e9:63:db:bf:d3:98:67:ef:51:a1:5b:3c:fb:
89:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:AA:4A:70:F7:62:3A:09:76:F2:4A:F8:0F:70:0D:61:F0:AB:52:33
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/FapKcPdiOgl28kr4D3ANYfCrUjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.248.0/22
IPv6:
2a0e:8f04::/30
Signature Algorithm: sha256WithRSAEncryption
76:de:18:dc:2b:90:d9:96:ae:8a:9c:86:b6:3b:8c:e9:69:bb:
ad:85:01:3a:7b:64:7c:1a:a3:4d:ea:df:b9:07:73:c6:70:45:
0d:fa:7f:22:04:d0:86:bf:fd:aa:0d:22:56:7e:ce:6c:da:69:
c7:14:dc:07:b1:0f:7e:8c:ec:ee:53:d5:b3:c3:ea:2d:2b:a9:
91:5f:a3:b7:b7:de:0e:6e:0c:09:47:7f:4f:34:3b:b6:0f:9f:
d0:85:c7:2e:8e:9b:60:82:a6:da:ee:27:86:c6:a0:58:58:35:
bf:68:81:5b:6a:66:c9:bd:a1:b8:12:21:0f:fb:b7:7e:9c:79:
f7:c2:13:6c:9d:bd:e2:6b:f7:ae:34:7d:c5:ab:c7:6e:ef:43:
fb:26:58:f9:f9:04:3b:51:27:3a:cb:d7:46:40:14:53:9d:67:
97:8b:13:53:8f:4d:ea:d7:27:f8:f3:aa:50:b6:ee:fe:76:01:
19:8d:a9:bf:5b:5f:57:47:c1:ca:29:d0:01:83:98:3c:57:c4:
be:a8:90:c2:df:74:82:d1:0f:49:92:34:7b:65:4b:a4:60:70:
28:ac:b7:0b:94:2e:99:92:54:6c:5a:22:23:eb:4b:63:b0:cc:
71:73:06:5b:58:6a:04:e4:b1:e7:79:d5:3f:2d:1a:8a:ff:f9:
11:54:b2:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQsz1ANZXny4cNW6oDK7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWFhNGE3MGY3NjIzYTA5NzZmMjRhZjgwZjcwMGQ2MWYwYWI1MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKE/pOu6ATXnybgV4Nu7tvXwvlqg
mLteaCcHFyvwKPqmOx/1mqQ9E5lECTJdqa4mqB4eX4rvEVhJuw3Mek5K3Yc5hq2M
7Onp1HMX7PGCBjjA9gX+rp2yokS0poZMLYYD+wySM7a8KGE+jsfEb0bjxyaeOgvr
4Pd36Esq4qOqEu2A7y+uczXOoirUPnEp/yi1mQYyQkOjaOB36aQTk1L/8xbAyEy3
U9e/XJvnfQjgx+8jaO7LvUBDZb35JqPPIKjzzDvaGlqdf2Z//QoYP8UG4+8EHWMa
oqwBCWnT8S9dmhfRpQKRO0ITj1CUybAALDhhxelj27/TmGfvUaFbPPuJnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBWqSnD3YjoJdvJK+A9wDWHwq1IzMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvRmFwS2NQZGlPZ2wyOGtyNEQzQU5ZZkNyVWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQv4MA0E
AgACMAcDBQIqDo8EMA0GCSqGSIb3DQEBCwUAA4IBAQB23hjcK5DZlq6KnIa2O4zp
abuthQE6e2R8GqNN6t+5B3PGcEUN+n8iBNCGv/2qDSJWfs5s2mnHFNwHsQ9+jOzu
U9Wzw+otK6mRX6O3t94ObgwJR39PNDu2D5/Qhccujptggqba7ieGxqBYWDW/aIFb
ambJvaG4EiEP+7d+nHn3whNsnb3ia/euNH3Fq8du70P7Jlj5+QQ7USc6y9dGQBRT
nWeXixNTj03q1yf486pQtu7+dgEZjam/W19XR8HKKdABg5g8V8S+qJDC33SC0Q9J
kjR7ZUukYHAorLcLlC6ZklRsWiIj60tjsMxxcwZbWGoE5LHnedU/LRqK//kRVLIT
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org