Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/6ohiMeeiyvQqSxsvvDqNxeLgehc.roa
File: 6ohiMeeiyvQqSxsvvDqNxeLgehc.roa (raw, json)
Hash identifier: p8HtxDRtAV9VW9/6AXIni8wrL12NcW6IzLxAN5a5cSU=
Subject key identifier: EA:88:62:31:E7:A2:CA:F4:2A:4B:1B:2F:BC:3A:8D:C5:E2:E0:7A:17
Certificate issuer: /CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Certificate serial: 0186E9A8024CD9F925C77E4BDE09AE7EFE4D
Authority key identifier: 51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/6ohiMeeiyvQqSxsvvDqNxeLgehc.roa
Signing time: Thu 16 Mar 2023 09:02:27 +0000
ROA not before: Thu 16 Mar 2023 09:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31529
IP address blocks: 45.142.220.0/24 maxlen: 24
45.142.221.0/24 maxlen: 24
45.142.223.0/24 maxlen: 24
45.142.222.0/24 maxlen: 24
2a0e:dbc0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e9:a8:02:4c:d9:f9:25:c7:7e:4b:de:09:ae:7e:fe:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5188dedacdc240b4b2f786f12342e0a83d8ae80f
Validity
Not Before: Mar 16 09:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea886231e7a2caf42a4b1b2fbc3a8dc5e2e07a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9b:d1:d6:02:03:53:fb:3b:13:73:e3:1a:97:
5a:e9:6c:7c:61:3c:23:d6:98:e1:9b:bc:ed:3a:53:
64:61:3c:af:41:8a:05:be:c7:50:0b:90:5e:34:08:
50:23:47:c9:68:f7:e5:74:b6:c0:bc:27:87:0d:70:
60:87:25:41:cc:ce:03:87:6b:44:fe:c4:bb:1a:2d:
9c:82:1a:40:04:34:45:c8:4e:79:b7:e4:07:9d:b3:
d1:69:38:fe:71:43:e5:02:4e:fd:df:9e:70:4d:51:
99:0f:aa:30:31:9e:3c:1f:db:a9:71:40:95:0a:cc:
0b:c5:2f:e6:0a:c3:d2:88:87:ed:f5:99:9e:73:6e:
49:ad:66:37:af:78:a0:aa:68:d2:8a:de:96:39:2a:
9f:29:f7:78:ae:47:2b:16:bb:e1:81:23:47:96:53:
75:19:0f:d7:99:02:c9:d5:02:52:7f:4a:a1:e6:6d:
c8:69:07:1b:48:a0:30:a2:b3:77:5b:45:af:a1:b3:
dc:a4:81:fe:54:72:f0:0c:6b:f3:d4:a5:78:76:35:
1d:6b:f8:a3:a6:7b:2a:d1:d2:7b:9c:1f:aa:b2:b7:
a0:c8:13:7d:6a:91:cc:9d:c7:37:23:1e:e5:d3:d4:
b8:b6:59:e0:1f:48:e9:07:44:59:5d:b9:67:3f:46:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:88:62:31:E7:A2:CA:F4:2A:4B:1B:2F:BC:3A:8D:C5:E2:E0:7A:17
X509v3 Authority Key Identifier:
keyid:51:88:DE:DA:CD:C2:40:B4:B2:F7:86:F1:23:42:E0:A8:3D:8A:E8:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UYje2s3CQLSy94bxI0LgqD2K6A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/6ohiMeeiyvQqSxsvvDqNxeLgehc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/1faa3e-884c-445f-845d-79b3db659dfc/1/UYje2s3CQLSy94bxI0LgqD2K6A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.220.0/22
IPv6:
2a0e:dbc0::/48
Signature Algorithm: sha256WithRSAEncryption
42:f6:48:52:9f:4d:c7:a5:b8:4b:9d:c7:cc:04:c5:ca:9b:eb:
4a:e6:3e:d3:54:8f:d7:dc:39:28:7d:97:d4:dd:29:20:a1:7d:
ec:dc:c9:43:64:66:0c:d7:0b:99:53:e9:77:e0:35:a9:c1:4c:
9d:23:b2:b7:3e:27:ba:8c:9d:7f:d5:e5:76:07:82:4f:de:89:
8b:33:05:5d:24:b8:c8:4f:79:7a:ad:24:9f:93:de:3c:63:14:
8e:f8:75:c2:66:18:14:ee:b8:74:e8:62:f7:02:58:0d:45:f3:
83:8b:f0:a2:e0:2b:61:0a:29:98:28:05:6f:9a:69:46:d9:8a:
2a:a5:db:56:6c:c7:f6:be:7b:82:57:1b:c6:ab:7a:50:23:4e:
c6:b8:7d:09:14:a5:3b:87:f1:92:a8:27:cf:ce:0a:ee:fb:82:
5e:f5:14:13:00:10:78:74:03:13:cc:28:8b:6f:97:d9:b4:2c:
51:ae:cd:7f:00:5c:dd:ba:2e:5c:83:1c:b5:82:05:77:92:b5:
d6:39:7b:20:10:49:f5:07:90:f3:a2:bb:81:d2:c5:4b:82:67:
bc:f7:d4:94:ba:49:e7:0c:12:f3:ae:6a:6d:ad:c0:1a:6c:3e:
2c:31:92:b6:fd:95:a2:ba:69:51:ff:42:20:6b:a4:4e:3a:1d:
a1:06:a3:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbpqAJM2fklx35L3gmufv5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxODhkZWRhY2RjMjQwYjRiMmY3ODZmMTIzNDJlMGE4M2Q4
YWU4MGYwHhcNMjMwMzE2MDkwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTg4NjIzMWU3YTJjYWY0MmE0YjFiMmZiYzNhOGRjNWUyZTA3YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipvR1gIDU/s7E3PjGpda6Wx8YTwj
1pjhm7ztOlNkYTyvQYoFvsdQC5BeNAhQI0fJaPfldLbAvCeHDXBghyVBzM4Dh2tE
/sS7Gi2cghpABDRFyE55t+QHnbPRaTj+cUPlAk79355wTVGZD6owMZ48H9upcUCV
CswLxS/mCsPSiIft9Zmec25JrWY3r3igqmjSit6WOSqfKfd4rkcrFrvhgSNHllN1
GQ/XmQLJ1QJSf0qh5m3IaQcbSKAworN3W0WvobPcpIH+VHLwDGvz1KV4djUda/ij
pnsq0dJ7nB+qsregyBN9apHMncc3Ix7l09S4tlngH0jpB0RZXblnP0bqcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOqIYjHnosr0KksbL7w6jcXi4HoXMB8GA1UdIwQY
MBaAFFGI3trNwkC0sveG8SNC4Kg9iugPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQt
NzliM2RiNjU5ZGZjLzEvNm9oaU1lZWl5dlFxU3hzdnZEcU54ZUxnZWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xZmFhM2UtODg0Yy00NDVmLTg0NWQtNzliM2RiNjU5ZGZj
LzEvVVlqZTJzM0NRTFN5OTRieEkwTGdxRDJLNkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLY7cMA8E
AgACMAkDBwAqDtvAAAAwDQYJKoZIhvcNAQELBQADggEBAEL2SFKfTceluEudx8wE
xcqb60rmPtNUj9fcOSh9l9TdKSChfezcyUNkZgzXC5lT6XfgNanBTJ0jsrc+J7qM
nX/V5XYHgk/eiYszBV0kuMhPeXqtJJ+T3jxjFI74dcJmGBTuuHToYvcCWA1F84OL
8KLgK2EKKZgoBW+aaUbZiiql21Zsx/a+e4JXG8arelAjTsa4fQkUpTuH8ZKoJ8/O
Cu77gl71FBMAEHh0AxPMKItvl9m0LFGuzX8AXN26LlyDHLWCBXeStdY5eyAQSfUH
kPOiu4HSxUuCZ7z31JS6SecMEvOuam2twBpsPiwxkrb9laK6aVH/QiBrpE46HaEG
owc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org