Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa
File: 8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa (raw, json)
Hash identifier: BHYscXOjvhtJ5HrU5eJvNpai0st0OYHAr6yKUcHEhMM=
Subject key identifier: F2:47:0A:CB:8A:05:E5:EF:14:6F:AA:C1:F7:12:B6:14:A3:AF:16:9F
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E3A69AF101E6CD14E493B91C7A07A
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa
Signing time: Mon 02 Jan 2023 06:14:44 +0000
ROA not before: Mon 02 Jan 2023 06:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b641:540::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b641:30::/44 maxlen: 48
2a0c:b640::/32 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:3a:69:af:10:1e:6c:d1:4e:49:3b:91:c7:a0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2470acb8a05e5ef146faac1f712b614a3af169f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:21:d7:48:40:b3:ba:f5:01:35:2b:18:e3:
c5:30:6b:33:9c:75:1d:b2:39:03:2c:82:8a:2d:68:
17:1a:6b:05:72:0b:d4:36:a0:19:63:96:56:48:79:
2c:99:c1:3d:b6:57:9d:0b:10:db:24:d6:7e:31:b6:
32:cf:6f:2d:9e:72:93:11:25:42:f6:15:6a:2f:e4:
da:d3:59:24:ab:8a:63:fb:35:9b:3b:17:af:95:60:
8e:bb:78:5b:2b:9d:17:36:7a:11:4f:c7:ba:96:ad:
77:8e:d4:cf:17:bb:06:1f:d0:55:d4:4d:0f:a5:b7:
66:76:92:2c:31:c1:5e:c9:51:d8:6f:28:a1:26:da:
39:5f:fe:86:06:d3:12:74:ca:0b:93:a6:a6:59:1a:
f5:06:80:3f:2e:e2:99:71:e4:ac:d2:59:cd:e4:b9:
bd:b2:aa:69:6c:bd:78:19:97:50:f6:af:1f:91:06:
af:6d:67:2b:ca:d1:42:41:1e:47:70:1c:b8:24:2a:
4d:92:3d:70:79:56:c0:41:4f:e4:6c:a2:ef:24:d1:
92:03:47:e4:a4:cd:09:3d:cb:c6:ab:af:06:4b:cb:
38:ae:81:24:c1:24:5a:9e:33:ff:ab:a0:c5:d3:78:
80:43:e0:88:8d:ba:2d:e3:38:45:b0:87:67:ae:f8:
83:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:47:0A:CB:8A:05:E5:EF:14:6F:AA:C1:F7:12:B6:14:A3:AF:16:9F
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/8kcKy4oF5e8Ub6rB9xK2FKOvFp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:30::/44
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
80:4c:f3:fa:b7:a7:5a:48:63:f9:50:35:fc:12:d9:e2:61:78:
a9:8a:94:4b:dc:dd:f9:c8:41:4e:6c:43:42:9f:99:1a:9b:70:
07:04:8c:0e:1c:25:a2:10:34:2f:d2:8c:cb:be:e9:21:03:84:
ca:f6:fd:b6:3f:d3:05:c6:2a:9a:ac:53:05:ea:13:32:74:5d:
8e:36:2a:93:29:81:95:5b:2c:c4:24:31:34:83:f7:09:91:a2:
5a:5c:ed:09:1f:c9:56:32:b1:92:26:4b:1a:d0:9d:b4:3e:91:
00:4f:3c:7d:d9:ea:c1:5f:70:1e:cf:63:68:76:8b:80:f8:d8:
01:9c:6f:03:1a:84:b6:e2:32:9f:73:58:4f:a2:22:9a:78:d3:
13:7c:66:36:77:e0:7f:57:cc:25:7d:82:be:e3:73:c7:a0:eb:
e2:2c:07:0e:a3:32:f5:86:be:04:9e:f3:ba:0d:82:1b:18:7a:
8f:72:da:e2:51:1b:fe:5a:0c:d1:91:5a:3e:ce:70:b9:40:1c:
2a:a7:53:11:3b:ea:20:df:f4:50:95:22:59:5b:45:09:e4:f7:
5e:93:6a:44:f9:42:14:d6:4a:53:17:2f:5f:8a:11:29:00:11:
40:1e:41:4b:b7:38:46:30:73:04:0a:1b:d7:48:40:0f:3d:f3:
da:e8:70:80
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVxHjpprxAebNFOSTuRx6B6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ3MGFjYjhhMDVlNWVmMTQ2ZmFhYzFmNzEyYjYxNGEzYWYxNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsagh10hAs7r1ATUrGOPFMGsznHUd
sjkDLIKKLWgXGmsFcgvUNqAZY5ZWSHksmcE9tledCxDbJNZ+MbYyz28tnnKTESVC
9hVqL+Ta01kkq4pj+zWbOxevlWCOu3hbK50XNnoRT8e6lq13jtTPF7sGH9BV1E0P
pbdmdpIsMcFeyVHYbyihJto5X/6GBtMSdMoLk6amWRr1BoA/LuKZceSs0lnN5Lm9
sqppbL14GZdQ9q8fkQavbWcrytFCQR5HcBy4JCpNkj1weVbAQU/kbKLvJNGSA0fk
pM0JPcvGq68GS8s4roEkwSRanjP/q6DF03iAQ+CIjbot4zhFsIdnrviDeQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPJHCsuKBeXvFG+qwfcSthSjrxafMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvOGtjS3k0b0Y1ZThVYjZyQjl4SzJGS092RnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDASBAIAATAMAwQALZphAwQB
whxiMDoEAgACMDQwEAMFBioMtkADBwQqDLZBAAADBwQqDLZBADADBwQqDLZBBUAD
BwAqDLZBBw8DBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQCATPP6t6daSGP5UDX8
EtniYXipipRL3N35yEFObENCn5kam3AHBIwOHCWiEDQv0ozLvukhA4TK9v22P9MF
xiqarFMF6hMydF2ONiqTKYGVWyzEJDE0g/cJkaJaXO0JH8lWMrGSJksa0J20PpEA
Tzx92erBX3Aez2NodouA+NgBnG8DGoS24jKfc1hPoiKaeNMTfGY2d+B/V8wlfYK+
43PHoOviLAcOozL1hr4EnvO6DYIbGHqPctriURv+WgzRkVo+znC5QBwqp1MRO+og
3/RQlSJZW0UJ5Pdek2pE+UIU1kpTFy9fihEpABFAHkFLtzhGMHMEChvXSEAPPfPa
6HCA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:37 2023 by rpki-client on console-fra.rpki-client.org