Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HVLeFrY5IaBdtlV1ddVPXp4pivQ.roa
File: HVLeFrY5IaBdtlV1ddVPXp4pivQ.roa (raw, json)
Hash identifier: h2pk3in3W0Xfa1rzwWtjG76YWSFSg1tNaTR5nws6JrE=
Subject key identifier: 1D:52:DE:16:B6:39:21:A0:5D:B6:55:75:75:D5:4F:5E:9E:29:8A:F4
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B64FCB28E5EA7B9005A99CBD3028
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HVLeFrY5IaBdtlV1ddVPXp4pivQ.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206085
IP address blocks: 45.89.44.0/22 maxlen: 22
45.83.12.0/22 maxlen: 22
45.95.88.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b6:4f:cb:28:e5:ea:7b:90:05:a9:9c:bd:30:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d52de16b63921a05db6557575d54f5e9e298af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bb:91:5a:43:47:7c:c7:93:76:62:b4:d1:5c:
be:8c:db:53:72:9d:ae:1e:6a:3e:2d:4f:a3:a5:61:
df:e1:2f:ac:7c:2b:1c:f5:db:c1:f6:99:b9:ba:ce:
cb:7e:6b:f5:af:c0:cf:f2:67:36:db:48:c2:30:c8:
b4:7f:de:e1:26:ab:21:88:0d:6e:0e:6c:bf:df:e0:
55:a7:a1:9d:10:8f:2e:0d:11:4c:7a:da:86:b3:dc:
67:6e:2a:09:92:fb:bb:74:ba:fe:c9:6b:bf:89:52:
e1:20:1c:8c:42:eb:0c:d5:6f:18:42:5a:5b:6e:c6:
a0:2d:67:73:5e:95:6d:14:9f:f9:47:06:6a:a4:d2:
fc:8e:6c:81:0d:59:d1:8a:70:5a:eb:f9:40:45:71:
75:4a:4a:f8:8b:56:da:b4:c3:b1:04:66:5f:7a:17:
e1:3f:71:6a:50:ad:75:3b:44:cd:f6:1b:f2:82:ff:
55:09:5d:05:c4:2a:46:59:a4:b0:04:59:bf:d7:53:
0f:74:c7:fd:47:1b:ae:fa:6d:07:b9:df:d1:a2:9c:
39:d9:01:e4:f5:f5:40:ff:14:e5:43:be:8a:6b:7f:
08:98:d1:76:ca:d2:88:36:8d:c1:b4:f3:de:6f:d9:
ac:a9:f5:37:62:d2:c9:21:7a:52:80:7e:51:b5:ad:
ee:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:52:DE:16:B6:39:21:A0:5D:B6:55:75:75:D5:4F:5E:9E:29:8A:F4
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/HVLeFrY5IaBdtlV1ddVPXp4pivQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.12.0/22
45.89.44.0/22
45.95.88.0/22
Signature Algorithm: sha256WithRSAEncryption
61:e2:bd:e1:58:45:1d:d8:dc:96:44:87:d5:cd:84:89:38:66:
b4:be:a8:13:41:8e:6a:29:21:93:4f:37:f1:82:45:16:a9:4f:
17:ed:e6:59:86:6e:99:03:42:1d:39:ec:b9:d4:60:75:1c:2f:
33:72:92:29:0e:75:b4:a2:f1:f4:8b:81:3d:68:22:c0:73:ac:
df:83:8b:2e:7d:3e:86:73:57:48:91:75:a4:da:7c:61:0e:f3:
c2:66:6d:8c:b0:42:71:71:40:a4:6d:b6:59:2f:31:f6:35:b4:
45:38:bd:65:c2:b9:9c:06:5f:17:97:fb:e7:07:4d:74:2b:4f:
6d:25:42:b2:ba:5d:26:b9:27:c3:de:0e:1a:1b:93:33:9e:49:
ac:09:d8:d3:5a:ba:ba:20:df:75:a2:ac:54:76:0d:b8:04:69:
dc:1a:fd:04:e6:53:e7:ab:02:90:99:03:1e:f7:c3:05:1d:4a:
c9:45:e6:4d:68:c4:b7:02:71:04:c3:a4:06:2d:97:fe:69:1b:
cf:2e:6e:6e:18:f5:6f:c7:8e:6e:5e:11:04:1f:ff:62:2e:0f:
37:7d:c0:66:99:dd:c9:be:07:4d:a3:35:e0:7e:05:62:c3:89:
a2:7d:0f:40:77:e6:19:4e:74:83:05:36:65:aa:7e:ff:9c:7e:
68:4a:fc:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxp7ZPyyjl6nuQBamcvTAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDUyZGUxNmI2MzkyMWEwNWRiNjU1NzU3NWQ1NGY1ZTllMjk4YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlruRWkNHfMeTdmK00Vy+jNtTcp2u
Hmo+LU+jpWHf4S+sfCsc9dvB9pm5us7Lfmv1r8DP8mc220jCMMi0f97hJqshiA1u
Dmy/3+BVp6GdEI8uDRFMetqGs9xnbioJkvu7dLr+yWu/iVLhIByMQusM1W8YQlpb
bsagLWdzXpVtFJ/5RwZqpNL8jmyBDVnRinBa6/lARXF1Skr4i1batMOxBGZfehfh
P3FqUK11O0TN9hvygv9VCV0FxCpGWaSwBFm/11MPdMf9Rxuu+m0Hud/Ropw52QHk
9fVA/xTlQ76Ka38ImNF2ytKINo3BtPPeb9msqfU3YtLJIXpSgH5Rta3uTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB1S3ha2OSGgXbZVdXXVT16eKYr0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvSFZMZUZyWTVJYUJkdGxWMWRkVlBYcDRwaXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVMMAwQC
LVksAwQCLV9YMA0GCSqGSIb3DQEBCwUAA4IBAQBh4r3hWEUd2NyWRIfVzYSJOGa0
vqgTQY5qKSGTTzfxgkUWqU8X7eZZhm6ZA0IdOey51GB1HC8zcpIpDnW0ovH0i4E9
aCLAc6zfg4sufT6Gc1dIkXWk2nxhDvPCZm2MsEJxcUCkbbZZLzH2NbRFOL1lwrmc
Bl8Xl/vnB010K09tJUKyul0muSfD3g4aG5MznkmsCdjTWrq6IN91oqxUdg24BGnc
Gv0E5lPnqwKQmQMe98MFHUrJReZNaMS3AnEEw6QGLZf+aRvPLm5uGPVvx45uXhEE
H/9iLg83fcBmmd3JvgdNozXgfgViw4mifQ9Ad+YZTnSDBTZlqn7/nH5oSvz6
-----END CERTIFICATE-----
Generated at Thu Jul 20 17:13:11 2023 by rpki-client on console-ams.rpki-client.org