Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/Rqt9vYrpB4wwJp_im3ECH6_76oY.roa
File: Rqt9vYrpB4wwJp_im3ECH6_76oY.roa (raw, json)
Hash identifier: MD9MQkf0ZOIhXVZ8Ca5fGyuprSRYH6QdRPS/uhb4ctc=
Subject key identifier: 46:AB:7D:BD:8A:E9:07:8C:30:26:9F:E2:9B:71:02:1F:AF:FB:EA:86
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 01856C6EF6B5A52093300589B68412D2CFB6
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/Rqt9vYrpB4wwJp_im3ECH6_76oY.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20568
IP address blocks: 45.88.204.0/22 maxlen: 22
45.88.204.0/24 maxlen: 24
45.88.206.0/24 maxlen: 24
45.88.205.0/24 maxlen: 24
91.144.100.0/24 maxlen: 24
45.88.207.0/24 maxlen: 24
2a03:9900:100::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f6:b5:a5:20:93:30:05:89:b6:84:12:d2:cf:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46ab7dbd8ae9078c30269fe29b71021faffbea86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1a:f8:d9:40:8e:cc:8e:ac:e1:17:e8:c9:1d:
3a:38:cf:75:8b:d5:71:08:95:17:55:25:d4:7b:11:
e1:02:24:7c:32:6b:da:cb:a0:45:f6:ea:2c:74:5d:
fd:5f:3d:24:98:e5:16:93:62:b7:c1:50:79:e8:f5:
a6:af:7c:5f:c2:ae:62:9c:34:33:7b:21:a9:ce:aa:
bc:b0:52:36:ee:41:08:3a:bc:2e:cc:21:86:c1:58:
4a:aa:a0:56:46:97:60:fa:cc:5a:c0:a5:43:ae:68:
f7:d7:9a:b8:b2:64:4e:03:6f:04:23:5d:e9:3a:05:
55:3b:47:45:49:44:59:86:1d:67:2c:9d:ea:92:7b:
d6:a4:6b:02:2e:1d:71:a6:fb:15:4b:1c:83:08:6f:
04:4a:10:db:a5:a0:96:f5:5c:86:ad:aa:c1:43:6c:
0e:38:58:d4:f8:54:46:2e:91:4a:25:03:b6:67:86:
a2:c0:ae:6d:05:4a:30:83:79:be:9e:a5:93:7f:47:
f1:ac:07:0b:10:66:69:ba:f3:2a:46:cf:4e:ad:dd:
24:c8:1e:8c:38:a5:86:e4:6a:63:58:7f:48:f2:6b:
57:c6:62:4c:dc:18:e5:7c:17:f9:e8:cf:8a:6a:6f:
fa:37:47:16:3a:71:ac:8e:cd:5f:c0:e6:72:a7:6f:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AB:7D:BD:8A:E9:07:8C:30:26:9F:E2:9B:71:02:1F:AF:FB:EA:86
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/Rqt9vYrpB4wwJp_im3ECH6_76oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.204.0/22
91.144.100.0/24
IPv6:
2a03:9900:100::/48
Signature Algorithm: sha256WithRSAEncryption
5d:96:ca:ac:8b:d7:3e:a0:98:4b:98:59:a3:3c:e8:9e:e9:92:
04:60:e1:68:03:a9:3d:95:6b:5c:19:1c:ae:ad:10:b6:87:14:
0c:a1:26:13:bc:ae:43:bf:f6:29:8f:92:08:4e:33:87:96:fd:
b1:49:6c:cc:9c:4f:03:41:28:7a:06:d9:f9:42:4c:8d:eb:7f:
ac:04:03:5d:c6:36:50:34:e2:0a:e5:4c:b8:cb:62:be:46:dd:
95:c8:61:83:a8:20:95:8d:dc:da:61:2e:e8:29:7e:14:6f:c8:
e6:37:89:0f:d1:00:a7:4f:1f:ae:e3:5d:3d:71:9c:ce:8e:ec:
a3:87:87:0c:16:37:5a:3e:3e:29:c1:05:22:39:f6:46:8b:e9:
25:4e:50:34:b7:f0:ac:3d:74:b4:78:3a:b6:0a:96:53:28:6b:
0f:8a:b4:75:7b:eb:02:e7:f9:cf:d9:c4:61:4c:4d:30:86:4c:
81:e2:b7:55:0d:12:d3:b7:06:22:67:ef:49:a0:ab:37:d4:87:
32:bf:b7:9e:e4:91:63:95:30:25:57:86:7c:89:dc:b2:a4:8f:
61:49:ee:d7:8b:2d:5d:2d:3a:1f:ca:66:d6:8e:93:f5:f5:85:
f0:cb:4d:a7:8f:c5:79:5e:5d:46:92:57:69:bf:30:b0:f1:62:
ac:37:06:ad
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsbva1pSCTMAWJtoQS0s+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFiN2RiZDhhZTkwNzhjMzAyNjlmZTI5YjcxMDIxZmFmZmJlYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBr42UCOzI6s4RfoyR06OM91i9Vx
CJUXVSXUexHhAiR8Mmvay6BF9uosdF39Xz0kmOUWk2K3wVB56PWmr3xfwq5inDQz
eyGpzqq8sFI27kEIOrwuzCGGwVhKqqBWRpdg+sxawKVDrmj315q4smROA28EI13p
OgVVO0dFSURZhh1nLJ3qknvWpGsCLh1xpvsVSxyDCG8EShDbpaCW9VyGrarBQ2wO
OFjU+FRGLpFKJQO2Z4aiwK5tBUowg3m+nqWTf0fxrAcLEGZpuvMqRs9Ord0kyB6M
OKWG5GpjWH9I8mtXxmJM3BjlfBf56M+Kam/6N0cWOnGsjs1fwOZyp29ThQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEarfb2K6QeMMCaf4ptxAh+v++qGMB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvUnF0OXZZcnBCNHd3SnBfaW0zRUNINl83Nm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCLVjMAwQA
W5BkMA8EAgACMAkDBwAqA5kAAQAwDQYJKoZIhvcNAQELBQADggEBAF2WyqyL1z6g
mEuYWaM86J7pkgRg4WgDqT2Va1wZHK6tELaHFAyhJhO8rkO/9imPkghOM4eW/bFJ
bMycTwNBKHoG2flCTI3rf6wEA13GNlA04grlTLjLYr5G3ZXIYYOoIJWN3NphLugp
fhRvyOY3iQ/RAKdPH67jXT1xnM6O7KOHhwwWN1o+PinBBSI59kaL6SVOUDS38Kw9
dLR4OrYKllMoaw+KtHV76wLn+c/ZxGFMTTCGTIHit1UNEtO3BiJn70mgqzfUhzK/
t57kkWOVMCVXhnyJ3LKkj2FJ7teLLV0tOh/KZtaOk/X1hfDLTaePxXleXUaSV2m/
MLDxYqw3Bq0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:36 2024 by rpki-client on console-ams.rpki-client.org