Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/SxzWqW5mDJ2HGn3cmR5wLb6n48E.roa
File: SxzWqW5mDJ2HGn3cmR5wLb6n48E.roa (raw, json)
Hash identifier: Q/ZTCYKp106vQrbdGCB+5bRTsDulpIQZcjrYRB+N1MA=
Subject key identifier: 4B:1C:D6:A9:6E:66:0C:9D:87:1A:7D:DC:99:1E:70:2D:BE:A7:E3:C1
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA17CF76803FD41424D6ADE984CA64
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/SxzWqW5mDJ2HGn3cmR5wLb6n48E.roa
Signing time: Sun 01 Jan 2023 05:24:44 +0000
ROA not before: Sun 01 Jan 2023 05:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21267
IP address blocks: 45.85.244.0/23 maxlen: 24
45.85.246.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:17:cf:76:80:3f:d4:14:24:d6:ad:e9:84:ca:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b1cd6a96e660c9d871a7ddc991e702dbea7e3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:69:d1:db:e8:98:29:58:55:ed:4b:31:7d:a0:
5d:38:59:da:d8:33:e5:46:dd:ca:36:01:c8:6d:a1:
23:77:03:04:25:aa:c6:4e:35:ae:fc:cb:33:90:6e:
87:c1:06:b7:bd:bc:9c:d7:fc:b3:a4:3b:22:f9:13:
4a:88:13:c8:bb:c8:04:37:ef:1c:7c:19:76:a0:cb:
8d:c6:30:4e:8c:72:04:0c:01:68:3f:6f:3d:78:f6:
d5:47:b3:ba:1f:7e:98:a1:f7:83:84:14:d1:7e:69:
18:77:7f:01:e5:0d:aa:bb:f9:b0:3f:c3:4d:3d:6e:
e1:79:8c:f2:3c:3a:2f:90:db:4b:39:43:83:3d:4c:
13:db:dc:bf:3c:da:c9:d1:1f:8f:b8:cd:e5:87:1d:
74:d4:17:e3:94:b0:9e:e1:b4:b4:6f:dd:47:47:2c:
81:65:8b:e5:30:a6:3c:0a:a3:98:d9:53:4c:c1:3b:
0a:96:3d:15:f7:28:17:dd:2b:86:28:ad:d4:1d:5e:
7b:3f:71:73:d0:63:60:ea:55:40:78:d1:09:a0:9d:
b3:31:72:6d:e2:72:0f:e3:c0:33:18:11:ab:74:46:
81:25:9f:61:c7:c3:b5:c7:0a:86:56:a1:af:1e:b8:
ee:0b:f1:3d:5b:74:a0:0b:ab:07:ea:7b:94:2f:2e:
32:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1C:D6:A9:6E:66:0C:9D:87:1A:7D:DC:99:1E:70:2D:BE:A7:E3:C1
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/SxzWqW5mDJ2HGn3cmR5wLb6n48E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.244.0-45.85.246.255
Signature Algorithm: sha256WithRSAEncryption
94:fb:3d:2d:82:55:dd:dd:75:8c:72:fa:1a:7e:a5:90:64:c0:
5f:9b:6e:2b:b9:e7:e2:a5:a7:2c:88:46:26:bf:ea:47:0b:2a:
3b:8c:2d:d3:7b:53:08:39:f9:9c:f7:54:e3:dc:a3:8d:b0:c7:
4f:9f:9d:8b:3d:90:3a:d1:18:fb:46:fc:26:87:d2:c9:cc:e7:
c9:a7:91:fd:28:2d:c9:bb:f7:52:48:39:37:19:38:cb:6b:d8:
e0:16:d1:e4:05:af:3b:fb:71:1f:b6:9d:42:8a:1f:24:6a:32:
be:2b:d6:d8:ac:0c:1e:4f:e7:76:d0:15:4b:ec:12:97:8a:0b:
8e:ae:15:fa:f7:7a:89:20:a9:e8:e8:4b:6d:0b:87:23:4e:ed:
1d:40:de:3d:5f:2a:19:26:5c:5b:2d:d1:95:e3:2e:74:23:c7:
dd:42:32:dd:40:7d:3e:68:a4:04:97:8b:29:56:78:00:36:60:
ba:b6:d2:c7:05:e9:2a:f9:03:f7:51:e8:6e:f0:92:3f:c5:f2:
bb:75:eb:d9:b5:1a:47:af:c8:84:c4:4c:ed:e1:5a:74:bb:9e:
e0:b1:f3:3a:a6:04:8f:38:a2:80:9d:ed:1c:09:47:4a:d6:da:
28:fd:ae:1d:db:ef:71:8d:40:79:39:d2:69:0a:1f:c5:95:f2:
d3:1e:39:dc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVryhfPdoA/1BQk1q3phMpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFjZDZhOTZlNjYwYzlkODcxYTdkZGM5OTFlNzAyZGJlYTdlM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWnR2+iYKVhV7UsxfaBdOFna2DPl
Rt3KNgHIbaEjdwMEJarGTjWu/MszkG6HwQa3vbyc1/yzpDsi+RNKiBPIu8gEN+8c
fBl2oMuNxjBOjHIEDAFoP289ePbVR7O6H36YofeDhBTRfmkYd38B5Q2qu/mwP8NN
PW7heYzyPDovkNtLOUODPUwT29y/PNrJ0R+PuM3lhx101BfjlLCe4bS0b91HRyyB
ZYvlMKY8CqOY2VNMwTsKlj0V9ygX3SuGKK3UHV57P3Fz0GNg6lVAeNEJoJ2zMXJt
4nIP48AzGBGrdEaBJZ9hx8O1xwqGVqGvHrjuC/E9W3SgC6sH6nuULy4yRwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEsc1qluZgydhxp93JkecC2+p+PBMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvU3h6V3FXNW1ESjJIR24zY21SNXdMYjZuNDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItVfQD
BAAtVfYwDQYJKoZIhvcNAQELBQADggEBAJT7PS2CVd3ddYxy+hp+pZBkwF+bbiu5
5+KlpyyIRia/6kcLKjuMLdN7Uwg5+Zz3VOPco42wx0+fnYs9kDrRGPtG/CaH0snM
58mnkf0oLcm791JIOTcZOMtr2OAW0eQFrzv7cR+2nUKKHyRqMr4r1tisDB5P53bQ
FUvsEpeKC46uFfr3eokgqejoS20LhyNO7R1A3j1fKhkmXFst0ZXjLnQjx91CMt1A
fT5opASXiylWeAA2YLq20scF6Sr5A/dR6G7wkj/F8rt169m1GkevyITETO3hWnS7
nuCx8zqmBI84ooCd7RwJR0rW2ij9rh3b73GNQHk50mkKH8WV8tMeOdw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:00 2024 by rpki-client on console-fra.rpki-client.org