Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/k689VmdL5sCI_4BkLvsSgQBGbV4.roa
File: k689VmdL5sCI_4BkLvsSgQBGbV4.roa (raw, json)
Hash identifier: hzHcSgLrXGGSn4nfxUBwJh7jzfnObA0A5dbFNFqI+Bo=
Subject key identifier: 93:AF:3D:56:67:4B:E6:C0:88:FF:80:64:2E:FB:12:81:00:46:6D:5E
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018B1E2A13615C9B17B0343A42223531FEF6
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/k689VmdL5sCI_4BkLvsSgQBGbV4.roa
Signing time: Wed 11 Oct 2023 09:55:55 +0000
ROA not before: Wed 11 Oct 2023 09:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 193.110.134.0/23 maxlen: 24
91.228.231.0/24 maxlen: 24
45.135.10.0/24 maxlen: 24
45.135.8.0/24 maxlen: 24
91.228.251.0/24 maxlen: 24
45.136.218.0/24 maxlen: 24
45.136.216.0/24 maxlen: 24
91.229.25.0/24 maxlen: 24
45.138.78.0/24 maxlen: 24
45.139.34.0/24 maxlen: 24
45.139.32.0/24 maxlen: 24
45.138.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:2a:13:61:5c:9b:17:b0:34:3a:42:22:35:31:fe:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Oct 11 09:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93af3d56674be6c088ff80642efb128100466d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4d:5a:d0:79:74:6d:de:5a:e4:e5:9d:e7:94:
26:9d:5c:0b:64:64:dc:6f:1b:57:74:f8:5a:62:19:
11:58:d4:8b:fa:e6:c9:07:3b:62:3c:cd:55:f1:c2:
0b:fe:d1:7e:16:52:e2:56:46:90:ea:6b:54:69:e0:
b3:b9:1f:f2:ca:34:69:e6:fc:d6:7c:d5:ec:7c:e5:
92:f3:2a:60:80:7e:a0:03:89:c1:2a:f9:93:e7:48:
a8:96:e2:72:3c:cd:96:bd:c9:1e:d7:60:a3:56:14:
cf:71:6a:9e:ba:8e:c7:fe:78:27:cf:ba:6c:00:52:
49:65:29:41:c2:8f:32:e2:1a:32:41:5a:ac:06:be:
89:8b:95:4c:1c:df:83:91:25:59:9d:b5:54:21:30:
30:7b:9c:ef:6e:d7:a5:e5:b9:c0:b8:de:59:08:61:
cd:35:15:80:04:3e:0c:b8:4b:26:7c:80:db:8a:0c:
bb:ad:84:77:03:f5:1c:f7:0a:ca:fd:4a:2d:0f:b1:
a3:bb:ad:2b:1e:1f:00:79:2c:02:3d:97:11:a9:f9:
a8:92:eb:58:77:e1:25:3f:4e:2f:c7:1f:48:f9:61:
81:ce:eb:da:bf:ae:21:f5:b6:8e:e6:fc:d1:c9:a1:
fe:98:ae:51:84:37:6e:1b:63:f8:b3:c0:1c:24:28:
9e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:AF:3D:56:67:4B:E6:C0:88:FF:80:64:2E:FB:12:81:00:46:6D:5E
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/k689VmdL5sCI_4BkLvsSgQBGbV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.8.0/24
45.135.10.0/24
45.136.216.0/24
45.136.218.0/24
45.138.76.0/24
45.138.78.0/24
45.139.32.0/24
45.139.34.0/24
91.228.231.0/24
91.228.251.0/24
91.229.25.0/24
193.110.134.0/23
Signature Algorithm: sha256WithRSAEncryption
40:2b:dd:b5:30:85:03:74:9d:08:67:e8:27:97:53:d5:aa:d2:
11:a7:05:06:3c:ae:7d:fb:bf:5b:d5:cf:6e:24:d3:a1:78:94:
ea:3c:7b:b8:3a:82:d0:be:a8:ad:18:b9:5c:08:bc:ff:a2:17:
85:6a:5a:41:10:ab:ab:cf:3a:f3:28:af:5c:96:bf:25:d2:93:
a3:9d:df:4b:c2:8f:ed:c9:f8:56:08:3a:b0:03:68:54:b3:e4:
28:e4:fe:11:66:03:e5:7b:8b:71:b3:87:e5:b4:f4:8d:d0:e6:
d8:22:0b:84:29:bf:0a:e8:9b:43:aa:34:6c:94:50:30:7b:ab:
88:a4:a5:45:0c:ae:ab:be:b7:bc:7d:4f:d7:2b:67:db:89:60:
6c:6b:c7:92:ea:50:30:a6:5d:d9:ef:e6:ab:d3:85:ba:7c:bd:
25:f9:17:33:2a:66:98:65:de:45:3f:b0:4f:98:32:d6:68:4f:
c4:6f:99:16:f4:eb:d3:77:1a:b5:b2:f5:30:81:e6:c3:f4:97:
41:39:ed:1d:aa:fc:c0:d8:a4:02:58:00:8b:b6:3b:94:76:bf:
48:2e:23:f7:d1:9e:37:fa:42:de:02:f0:fa:cf:0e:1e:47:51:
f2:87:44:4b:74:28:21:47:20:14:b3:4c:1d:89:c1:7a:49:57:
80:ba:fb:07
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYseKhNhXJsXsDQ6QiI1Mf72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMxMDExMDk1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2FmM2Q1NjY3NGJlNmMwODhmZjgwNjQyZWZiMTI4MTAwNDY2ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk01a0Hl0bd5a5OWd55QmnVwLZGTc
bxtXdPhaYhkRWNSL+ubJBztiPM1V8cIL/tF+FlLiVkaQ6mtUaeCzuR/yyjRp5vzW
fNXsfOWS8ypggH6gA4nBKvmT50ioluJyPM2Wvcke12CjVhTPcWqeuo7H/ngnz7ps
AFJJZSlBwo8y4hoyQVqsBr6Ji5VMHN+DkSVZnbVUITAwe5zvbtel5bnAuN5ZCGHN
NRWABD4MuEsmfIDbigy7rYR3A/Uc9wrK/UotD7Gju60rHh8AeSwCPZcRqfmokutY
d+ElP04vxx9I+WGBzuvav64h9baO5vzRyaH+mK5RhDduG2P4s8AcJCie3QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJOvPVZnS+bAiP+AZC77EoEARm1eMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvazY4OVZtZEw1c0NJXzRCa0x2c1NnUUJHYlY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALYcIAwQA
LYcKAwQALYjYAwQALYjaAwQALYpMAwQALYpOAwQALYsgAwQALYsiAwQAW+TnAwQA
W+T7AwQAW+UZAwQBwW6GMA0GCSqGSIb3DQEBCwUAA4IBAQBAK921MIUDdJ0IZ+gn
l1PVqtIRpwUGPK59+79b1c9uJNOheJTqPHu4OoLQvqitGLlcCLz/oheFalpBEKur
zzrzKK9clr8l0pOjnd9Lwo/tyfhWCDqwA2hUs+Qo5P4RZgPle4txs4fltPSN0ObY
IguEKb8K6JtDqjRslFAwe6uIpKVFDK6rvre8fU/XK2fbiWBsa8eS6lAwpl3Z7+ar
04W6fL0l+RczKmaYZd5FP7BPmDLWaE/Eb5kW9OvTdxq1svUwgebD9JdBOe0dqvzA
2KQCWACLtjuUdr9ILiP30Z43+kLeAvD6zw4eR1Hyh0RLdCghRyAUs0wdicF6SVeA
uvsH
-----END CERTIFICATE-----
Generated at Wed Nov 15 14:53:17 2023 by rpki-client on console-ams.rpki-client.org