Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/kwizuEPpWG7VnviYYTx5LbGaxs4.roa
File: kwizuEPpWG7VnviYYTx5LbGaxs4.roa (raw, json)
Hash identifier: aZ3rP7BK8gTzN4FT/DW4Lm5HuprfC5Dr3kJzUAZKImE=
Subject key identifier: 93:08:B3:B8:43:E9:58:6E:D5:9E:F8:98:61:3C:79:2D:B1:9A:C6:CE
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0185822D4248957564517464403B522CE1C2
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/kwizuEPpWG7VnviYYTx5LbGaxs4.roa
Signing time: Thu 05 Jan 2023 13:44:42 +0000
ROA not before: Thu 05 Jan 2023 13:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 45.138.79.0/24 maxlen: 24
45.135.11.0/24 maxlen: 24
45.135.9.0/24 maxlen: 24
45.136.217.0/24 maxlen: 24
45.136.219.0/24 maxlen: 24
45.139.33.0/24 maxlen: 24
45.139.35.0/24 maxlen: 24
45.138.77.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:82:2d:42:48:95:75:64:51:74:64:40:3b:52:2c:e1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 5 13:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9308b3b843e9586ed59ef898613c792db19ac6ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:53:e1:9b:db:ba:49:4b:ff:bd:06:a5:43:49:
00:86:73:66:8f:46:de:c2:3f:a7:b2:59:3f:21:e0:
0e:56:e4:72:af:4f:04:4f:19:6b:df:08:ac:31:cb:
24:33:e2:74:b5:a8:76:c8:12:37:e2:5f:8a:c9:2b:
e5:31:20:f1:f1:60:7b:40:2a:63:86:fe:2a:4a:d4:
3b:72:2f:b0:78:ec:7e:2e:71:d6:8a:0f:1e:96:da:
46:1a:d4:7c:92:a3:28:f2:d5:09:17:b3:96:13:fa:
3d:99:25:87:c5:48:42:28:e2:3e:38:2d:24:ea:00:
63:39:c2:d0:02:bf:12:d3:d8:20:09:30:52:43:79:
ca:35:08:ad:e2:ef:49:3d:09:74:4f:d6:b3:48:85:
fc:2a:b1:39:f3:1c:d9:12:05:d2:19:e3:be:74:3c:
be:2f:f1:ae:5a:79:c0:e4:14:d5:9f:c7:d9:91:27:
0c:6c:87:30:7d:93:cd:3d:8d:ee:5d:11:5d:f1:9c:
02:0c:10:f4:b7:ed:39:d6:b3:15:a4:97:8a:71:e1:
36:ab:39:ff:73:75:41:9b:e6:67:8b:2f:18:35:aa:
8d:21:04:02:9f:b2:63:78:af:9b:67:8f:2f:22:1a:
0d:49:9a:a2:09:e2:56:41:c7:1e:cc:bf:e4:7e:88:
a1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:08:B3:B8:43:E9:58:6E:D5:9E:F8:98:61:3C:79:2D:B1:9A:C6:CE
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/kwizuEPpWG7VnviYYTx5LbGaxs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.9.0/24
45.135.11.0/24
45.136.217.0/24
45.136.219.0/24
45.138.77.0/24
45.138.79.0/24
45.139.33.0/24
45.139.35.0/24
Signature Algorithm: sha256WithRSAEncryption
03:55:97:84:6c:80:a5:99:33:90:66:74:cc:c6:ba:49:c3:49:
df:4c:32:cd:62:1c:29:21:fe:2f:c9:b8:70:21:05:1d:ed:82:
6a:4c:07:d3:29:64:80:59:21:83:aa:e2:16:52:8d:c8:1e:1c:
64:d8:03:d4:08:76:19:21:68:d1:0d:e8:5a:f5:34:81:b9:c6:
3f:c5:a0:dc:2f:8a:c1:0f:4a:d7:8b:44:6c:b5:57:3b:bb:e2:
08:03:dd:cc:32:b7:bd:02:70:5c:9d:4e:d1:80:4c:c4:d0:bf:
4c:25:86:99:37:7a:e0:f0:cc:10:8d:2e:a6:1f:91:8e:6c:4b:
68:7f:fa:5c:6d:2a:d2:40:87:8d:e2:d8:ba:c6:eb:d5:a5:58:
f1:72:8f:84:d1:c7:93:0f:1c:56:5b:56:f2:28:f6:7a:f1:fd:
05:fb:f8:6d:0f:83:37:89:07:6c:8b:00:76:ed:ef:a4:34:4b:
b1:b6:75:d0:a7:d2:79:70:e1:93:e0:d7:36:f6:35:47:a9:08:
7c:13:33:ac:d8:83:a3:72:51:1c:0a:af:d2:39:81:ea:f2:97:
1b:42:6e:a8:0e:5d:ff:30:00:2d:bd:77:b0:79:b8:6c:1d:19:
87:87:ed:18:4e:91:91:a3:7e:e8:a0:42:b7:1f:f8:bd:30:f8:
50:17:c4:76
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYWCLUJIlXVkUXRkQDtSLOHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTA1MTM0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzA4YjNiODQzZTk1ODZlZDU5ZWY4OTg2MTNjNzkyZGIxOWFjNmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlPhm9u6SUv/vQalQ0kAhnNmj0be
wj+nslk/IeAOVuRyr08ETxlr3wisMcskM+J0tah2yBI34l+KySvlMSDx8WB7QCpj
hv4qStQ7ci+weOx+LnHWig8eltpGGtR8kqMo8tUJF7OWE/o9mSWHxUhCKOI+OC0k
6gBjOcLQAr8S09ggCTBSQ3nKNQit4u9JPQl0T9azSIX8KrE58xzZEgXSGeO+dDy+
L/GuWnnA5BTVn8fZkScMbIcwfZPNPY3uXRFd8ZwCDBD0t+051rMVpJeKceE2qzn/
c3VBm+Zniy8YNaqNIQQCn7JjeK+bZ48vIhoNSZqiCeJWQccezL/kfoihMQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJMIs7hD6Vhu1Z74mGE8eS2xmsbOMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEva3dpenVFUHBXRzdWbnZpWVlUeDVMYkdheHM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYcJAwQA
LYcLAwQALYjZAwQALYjbAwQALYpNAwQALYpPAwQALYshAwQALYsjMA0GCSqGSIb3
DQEBCwUAA4IBAQADVZeEbIClmTOQZnTMxrpJw0nfTDLNYhwpIf4vybhwIQUd7YJq
TAfTKWSAWSGDquIWUo3IHhxk2APUCHYZIWjRDeha9TSBucY/xaDcL4rBD0rXi0Rs
tVc7u+IIA93MMre9AnBcnU7RgEzE0L9MJYaZN3rg8MwQjS6mH5GObEtof/pcbSrS
QIeN4ti6xuvVpVjxco+E0ceTDxxWW1byKPZ68f0F+/htD4M3iQdsiwB27e+kNEux
tnXQp9J5cOGT4Nc29jVHqQh8EzOs2IOjclEcCq/SOYHq8pcbQm6oDl3/MAAtvXew
ebhsHRmHh+0YTpGRo37ooEK3H/i9MPhQF8R2
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:00 2024 by rpki-client on console-fra.rpki-client.org