Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/qKzqicAwagwn1dExh_SmYhEVX4A.roa
File: qKzqicAwagwn1dExh_SmYhEVX4A.roa (raw, json)
Hash identifier: F5iqohHPRA966GtX6mo/raRFPRbEJWi/erQ5RdlGhws=
Subject key identifier: A8:AC:EA:89:C0:30:6A:0C:27:D5:D1:31:87:F4:A6:62:11:15:5F:80
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0185F2FA545F7B2BC68B39FF400164B40739
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/qKzqicAwagwn1dExh_SmYhEVX4A.roa
Signing time: Fri 27 Jan 2023 11:26:09 +0000
ROA not before: Fri 27 Jan 2023 11:26:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 45.135.10.0/24 maxlen: 24
45.135.8.0/24 maxlen: 24
45.136.218.0/24 maxlen: 24
45.136.216.0/24 maxlen: 24
45.138.78.0/24 maxlen: 24
45.139.34.0/24 maxlen: 24
45.139.32.0/24 maxlen: 24
45.138.76.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:fa:54:5f:7b:2b:c6:8b:39:ff:40:01:64:b4:07:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 27 11:26:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8acea89c0306a0c27d5d13187f4a66211155f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:36:74:db:72:d7:a4:c0:8b:30:e3:46:bf:f2:
c1:a4:c1:92:06:ad:0b:ea:be:6c:03:f9:2a:16:11:
e7:82:cb:45:5f:59:08:c8:89:d4:bd:31:e1:95:f6:
4a:74:cd:97:cc:24:97:9a:62:cb:21:a9:ef:78:df:
9a:17:0a:fa:fc:69:52:d6:5d:fa:61:4d:36:10:92:
a1:ac:1d:20:ac:ed:d5:9a:29:91:a5:4b:c8:fb:ac:
09:b5:5a:60:49:54:22:c5:c1:41:d7:0b:ad:56:24:
a1:3e:39:c2:b3:a8:30:97:20:8e:68:f7:e7:e7:a7:
ac:2b:8a:8d:59:69:8c:9e:0b:48:4d:67:d9:bd:aa:
98:af:69:b1:6a:e1:c6:c5:dc:fb:b2:53:c3:67:f5:
12:be:f5:48:98:46:23:c9:1a:66:1c:83:f3:ec:04:
62:2c:77:83:63:5b:4d:74:09:6c:a6:dc:da:46:6c:
7b:06:db:31:ef:f5:a0:09:2b:92:04:b7:ca:4d:b6:
8a:13:c9:c4:f0:f4:00:18:4e:01:64:14:6a:5a:2f:
1b:5a:ac:90:f4:dc:3b:af:f1:fa:dd:bc:73:01:f3:
a2:17:24:61:60:5b:87:b0:21:bc:36:7e:ad:8f:52:
ef:b9:6e:86:b5:0c:96:8f:c9:4e:4f:48:fe:99:80:
6c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AC:EA:89:C0:30:6A:0C:27:D5:D1:31:87:F4:A6:62:11:15:5F:80
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/qKzqicAwagwn1dExh_SmYhEVX4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.8.0/24
45.135.10.0/24
45.136.216.0/24
45.136.218.0/24
45.138.76.0/24
45.138.78.0/24
45.139.32.0/24
45.139.34.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d1:31:34:74:95:bd:b9:9e:93:2d:45:cb:be:99:06:5d:7a:
c5:99:23:3b:f6:a1:60:04:40:1e:99:58:da:17:52:4e:9c:79:
5c:6f:13:41:0e:c9:e6:f9:41:45:a4:66:08:a5:29:dd:e6:ae:
94:c5:23:cf:9f:c1:d3:e9:d6:c5:6f:7a:f2:dd:c4:c7:7b:d1:
fb:e7:28:55:16:fa:29:42:0b:25:cf:4c:bc:a3:12:89:d3:d6:
d0:6c:6e:30:da:5a:72:95:58:9e:2b:79:3a:4c:f4:2c:90:17:
e9:c3:d4:d8:41:4a:a3:25:3a:84:e7:34:dd:7b:79:a1:d5:75:
95:aa:65:47:74:26:3e:21:e7:23:08:87:35:15:94:55:72:06:
54:71:2a:e0:6e:f3:f7:58:1e:37:a4:f9:8f:fa:f1:46:62:20:
fc:5f:a3:85:01:e5:ae:85:b3:21:67:44:bf:17:0c:3b:ae:c6:
7b:16:70:b6:1b:50:49:66:6e:6b:56:14:8b:b3:5b:99:81:ed:
5d:f4:b6:52:2a:72:b8:30:54:8b:0d:1f:27:84:d2:02:6f:04:
26:d8:19:5e:81:d1:87:54:52:d3:c4:23:11:b0:ed:a5:b0:5f:
a8:1c:7f:cc:6c:62:00:fc:f0:2f:5d:26:8e:78:a2:3a:b3:7b:
bd:bd:f9:11
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYXy+lRfeyvGizn/QAFktAc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTI3MTEyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFjZWE4OWMwMzA2YTBjMjdkNWQxMzE4N2Y0YTY2MjExMTU1ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzZ023LXpMCLMONGv/LBpMGSBq0L
6r5sA/kqFhHngstFX1kIyInUvTHhlfZKdM2XzCSXmmLLIanveN+aFwr6/GlS1l36
YU02EJKhrB0grO3VmimRpUvI+6wJtVpgSVQixcFB1wutViShPjnCs6gwlyCOaPfn
56esK4qNWWmMngtITWfZvaqYr2mxauHGxdz7slPDZ/USvvVImEYjyRpmHIPz7ARi
LHeDY1tNdAlsptzaRmx7Btsx7/WgCSuSBLfKTbaKE8nE8PQAGE4BZBRqWi8bWqyQ
9Nw7r/H63bxzAfOiFyRhYFuHsCG8Nn6tj1LvuW6GtQyWj8lOT0j+mYBstQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKis6onAMGoMJ9XRMYf0pmIRFV+AMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvcUt6cWljQXdhZ3duMWRFeGhfU21ZaEVWWDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYcIAwQA
LYcKAwQALYjYAwQALYjaAwQALYpMAwQALYpOAwQALYsgAwQALYsiMA0GCSqGSIb3
DQEBCwUAA4IBAQBa0TE0dJW9uZ6TLUXLvpkGXXrFmSM79qFgBEAemVjaF1JOnHlc
bxNBDsnm+UFFpGYIpSnd5q6UxSPPn8HT6dbFb3ry3cTHe9H75yhVFvopQgslz0y8
oxKJ09bQbG4w2lpylVieK3k6TPQskBfpw9TYQUqjJTqE5zTde3mh1XWVqmVHdCY+
IecjCIc1FZRVcgZUcSrgbvP3WB43pPmP+vFGYiD8X6OFAeWuhbMhZ0S/Fww7rsZ7
FnC2G1BJZm5rVhSLs1uZge1d9LZSKnK4MFSLDR8nhNICbwQm2BlegdGHVFLTxCMR
sO2lsF+oHH/MbGIA/PAvXSaOeKI6s3u9vfkR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org