Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Q9Hrgdx7y6f0jPZomom0R4RiZGE.roa
File: Q9Hrgdx7y6f0jPZomom0R4RiZGE.roa (raw, json)
Hash identifier: v5c98pYXYPJp2BH22OXckhpqkd3xm/mMgfqKzNlnrdY=
Subject key identifier: 43:D1:EB:81:DC:7B:CB:A7:F4:8C:F6:68:9A:89:B4:47:84:62:64:61
Certificate issuer: /CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Certificate serial: 018931026DCCAC4DD14F30F2F43EDEFD926A
Authority key identifier: 5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Q9Hrgdx7y6f0jPZomom0R4RiZGE.roa
Signing time: Fri 07 Jul 2023 15:39:49 +0000
ROA not before: Fri 07 Jul 2023 15:39:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 45.89.30.0/24 maxlen: 24
45.89.31.0/24 maxlen: 24
45.89.28.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:31:02:6d:cc:ac:4d:d1:4f:30:f2:f4:3e:de:fd:92:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Validity
Not Before: Jul 7 15:39:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43d1eb81dc7bcba7f48cf6689a89b44784626461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b2:84:46:55:3d:5b:82:c0:2e:b5:bf:64:ba:
20:31:fe:2c:ef:58:8d:fc:37:d7:e1:29:4a:f6:09:
78:01:f3:fb:6a:ab:fc:f5:e2:54:e2:27:a4:04:4e:
b7:2e:a1:b8:65:f1:7e:d1:02:4f:26:e4:48:ef:1c:
80:3c:de:d0:ff:1a:b1:25:e3:af:49:3f:1d:3c:d9:
80:06:93:7a:70:ab:49:44:0e:a9:77:b8:3f:95:11:
28:92:8f:dd:00:af:dc:fd:4e:c1:fc:5c:ea:ca:f9:
1f:25:79:3a:3d:1d:66:96:94:c4:a0:84:c6:97:35:
48:10:97:18:b8:f5:3b:ad:04:c9:97:4f:95:10:30:
0f:73:6f:71:fd:57:c8:6d:9d:05:e2:f9:84:93:bd:
4c:5e:11:9f:b0:c0:d3:5f:e5:45:81:6d:d5:30:b5:
4f:cb:46:49:2e:c3:29:bb:3a:75:49:a5:b2:6a:be:
5e:57:2b:6c:d5:64:1f:95:66:79:c7:9a:0f:4a:c3:
e8:e4:7e:27:fd:01:75:a9:11:b3:f1:3d:eb:9c:2c:
23:1f:c5:ab:04:ed:03:4d:45:03:39:91:ec:36:24:
fe:13:98:93:1b:b5:55:ee:f6:0d:07:1e:c7:a2:02:
9d:7b:87:6f:8f:a8:00:2e:c4:86:5f:d8:eb:2c:81:
63:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D1:EB:81:DC:7B:CB:A7:F4:8C:F6:68:9A:89:B4:47:84:62:64:61
X509v3 Authority Key Identifier:
keyid:5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Q9Hrgdx7y6f0jPZomom0R4RiZGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Xu4NfnMISkLkx_cRjyOD_P82m6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.28.0/24
45.89.30.0/23
Signature Algorithm: sha256WithRSAEncryption
25:1c:44:9c:2a:a8:0a:84:6e:63:00:22:9b:62:b0:e4:d1:47:
07:50:7e:0e:83:ab:72:95:f5:36:43:d6:06:de:f3:df:5f:b1:
a5:76:f0:16:97:c4:72:59:c3:f0:10:83:01:d3:db:97:e3:d0:
34:06:ef:c8:f4:45:08:26:10:0b:4d:08:9d:03:8e:9f:f5:fb:
b1:91:41:44:d9:22:04:82:b3:6d:d9:cd:da:a8:b3:4b:52:4f:
91:6f:3f:9f:a9:99:8b:b4:0d:54:1b:ad:56:26:13:32:01:91:
27:ac:1e:86:fd:bf:77:f6:43:2f:9d:13:a1:5c:3c:c1:fd:cf:
db:12:0d:09:af:84:38:3c:82:ea:63:c3:f5:ea:ab:b8:0e:26:
ad:eb:d0:55:cf:ac:cc:e4:4c:cd:ee:35:98:82:57:c0:73:40:
45:0b:a4:10:8f:b1:a2:cf:ca:fc:50:8a:d5:4d:1b:d9:51:85:
ac:e1:ae:ab:78:d9:9d:89:cc:b4:20:ba:72:60:8d:e6:ec:c4:
b1:d7:d9:28:fe:0c:91:88:c9:00:8d:b7:12:2d:6c:92:17:cc:
0b:0a:0a:01:0f:c2:34:f1:07:6b:76:28:9a:48:46:c3:05:12:
fd:eb:fa:10:2c:b7:92:77:2f:a9:e0:23:d7:cb:cd:d3:8d:cf:
69:4b:7c:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkxAm3MrE3RTzDy9D7e/ZJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWUwZDdlNzMwODRhNDJlNGM3ZjcxMThmMjM4M2ZjZmYz
NjliYTQwHhcNMjMwNzA3MTUzOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QxZWI4MWRjN2JjYmE3ZjQ4Y2Y2Njg5YTg5YjQ0Nzg0NjI2NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbKERlU9W4LALrW/ZLogMf4s71iN
/DfX4SlK9gl4AfP7aqv89eJU4iekBE63LqG4ZfF+0QJPJuRI7xyAPN7Q/xqxJeOv
ST8dPNmABpN6cKtJRA6pd7g/lREoko/dAK/c/U7B/FzqyvkfJXk6PR1mlpTEoITG
lzVIEJcYuPU7rQTJl0+VEDAPc29x/VfIbZ0F4vmEk71MXhGfsMDTX+VFgW3VMLVP
y0ZJLsMpuzp1SaWyar5eVyts1WQflWZ5x5oPSsPo5H4n/QF1qRGz8T3rnCwjH8Wr
BO0DTUUDOZHsNiT+E5iTG7VV7vYNBx7HogKde4dvj6gALsSGX9jrLIFj8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEPR64Hce8un9Iz2aJqJtEeEYmRhMB8GA1UdIwQY
MBaAFF7uDX5zCEpC5Mf3EY8jg/z/NpukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgt
ZGRjMjY2NTY0NmNjLzEvUTlIcmdkeDd5NmYwalBab21vbTBSNFJpWkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgtZGRjMjY2NTY0NmNj
LzEvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVkcAwQB
LVkeMA0GCSqGSIb3DQEBCwUAA4IBAQAlHEScKqgKhG5jACKbYrDk0UcHUH4Og6ty
lfU2Q9YG3vPfX7GldvAWl8RyWcPwEIMB09uX49A0Bu/I9EUIJhALTQidA46f9fux
kUFE2SIEgrNt2c3aqLNLUk+Rbz+fqZmLtA1UG61WJhMyAZEnrB6G/b939kMvnROh
XDzB/c/bEg0Jr4Q4PILqY8P16qu4Diat69BVz6zM5EzN7jWYglfAc0BFC6QQj7Gi
z8r8UIrVTRvZUYWs4a6reNmdicy0ILpyYI3m7MSx19ko/gyRiMkAjbcSLWySF8wL
CgoBD8I08QdrdiiaSEbDBRL96/oQLLeSdy+p4CPXy83Tjc9pS3wt
-----END CERTIFICATE-----
Generated at Tue Aug 1 22:31:41 2023 by rpki-client on console-fra.rpki-client.org