Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/SjOM3hyizMy7bU_cURK9bYxCBkg.roa
File: SjOM3hyizMy7bU_cURK9bYxCBkg.roa (raw, json)
Hash identifier: fOM1kojo+rRO7MPvBc4Al/doedHkwWXrb4GMfpYnRdU=
Subject key identifier: 4A:33:8C:DE:1C:A2:CC:CC:BB:6D:4F:DC:51:12:BD:6D:8C:42:06:48
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 018A1DA9C7D2AC67AEACC8E2E731BB5DE563
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/SjOM3hyizMy7bU_cURK9bYxCBkg.roa
Signing time: Tue 22 Aug 2023 14:33:00 +0000
ROA not before: Tue 22 Aug 2023 14:33:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59651
IP address blocks: 45.155.166.0/24 maxlen: 24
45.143.6.0/24 maxlen: 24
45.155.167.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:a9:c7:d2:ac:67:ae:ac:c8:e2:e7:31:bb:5d:e5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: Aug 22 14:33:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a338cde1ca2ccccbb6d4fdc5112bd6d8c420648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:37:3c:17:4a:15:75:0b:50:ba:b3:7a:db:e3:
c5:65:9d:4f:42:9e:29:7d:02:f8:93:a2:3f:67:b3:
73:24:91:33:5a:46:bd:45:8d:0c:c2:d5:9a:13:de:
f5:6d:26:76:fd:cf:99:ce:21:a2:66:10:e6:b4:ea:
01:76:92:ee:08:c4:7a:85:ec:d3:65:08:9d:2f:cb:
85:17:97:d8:c0:fa:0a:12:7e:52:05:60:1a:c2:f2:
fa:4c:91:ab:da:a2:f3:5e:7f:bb:6d:cc:24:81:20:
a6:e2:dd:6f:7f:40:3f:eb:38:f8:b6:c6:00:6d:12:
24:1a:5a:f0:f1:f2:e6:08:0b:cd:24:73:30:5d:80:
26:7f:61:41:3c:ae:43:74:72:9a:9a:13:36:b1:65:
a7:9d:bb:43:df:ee:3c:b0:12:36:f2:c1:14:57:74:
e1:98:d9:ff:7c:3a:e1:74:c3:37:a1:1b:7d:dc:98:
15:3b:c9:68:db:d2:cc:b7:e1:f8:d3:44:a9:ce:11:
db:77:b1:48:c8:61:90:03:b3:cd:27:b3:63:f6:83:
3e:3f:e4:f0:f0:c0:71:78:a9:62:95:3a:3b:ac:92:
9b:4c:09:e7:01:dd:6f:f3:01:77:66:1b:dd:b4:0b:
72:0a:3e:12:79:59:56:c9:26:46:65:02:3d:08:91:
86:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:33:8C:DE:1C:A2:CC:CC:BB:6D:4F:DC:51:12:BD:6D:8C:42:06:48
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/SjOM3hyizMy7bU_cURK9bYxCBkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.6.0/24
45.155.166.0/23
Signature Algorithm: sha256WithRSAEncryption
88:30:58:b8:64:07:56:77:fa:11:f8:bb:d6:e7:44:1a:b8:b0:
92:52:ad:a9:e4:1c:38:fc:fc:c3:3e:b8:ee:22:b6:2e:8f:cb:
74:41:65:bd:ff:6e:43:94:49:f9:a3:bb:c0:54:d1:3a:42:30:
54:ff:92:af:0d:f6:3b:e0:32:00:50:f9:87:8c:a0:77:fb:8f:
73:de:ab:59:6b:58:1d:3d:84:dd:64:64:79:be:6e:1c:08:20:
e2:bf:d2:8d:db:0b:c4:dd:6c:1f:a6:03:cd:8c:6b:e0:af:22:
39:fe:af:5c:bc:31:3c:3a:7b:ce:c1:f4:32:75:54:a5:c1:91:
eb:a1:f5:21:09:d6:ad:92:e8:c8:7e:b6:c8:f2:a0:42:31:0b:
11:06:13:49:44:5f:82:13:db:ae:65:3c:32:a9:c5:2a:ae:46:
b3:fb:bf:86:33:b5:fe:c9:48:2f:71:a2:14:ca:cd:c1:01:a7:
24:bf:35:f5:4f:1a:a3:4c:46:be:95:88:26:1c:d9:b3:9f:7e:
c0:5e:0e:b4:f1:0e:7a:82:45:69:8a:72:c7:03:7e:56:09:29:
08:4c:d0:b4:95:70:a0:b3:14:32:10:e3:23:33:88:47:d4:03:
b4:10:64:88:e6:7d:0e:45:4a:fe:dd:9e:68:48:2c:25:f1:cb:
f0:21:dd:24
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYodqcfSrGeurMji5zG7XeVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwODIyMTQzMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTMzOGNkZTFjYTJjY2NjYmI2ZDRmZGM1MTEyYmQ2ZDhjNDIwNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzc8F0oVdQtQurN62+PFZZ1PQp4p
fQL4k6I/Z7NzJJEzWka9RY0MwtWaE971bSZ2/c+ZziGiZhDmtOoBdpLuCMR6hezT
ZQidL8uFF5fYwPoKEn5SBWAawvL6TJGr2qLzXn+7bcwkgSCm4t1vf0A/6zj4tsYA
bRIkGlrw8fLmCAvNJHMwXYAmf2FBPK5DdHKamhM2sWWnnbtD3+48sBI28sEUV3Th
mNn/fDrhdMM3oRt93JgVO8lo29LMt+H400SpzhHbd7FIyGGQA7PNJ7Nj9oM+P+Tw
8MBxeKlilTo7rJKbTAnnAd1v8wF3ZhvdtAtyCj4SeVlWySZGZQI9CJGGMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEozjN4coszMu21P3FESvW2MQgZIMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL1NqT00zaHlpek15N2JVX2NVUks5Yll4Q0JrZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAtjwYD
BAEtm6YwDQYJKoZIhvcNAQELBQADggEBAIgwWLhkB1Z3+hH4u9bnRBq4sJJSrank
HDj8/MM+uO4iti6Py3RBZb3/bkOUSfmju8BU0TpCMFT/kq8N9jvgMgBQ+YeMoHf7
j3Peq1lrWB09hN1kZHm+bhwIIOK/0o3bC8TdbB+mA82Ma+CvIjn+r1y8MTw6e87B
9DJ1VKXBkeuh9SEJ1q2S6Mh+tsjyoEIxCxEGE0lEX4IT265lPDKpxSquRrP7v4Yz
tf7JSC9xohTKzcEBpyS/NfVPGqNMRr6ViCYc2bOffsBeDrTxDnqCRWmKcscDflYJ
KQhM0LSVcKCzFDIQ4yMziEfUA7QQZIjmfQ5FSv7dnmhILCXxy/Ah3SQ=
-----END CERTIFICATE-----
Generated at Wed Aug 30 10:19:53 2023 by rpki-client on console-fra.rpki-client.org