Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/kL1wW9jzpzUlzP5jsnS8F03JMTU.roa
File: kL1wW9jzpzUlzP5jsnS8F03JMTU.roa (raw, json)
Hash identifier: O+TonoCktvFtvVB02LTyFcZgR7nKd0dgjPzMVXhU1C4=
Subject key identifier: 90:BD:70:5B:D8:F3:A7:35:25:CC:FE:63:B2:74:BC:17:4D:C9:31:35
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018574411940F912DA16FDCDC23F346B618F
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/kL1wW9jzpzUlzP5jsnS8F03JMTU.roa
Signing time: Mon 02 Jan 2023 20:51:41 +0000
ROA not before: Mon 02 Jan 2023 20:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.143.11.0/24 maxlen: 24
45.143.9.0/24 maxlen: 24
94.143.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:74:41:19:40:f9:12:da:16:fd:cd:c2:3f:34:6b:61:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jan 2 20:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90bd705bd8f3a73525ccfe63b274bc174dc93135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d9:3d:00:27:43:82:1a:10:8d:a7:7a:3d:f5:
fc:84:80:52:3d:d9:79:19:99:b5:66:d7:eb:19:33:
61:df:d1:13:8b:45:f8:a2:0f:b0:8c:8c:d9:c8:da:
01:ea:16:ff:f9:7f:d5:7f:63:b3:97:54:27:09:81:
e0:13:e3:70:fe:09:aa:01:11:9a:eb:8b:e0:0e:05:
93:5f:22:91:a3:18:ed:b0:63:43:b3:97:a8:6a:3a:
a6:4a:43:a9:45:8b:31:80:d3:dc:5a:f0:61:53:8b:
15:3e:24:67:44:5b:70:83:1e:05:8e:93:4c:3c:17:
d6:58:62:46:de:3b:52:c6:9e:8a:dd:78:23:f8:94:
a8:79:42:99:be:f3:cd:10:38:90:d1:fc:e9:c0:f7:
90:56:69:a9:3a:14:2a:7b:d0:88:7c:58:95:c2:70:
33:e1:b7:20:47:8e:d3:78:99:84:1d:18:35:49:9d:
f2:e6:3f:05:c9:33:90:21:3c:28:34:d4:8c:8a:a9:
4d:7b:b7:d3:d8:e5:8f:bf:a3:77:62:25:13:90:b9:
cd:09:0b:e6:2c:f7:e4:0d:92:9d:d0:8f:6d:fa:a3:
ed:90:f5:6e:4a:88:d0:13:92:86:8e:b6:95:79:3d:
f5:89:df:9d:a9:a2:f4:16:7b:f2:4f:be:b0:25:79:
6d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BD:70:5B:D8:F3:A7:35:25:CC:FE:63:B2:74:BC:17:4D:C9:31:35
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/kL1wW9jzpzUlzP5jsnS8F03JMTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.9.0/24
45.143.11.0/24
94.143.225.0/24
Signature Algorithm: sha256WithRSAEncryption
40:b3:b7:d7:6c:85:5f:91:e0:62:35:b8:b3:70:37:47:ab:eb:
9d:44:d1:0d:b0:d8:5f:cb:90:bd:08:b3:3a:15:8f:6a:cb:e2:
78:01:50:09:c4:c5:09:79:2a:5a:e0:d3:64:50:be:b8:19:7c:
40:86:6c:e9:0f:7a:3f:41:66:9a:49:73:2e:3e:d0:84:9f:95:
c1:4f:35:4a:70:e0:77:dc:6d:64:66:fe:d1:f4:22:54:c8:e6:
e8:6d:78:bf:2a:c3:a3:69:a2:cf:2f:18:f1:04:e7:1b:de:23:
82:98:af:40:d5:9b:9b:bc:98:34:55:87:7c:ee:d0:4e:ab:8f:
48:52:05:02:9c:d4:90:01:57:ae:96:13:8d:d2:b9:33:b8:79:
b4:83:a3:2c:49:a6:22:a0:78:c1:5e:3f:30:15:8e:de:6e:24:
58:98:28:4f:f6:c8:86:05:ed:2b:ca:c2:6f:cf:23:92:2e:f2:
1e:af:ea:4f:6f:c1:5b:cb:cf:71:4d:8d:40:83:74:62:b7:a7:
f1:0f:9a:4f:5d:67:a1:ba:c0:61:61:d5:8f:63:be:59:c1:48:
93:2d:e0:bb:37:5b:12:e4:bb:29:f0:7b:11:1a:6f:33:3e:b4:
37:3a:7b:29:59:ed:4f:74:6e:43:77:74:73:ca:b7:4f:09:b4:
c2:f7:7c:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV0QRlA+RLaFv3Nwj80a2GPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMwMTAyMjA1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJkNzA1YmQ4ZjNhNzM1MjVjY2ZlNjNiMjc0YmMxNzRkYzkzMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9k9ACdDghoQjad6PfX8hIBSPdl5
GZm1ZtfrGTNh39ETi0X4og+wjIzZyNoB6hb/+X/Vf2Ozl1QnCYHgE+Nw/gmqARGa
64vgDgWTXyKRoxjtsGNDs5eoajqmSkOpRYsxgNPcWvBhU4sVPiRnRFtwgx4FjpNM
PBfWWGJG3jtSxp6K3Xgj+JSoeUKZvvPNEDiQ0fzpwPeQVmmpOhQqe9CIfFiVwnAz
4bcgR47TeJmEHRg1SZ3y5j8FyTOQITwoNNSMiqlNe7fT2OWPv6N3YiUTkLnNCQvm
LPfkDZKd0I9t+qPtkPVuSojQE5KGjraVeT31id+dqaL0FnvyT76wJXlteQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJC9cFvY86c1Jcz+Y7J0vBdNyTE1MB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEva0wxd1c5anpwelVselA1anNuUzhGMDNKTVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY8JAwQA
LY8LAwQAXo/hMA0GCSqGSIb3DQEBCwUAA4IBAQBAs7fXbIVfkeBiNbizcDdHq+ud
RNENsNhfy5C9CLM6FY9qy+J4AVAJxMUJeSpa4NNkUL64GXxAhmzpD3o/QWaaSXMu
PtCEn5XBTzVKcOB33G1kZv7R9CJUyObobXi/KsOjaaLPLxjxBOcb3iOCmK9A1Zub
vJg0VYd87tBOq49IUgUCnNSQAVeulhON0rkzuHm0g6MsSaYioHjBXj8wFY7ebiRY
mChP9siGBe0rysJvzyOSLvIer+pPb8Fby89xTY1Ag3Rit6fxD5pPXWehusBhYdWP
Y75ZwUiTLeC7N1sS5Lsp8HsRGm8zPrQ3OnspWe1PdG5Dd3RzyrdPCbTC93y8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org