Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1yNZQObamjDLNyVmsRzD7aqE4Oc.roa
File: 1yNZQObamjDLNyVmsRzD7aqE4Oc.roa (raw, json)
Hash identifier: 8H6VuAeXZmjeEST0yEelqIXRr2pPDt1mLw1EhllGvZ8=
Subject key identifier: D7:23:59:40:E6:DA:9A:30:CB:37:25:66:B1:1C:C3:ED:AA:84:E0:E7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185749AD582CE95D7267263EB17B21EEF15
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1yNZQObamjDLNyVmsRzD7aqE4Oc.roa
Signing time: Mon 02 Jan 2023 22:29:42 +0000
ROA not before: Mon 02 Jan 2023 22:29:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203442
IP address blocks: 45.148.118.0/24 maxlen: 24
2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:74:9a:d5:82:ce:95:d7:26:72:63:eb:17:b2:1e:ef:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 22:29:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7235940e6da9a30cb372566b11cc3edaa84e0e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:03:27:c5:f8:11:2b:20:29:f4:b3:6b:d2:32:
1b:03:90:81:c0:b2:fe:c8:93:8d:da:e9:66:6e:fb:
3b:b2:ff:e4:a9:86:2d:cd:da:97:3a:db:74:59:98:
ee:bb:1f:ca:4a:b8:31:4d:0e:40:8f:e1:b9:b6:90:
cb:bc:37:a0:1d:95:b9:26:54:c5:2a:6e:b8:c2:c8:
17:2a:e4:61:45:8f:ae:9f:e5:b7:35:dc:4f:3f:ce:
5f:5c:9e:75:14:2d:2c:c0:b7:15:44:ea:4b:47:53:
97:a1:fb:01:2b:86:90:4c:95:0e:8b:04:64:9f:7e:
91:0b:60:17:24:45:b6:16:9b:3a:a2:44:47:99:e8:
9f:0c:4b:21:d5:2f:7f:8b:2b:95:b6:b7:50:67:e6:
c2:7f:99:f4:40:08:61:7f:b2:e7:af:bb:4c:ec:bd:
1e:2e:2f:fc:10:5d:18:a4:63:60:04:8f:69:f0:05:
e6:35:13:d9:fa:b3:fd:53:22:93:f7:33:12:e6:ba:
b1:e4:37:9a:36:5a:91:a5:6d:06:17:7f:0e:23:42:
a0:85:17:81:4c:25:e3:0f:a8:03:1d:f6:f0:13:c6:
43:a0:23:f8:e6:af:f2:c3:d3:29:6c:aa:b7:e0:ee:
1d:6a:fa:78:72:4c:0b:b5:e1:2c:32:04:1b:fe:90:
63:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:23:59:40:E6:DA:9A:30:CB:37:25:66:B1:1C:C3:ED:AA:84:E0:E7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1yNZQObamjDLNyVmsRzD7aqE4Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.118.0/24
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
03:c0:b0:3c:57:31:b2:59:8e:21:e7:0f:ba:be:37:cb:e6:c4:
fc:3a:5c:2a:0d:2b:bb:b9:f2:07:93:b0:c3:15:44:2c:dd:14:
b3:f2:c4:98:d6:cc:6f:a1:70:02:46:c7:f6:3e:14:a8:ba:2a:
1e:32:b3:8c:f9:1f:0e:cf:6f:38:e8:8f:ea:d1:a3:e8:b5:cd:
d9:c1:0e:f1:7b:5f:98:d4:01:70:59:c6:1c:7d:ce:3a:0a:12:
af:54:6c:5f:83:10:b8:f2:1a:97:0d:4c:37:fc:e9:64:a3:03:
c4:2a:0f:82:5f:cb:cb:73:92:2e:45:22:b8:51:ef:a3:c0:f8:
c1:7c:b5:ed:05:75:71:b7:82:d6:4a:4f:a5:56:0d:2d:9d:bd:
ac:e1:dc:e3:02:3a:3c:a0:0d:8d:4d:e2:0c:87:08:5b:1b:0e:
1e:ac:a6:00:c6:0a:78:ac:6b:7a:8d:e5:f9:52:10:61:68:7c:
a2:65:a1:3f:a0:1e:55:e3:b2:20:45:b9:1b:1d:a2:c5:ea:be:
a3:1f:0c:6b:cc:d6:60:d1:90:76:c7:c6:42:9f:d9:8e:b0:ee:
88:3c:dc:2d:dc:58:ca:25:6a:a8:32:55:6f:1e:79:c7:8a:e3:
21:44:2c:33:f8:8c:8f:ea:59:2b:99:36:1a:67:ac:01:c9:8b:
f8:0a:c8:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV0mtWCzpXXJnJj6xeyHu8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMjIyOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzIzNTk0MGU2ZGE5YTMwY2IzNzI1NjZiMTFjYzNlZGFhODRlMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwMnxfgRKyAp9LNr0jIbA5CBwLL+
yJON2ulmbvs7sv/kqYYtzdqXOtt0WZjuux/KSrgxTQ5Aj+G5tpDLvDegHZW5JlTF
Km64wsgXKuRhRY+un+W3NdxPP85fXJ51FC0swLcVROpLR1OXofsBK4aQTJUOiwRk
n36RC2AXJEW2Fps6okRHmeifDEsh1S9/iyuVtrdQZ+bCf5n0QAhhf7Lnr7tM7L0e
Li/8EF0YpGNgBI9p8AXmNRPZ+rP9UyKT9zMS5rqx5DeaNlqRpW0GF38OI0KghReB
TCXjD6gDHfbwE8ZDoCP45q/yw9MpbKq34O4davp4ckwLteEsMgQb/pBj9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNcjWUDm2powyzclZrEcw+2qhODnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMXlOWlFPYmFtakRMTnlWbXNSekQ3YXFFNE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR2MA8E
AgACMAkDBwQqDpfAC8AwDQYJKoZIhvcNAQELBQADggEBAAPAsDxXMbJZjiHnD7q+
N8vmxPw6XCoNK7u58geTsMMVRCzdFLPyxJjWzG+hcAJGx/Y+FKi6Kh4ys4z5Hw7P
bzjoj+rRo+i1zdnBDvF7X5jUAXBZxhx9zjoKEq9UbF+DELjyGpcNTDf86WSjA8Qq
D4Jfy8tzki5FIrhR76PA+MF8te0FdXG3gtZKT6VWDS2dvazh3OMCOjygDY1N4gyH
CFsbDh6spgDGCnisa3qN5flSEGFofKJloT+gHlXjsiBFuRsdosXqvqMfDGvM1mDR
kHbHxkKf2Y6w7og83C3cWMolaqgyVW8eeceK4yFELDP4jI/qWSuZNhpnrAHJi/gK
yPE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org