Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2Ys9QXY4spo062AnVRYIUjCf6_U.roa
File: 2Ys9QXY4spo062AnVRYIUjCf6_U.roa (raw, json)
Hash identifier: RRAAGfHcNR0c3rT7Gzk/JSHovPKqZpEsbLvxIj4QmK4=
Subject key identifier: D9:8B:3D:41:76:38:B2:9A:34:EB:60:27:55:16:08:52:30:9F:EB:F5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01869CB3BCA0B5D0F73F9C8DACE50317D43E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2Ys9QXY4spo062AnVRYIUjCf6_U.roa
Signing time: Wed 01 Mar 2023 10:24:30 +0000
ROA not before: Wed 01 Mar 2023 10:24:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203442
IP address blocks: 45.148.118.0/24 maxlen: 24
2a0e:97c0:bc0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:b3:bc:a0:b5:d0:f7:3f:9c:8d:ac:e5:03:17:d4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 1 10:24:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d98b3d417638b29a34eb602755160852309febf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:fa:c7:73:c8:72:c5:44:8f:8d:e9:59:cf:
c3:33:69:ab:b7:ea:84:f9:5c:2e:cd:f1:9d:17:91:
8e:e4:d2:16:ff:f2:b7:a9:25:df:74:11:14:97:26:
65:8f:e0:75:4b:da:e0:df:20:ee:b1:20:4e:95:ea:
55:df:09:3e:8a:5f:26:0b:86:df:b5:92:2f:53:65:
a4:91:60:2b:9b:1d:33:6c:3c:d4:f6:14:a6:6a:ed:
9d:10:33:f1:1d:64:2b:5d:73:d5:9e:f8:28:99:9f:
ab:8f:00:ca:c1:ca:e6:cc:1c:67:20:97:24:97:b4:
39:0a:ea:a1:c4:38:b2:85:5e:d6:84:8b:f3:d7:55:
16:0a:b3:ad:b9:55:93:d8:f7:ae:b4:a4:81:98:0d:
22:d9:7f:81:fc:fb:a9:a5:fe:fd:09:fe:63:0f:c7:
ab:83:9b:d5:b3:47:37:73:34:57:5a:63:a0:f5:7b:
e1:88:c7:08:05:78:66:c7:22:a0:7f:ec:eb:2d:9f:
94:58:bf:ed:3b:a5:e3:0c:f1:df:65:e3:c1:1e:7b:
41:fe:d8:07:65:fe:c5:53:06:ad:26:f1:79:cb:65:
cc:b5:30:ba:6f:5b:2f:38:f7:c6:07:38:fc:d6:cf:
cd:9c:fa:90:3b:97:60:0e:1f:16:4d:18:dd:f5:23:
6b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8B:3D:41:76:38:B2:9A:34:EB:60:27:55:16:08:52:30:9F:EB:F5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2Ys9QXY4spo062AnVRYIUjCf6_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.118.0/24
IPv6:
2a0e:97c0:bc0::/44
Signature Algorithm: sha256WithRSAEncryption
bd:26:22:15:6b:43:7b:22:cd:cd:54:76:12:f3:92:d1:4d:ae:
de:3d:ed:0d:32:04:4e:9b:93:87:d3:28:57:0a:28:f2:ac:9c:
02:ce:4b:af:3e:44:24:c4:3d:6b:c3:6c:e2:86:2b:8e:29:80:
54:9f:86:8b:5d:15:d3:26:9f:06:87:79:4f:ff:d0:4b:68:7e:
2f:c6:19:45:c5:04:99:42:ce:91:44:39:24:bc:da:98:94:26:
cc:ce:69:81:26:b1:f9:00:7a:92:f8:8e:67:3e:d9:4c:63:64:
d8:59:5c:b2:d4:da:6a:67:03:73:cc:a4:1e:4e:0c:6d:8c:12:
79:a5:72:fc:92:f8:17:ae:a3:ad:e2:de:b1:21:1e:d7:34:1f:
6c:60:a9:96:8e:84:5f:9c:36:fa:0d:5a:85:9b:8f:bd:29:36:
4f:91:3a:2b:8c:35:5c:fe:14:46:a0:0b:74:07:ac:18:84:9b:
85:d2:d1:a9:6a:dc:41:78:8b:97:34:ad:eb:c5:60:75:e9:34:
9a:18:45:d1:f8:d4:e2:10:0b:7e:6d:6f:96:b2:58:8c:31:27:
ec:16:23:d1:5f:4c:5a:3a:76:02:6d:c0:e4:c3:a1:69:9c:9b:
42:1c:80:ed:2c:e0:b5:02:cf:b7:55:3e:8d:97:6c:67:11:99:
f3:51:ea:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYacs7ygtdD3P5yNrOUDF9Q+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMzAxMTAyNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOThiM2Q0MTc2MzhiMjlhMzRlYjYwMjc1NTE2MDg1MjMwOWZlYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoD6x3PIcsVEj43pWc/DM2mrt+qE
+VwuzfGdF5GO5NIW//K3qSXfdBEUlyZlj+B1S9rg3yDusSBOlepV3wk+il8mC4bf
tZIvU2WkkWArmx0zbDzU9hSmau2dEDPxHWQrXXPVnvgomZ+rjwDKwcrmzBxnIJck
l7Q5CuqhxDiyhV7WhIvz11UWCrOtuVWT2PeutKSBmA0i2X+B/Puppf79Cf5jD8er
g5vVs0c3czRXWmOg9XvhiMcIBXhmxyKgf+zrLZ+UWL/tO6XjDPHfZePBHntB/tgH
Zf7FUwatJvF5y2XMtTC6b1svOPfGBzj81s/NnPqQO5dgDh8WTRjd9SNr4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNmLPUF2OLKaNOtgJ1UWCFIwn+v1MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMllzOVFYWTRzcG8wNjJBblZSWUlVakNmNl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZR2MA8E
AgACMAkDBwQqDpfAC8AwDQYJKoZIhvcNAQELBQADggEBAL0mIhVrQ3sizc1UdhLz
ktFNrt497Q0yBE6bk4fTKFcKKPKsnALOS68+RCTEPWvDbOKGK44pgFSfhotdFdMm
nwaHeU//0Etofi/GGUXFBJlCzpFEOSS82piUJszOaYEmsfkAepL4jmc+2UxjZNhZ
XLLU2mpnA3PMpB5ODG2MEnmlcvyS+Beuo63i3rEhHtc0H2xgqZaOhF+cNvoNWoWb
j70pNk+ROiuMNVz+FEagC3QHrBiEm4XS0alq3EF4i5c0revFYHXpNJoYRdH41OIQ
C35tb5ayWIwxJ+wWI9FfTFo6dgJtwOTDoWmcm0IcgO0s4LUCz7dVPo2XbGcRmfNR
6v8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:54 2023 by rpki-client on console-ams.rpki-client.org