Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/NdCZjDP6M-iLyPQ12gvJXI5-EIg.roa
File: NdCZjDP6M-iLyPQ12gvJXI5-EIg.roa (raw, json)
Hash identifier: C7MDZGbj3D8YB9nmPB7yrV2lC+YDRM41fxp5CVyY5gE=
Subject key identifier: 35:D0:99:8C:33:FA:33:E8:8B:C8:F4:35:DA:0B:C9:5C:8E:7E:10:88
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0185718C3047E9A9243D15C67B77EA34BF44
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/NdCZjDP6M-iLyPQ12gvJXI5-EIg.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:30:47:e9:a9:24:3d:15:c6:7b:77:ea:34:bf:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35d0998c33fa33e88bc8f435da0bc95c8e7e1088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fa:26:b3:88:6a:5c:7b:34:89:98:ab:a4:24:
fc:ae:78:09:cb:bd:7c:4a:6d:99:bd:b5:2c:66:6b:
1b:ec:c5:d2:b0:97:7e:9e:d7:8a:58:85:75:53:de:
e2:13:4b:60:22:ab:4a:ef:83:b5:37:51:cd:31:45:
85:65:51:b4:c9:73:62:db:5c:d1:31:b6:f9:52:92:
9f:e4:2b:93:22:9c:93:60:ab:89:df:2e:42:2f:9b:
e1:d2:05:02:49:63:3a:dc:41:c8:71:84:a0:53:41:
41:d1:37:9f:c7:76:68:61:9f:ba:ea:62:d0:5a:33:
38:08:34:0e:22:30:41:41:f2:1a:88:85:19:4c:7a:
e2:54:97:e5:dd:42:8e:a6:35:68:06:29:96:04:4d:
52:8a:cd:a9:e6:01:7e:46:f7:d5:ea:a4:d5:b0:96:
83:85:7e:34:73:f7:38:f7:26:b4:ad:e3:61:1e:98:
94:64:73:1d:54:7d:ec:78:0d:6f:b6:a0:0f:ca:12:
90:19:eb:e0:55:23:e3:ee:90:4f:3b:e8:7b:18:ff:
9a:d6:ca:26:ab:c0:5f:64:14:d0:0e:da:6e:41:b6:
3f:8b:b2:72:2b:0a:89:20:27:a9:07:fe:bc:49:19:
7d:ba:92:a5:5f:34:27:06:c1:a3:3d:4c:01:ab:bd:
c4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D0:99:8C:33:FA:33:E8:8B:C8:F4:35:DA:0B:C9:5C:8E:7E:10:88
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/NdCZjDP6M-iLyPQ12gvJXI5-EIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/24
89.42.44.0/22
89.46.217.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:cc:05:1f:7e:38:15:ae:6d:f1:f2:9b:29:38:61:ef:0f:4e:
5e:82:00:4b:5e:00:cf:41:1f:e1:be:4c:ae:25:a9:86:ba:0c:
ed:70:83:34:df:81:df:9d:c3:6f:21:3c:cf:4b:f1:c8:63:98:
cc:b2:3a:7e:c1:d7:00:76:00:c7:72:0e:cd:0f:b8:53:6f:b1:
f9:dc:09:cc:21:80:35:bb:0e:88:67:fb:c6:78:bf:7e:16:f2:
56:56:94:26:cc:8f:46:b0:95:34:35:dc:f7:3e:5c:a3:a6:eb:
c3:10:fc:69:12:ac:23:4c:00:63:c1:ad:e3:93:3e:e9:84:bf:
ac:e1:d7:85:7c:1e:75:7a:9d:5a:c5:b7:a7:1e:0e:07:44:73:
24:d6:12:b9:2d:20:26:e7:75:ec:f7:fa:4c:bf:f4:38:ce:79:
3b:19:bf:b4:71:61:b4:86:d8:1e:a7:21:66:46:2e:6d:b6:58:
0d:91:b9:8c:a9:9f:73:90:4f:c7:16:f9:87:7f:17:8f:10:2f:
19:4f:4c:54:c9:2e:fb:bc:12:0e:29:91:0f:c9:3f:ac:1f:b6:
77:49:2e:65:e8:bb:47:47:e7:c8:fb:2c:24:60:ee:03:24:7a:
78:ad:83:29:e9:8a:91:37:d4:25:c9:5a:13:a6:d8:9a:4f:11:
48:7d:67:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxjDBH6akkPRXGe3fqNL9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQwOTk4YzMzZmEzM2U4OGJjOGY0MzVkYTBiYzk1YzhlN2UxMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPoms4hqXHs0iZirpCT8rngJy718
Sm2ZvbUsZmsb7MXSsJd+nteKWIV1U97iE0tgIqtK74O1N1HNMUWFZVG0yXNi21zR
Mbb5UpKf5CuTIpyTYKuJ3y5CL5vh0gUCSWM63EHIcYSgU0FB0Tefx3ZoYZ+66mLQ
WjM4CDQOIjBBQfIaiIUZTHriVJfl3UKOpjVoBimWBE1Sis2p5gF+RvfV6qTVsJaD
hX40c/c49ya0reNhHpiUZHMdVH3seA1vtqAPyhKQGevgVSPj7pBPO+h7GP+a1som
q8BfZBTQDtpuQbY/i7JyKwqJICepB/68SRl9upKlXzQnBsGjPUwBq73EowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDXQmYwz+jPoi8j0NdoLyVyOfhCIMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvTmRDWmpEUDZNLWlMeVBRMTJndkpYSTUtRUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7WAwQC
WSosAwQAWS7ZMA0GCSqGSIb3DQEBCwUAA4IBAQBbzAUffjgVrm3x8pspOGHvD05e
ggBLXgDPQR/hvkyuJamGugztcIM034HfncNvITzPS/HIY5jMsjp+wdcAdgDHcg7N
D7hTb7H53AnMIYA1uw6IZ/vGeL9+FvJWVpQmzI9GsJU0Ndz3PlyjpuvDEPxpEqwj
TABjwa3jkz7phL+s4deFfB51ep1axbenHg4HRHMk1hK5LSAm53Xs9/pMv/Q4znk7
Gb+0cWG0htgepyFmRi5ttlgNkbmMqZ9zkE/HFvmHfxePEC8ZT0xUyS77vBIOKZEP
yT+sH7Z3SS5l6LtHR+fI+ywkYO4DJHp4rYMp6YqRN9QlyVoTptiaTxFIfWeA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:10 2023 by rpki-client on console-ams.rpki-client.org