Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/wq52D2UHwP83fFCRIK3Nnj1IxzU.roa
File: wq52D2UHwP83fFCRIK3Nnj1IxzU.roa (raw, json)
Hash identifier: O6fyhJh5UZb0xfcpT+fGkwO9kjmgkJg4FAhBTW4sbFc=
Subject key identifier: C2:AE:76:0F:65:07:C0:FF:37:7C:50:91:20:AD:CD:9E:3D:48:C7:35
Certificate issuer: /CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825
Certificate serial: 018572F1341B07BB1909B1EFBBC1F50547B2
Authority key identifier: 0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/wq52D2UHwP83fFCRIK3Nnj1IxzU.roa
Signing time: Mon 02 Jan 2023 14:44:48 +0000
ROA not before: Mon 02 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208202
IP address blocks: 45.154.55.0/24 maxlen: 24
45.154.52.0/24 maxlen: 24
45.154.53.0/24 maxlen: 24
45.154.54.0/24 maxlen: 24
2a0f:ad01::/32 maxlen: 32
2a0f:ad00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:34:1b:07:bb:19:09:b1:ef:bb:c1:f5:05:47:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825
Validity
Not Before: Jan 2 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2ae760f6507c0ff377c509120adcd9e3d48c735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:20:96:24:6d:3a:e9:bc:ff:c6:41:af:5f:03:
a0:f7:51:f8:4d:d5:c8:1a:0b:f9:26:a4:01:46:12:
4a:5c:c5:72:f3:8f:9e:5e:e5:eb:f9:57:65:52:12:
61:31:80:fa:98:58:e0:bc:6f:56:1d:b0:7b:fa:34:
79:90:b7:f5:18:f5:e2:ad:c2:54:e3:61:d6:2e:c8:
cf:f7:56:8a:55:90:88:b9:af:02:c0:86:39:25:26:
06:4f:ab:81:4d:09:ac:3d:19:29:a4:c9:9f:27:6e:
0f:5e:ab:67:de:83:ad:e2:ac:0b:08:8f:1b:1b:36:
14:a5:c2:bf:bd:73:a1:be:f5:0e:d7:89:68:2c:0a:
48:15:44:27:5d:55:c8:a8:5a:b1:fb:a4:60:34:6c:
1f:d9:ed:78:ef:0c:42:d3:97:ce:fb:dd:2c:27:a3:
1f:0e:0e:52:33:30:e2:c6:43:70:20:95:9b:e0:e0:
9c:d7:19:f1:88:dd:34:97:36:cc:81:f5:23:1c:e4:
4c:06:ea:c3:c9:19:64:5e:e8:a5:ce:f5:72:8a:ee:
e5:6f:f7:d3:74:5a:19:16:a0:be:0a:dc:2b:64:06:
71:b2:dc:c8:48:c8:41:9c:57:3a:0b:05:9e:22:10:
67:d6:6e:55:88:e8:6a:ab:cb:bc:0f:f2:af:47:79:
84:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AE:76:0F:65:07:C0:FF:37:7C:50:91:20:AD:CD:9E:3D:48:C7:35
X509v3 Authority Key Identifier:
keyid:0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/wq52D2UHwP83fFCRIK3Nnj1IxzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.52.0/22
IPv6:
2a0f:ad00::/31
Signature Algorithm: sha256WithRSAEncryption
5b:01:69:55:6a:07:37:43:80:60:f9:e4:ca:ee:f3:7e:7e:db:
ad:f4:77:28:c9:57:bc:c1:ec:5f:ec:1c:f1:3c:dd:8a:44:37:
be:eb:95:e1:02:f3:d0:fe:dd:75:49:53:81:2e:3a:22:4a:ee:
b1:c7:3b:59:88:81:c4:a0:39:2a:90:67:c6:d1:f5:7f:0f:90:
16:3a:0a:0b:63:0a:5a:8a:cb:c8:c0:f9:35:ab:0f:d9:a0:26:
89:05:b2:27:78:5f:b9:97:e8:20:2a:0b:77:a8:ed:df:30:b9:
15:dc:00:3c:c8:e1:29:f0:02:d9:63:e9:10:06:dc:95:62:01:
ac:10:c6:38:61:57:09:d6:bd:dd:09:34:48:f5:d0:ed:b4:c3:
b1:aa:16:f4:55:07:31:f2:91:4d:37:93:e6:0d:e6:94:28:68:
3f:09:54:d3:fb:e7:1d:3a:f7:67:5c:03:66:c7:ab:13:59:56:
51:a7:a6:9b:51:29:79:d5:f4:27:80:29:08:7a:8c:0b:2e:55:
2d:04:30:d5:dc:0c:f4:f0:66:bb:0e:84:a7:d9:18:be:d2:55:
be:29:ad:76:66:43:13:cc:fd:e7:aa:de:d2:b2:b1:fb:31:20:
4c:ee:f4:3d:de:45:4e:94:54:2e:96:31:83:09:34:36:b0:aa:
7e:d3:c1:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy8TQbB7sZCbHvu8H1BUeyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMTcwZWU4NTllOTFmNDk3M2RlNGE1NzJiMWJhZDJmM2E1
ZDE4MjUwHhcNMjMwMTAyMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFlNzYwZjY1MDdjMGZmMzc3YzUwOTEyMGFkY2Q5ZTNkNDhjNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CCWJG066bz/xkGvXwOg91H4TdXI
Ggv5JqQBRhJKXMVy84+eXuXr+VdlUhJhMYD6mFjgvG9WHbB7+jR5kLf1GPXircJU
42HWLsjP91aKVZCIua8CwIY5JSYGT6uBTQmsPRkppMmfJ24PXqtn3oOt4qwLCI8b
GzYUpcK/vXOhvvUO14loLApIFUQnXVXIqFqx+6RgNGwf2e147wxC05fO+90sJ6Mf
Dg5SMzDixkNwIJWb4OCc1xnxiN00lzbMgfUjHORMBurDyRlkXuilzvVyiu7lb/fT
dFoZFqC+CtwrZAZxstzISMhBnFc6CwWeIhBn1m5ViOhqq8u8D/KvR3mEZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMKudg9lB8D/N3xQkSCtzZ49SMc1MB8GA1UdIwQY
MBaAFA4XDuhZ6R9Jc95KVysbrS86XRglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTkt
ZmMyZWM0YmI1OTY3LzEvd3E1MkQyVUh3UDgzZkZDUklLM05uajFJeHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTktZmMyZWM0YmI1OTY3
LzEvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZo0MA0E
AgACMAcDBQEqD60AMA0GCSqGSIb3DQEBCwUAA4IBAQBbAWlVagc3Q4Bg+eTK7vN+
ftut9HcoyVe8wexf7BzxPN2KRDe+65XhAvPQ/t11SVOBLjoiSu6xxztZiIHEoDkq
kGfG0fV/D5AWOgoLYwpaisvIwPk1qw/ZoCaJBbIneF+5l+ggKgt3qO3fMLkV3AA8
yOEp8ALZY+kQBtyVYgGsEMY4YVcJ1r3dCTRI9dDttMOxqhb0VQcx8pFNN5PmDeaU
KGg/CVTT++cdOvdnXANmx6sTWVZRp6abUSl51fQngCkIeowLLlUtBDDV3Az08Ga7
DoSn2Ri+0lW+Ka12ZkMTzP3nqt7SsrH7MSBM7vQ93kVOlFQuljGDCTQ2sKp+08Hn
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:49 2024 by rpki-client on console-fra.rpki-client.org