Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/KcxFyQGrVaIItJO45TwiGFw00OE.roa
File: KcxFyQGrVaIItJO45TwiGFw00OE.roa (raw, json)
Hash identifier: ppqAEUveXHvUQ274dap4pFallAVfLH/mn/aqV2mmHh8=
Subject key identifier: 29:CC:45:C9:01:AB:55:A2:08:B4:93:B8:E5:3C:22:18:5C:34:D0:E1
Certificate issuer: /CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Certificate serial: 01856F8BA98FAA4AAFE2D677B57B0F225696
Authority key identifier: B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/KcxFyQGrVaIItJO45TwiGFw00OE.roa
Signing time: Sun 01 Jan 2023 22:55:01 +0000
ROA not before: Sun 01 Jan 2023 22:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.152.91.0/24 maxlen: 24
2a0f:5100:a01::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:a9:8f:aa:4a:af:e2:d6:77:b5:7b:0f:22:56:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9032bdb128c86e00b21c77959a8011c40d0650c
Validity
Not Before: Jan 1 22:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29cc45c901ab55a208b493b8e53c22185c34d0e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1c:88:08:e5:8e:54:d1:93:c1:b3:fc:e7:1e:
b9:ae:b3:7e:f4:6d:c1:74:e5:7a:c7:87:9e:99:e1:
72:5b:9c:bf:a6:32:d8:30:93:68:cd:e7:d4:7f:e4:
41:84:4e:1c:e7:ca:1d:05:b9:61:6c:c0:46:94:37:
98:76:d8:c3:c4:85:1a:1d:09:37:63:13:10:5b:0e:
1b:e6:a3:f0:eb:f1:02:10:c4:5c:6a:d9:eb:46:ab:
dd:d3:14:68:8b:be:2a:92:61:b9:e3:3e:a7:9b:66:
f9:68:28:d4:1d:78:9f:78:90:14:7c:72:74:db:5f:
a2:66:f9:f9:14:0d:dd:33:4f:53:e6:d4:aa:a9:2f:
e9:fd:3a:4c:94:95:bb:48:f1:d3:97:d1:f3:30:9d:
53:5d:61:d3:43:17:f4:69:f7:1b:13:79:69:27:ce:
a5:e1:ad:a1:7e:f6:8e:b8:7f:d8:01:de:02:61:39:
d6:38:a9:ba:bb:4a:b0:00:1f:d3:49:3b:a9:35:3a:
49:a5:a0:1c:a0:e8:4a:02:35:44:e2:0a:2c:aa:53:
9b:10:0e:f5:7a:d9:af:f6:f5:bd:72:80:23:c5:a6:
39:af:9a:ef:5f:72:4b:7b:ac:2d:59:18:0b:92:da:
d3:4a:2c:04:69:eb:42:2f:a3:f1:10:71:83:3a:56:
05:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CC:45:C9:01:AB:55:A2:08:B4:93:B8:E5:3C:22:18:5C:34:D0:E1
X509v3 Authority Key Identifier:
keyid:B9:03:2B:DB:12:8C:86:E0:0B:21:C7:79:59:A8:01:1C:40:D0:65:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQMr2xKMhuALIcd5WagBHEDQZQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/KcxFyQGrVaIItJO45TwiGFw00OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bcb03d-1c11-4516-a88f-fe846f75d170/1/uQMr2xKMhuALIcd5WagBHEDQZQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.91.0/24
IPv6:
2a0f:5100:a01::/48
Signature Algorithm: sha256WithRSAEncryption
15:a3:23:8b:25:9b:da:d9:da:6d:62:ea:ce:6f:04:b3:ab:c0:
4c:77:9c:d5:8a:57:e2:1d:9d:39:e7:a2:c3:d5:78:23:70:f6:
5c:73:ca:3a:62:83:e8:ad:d4:06:5d:7a:01:1d:02:94:0f:aa:
fd:a2:17:19:12:7a:de:ff:cb:0b:23:07:13:9d:e1:bf:ae:d2:
dc:01:13:19:e2:4f:11:ee:2f:4b:8d:e6:12:c7:3f:4e:3f:da:
20:72:91:2e:2b:98:59:43:58:ef:de:25:8e:e0:75:0d:ff:20:
ad:e7:ef:1f:f4:23:37:5f:41:16:cf:92:d1:eb:1f:76:f9:15:
99:0f:2b:d8:ca:c5:0d:07:55:78:30:78:d2:72:ad:96:3e:4a:
ee:6b:f0:02:e7:9a:15:d3:ef:c8:2e:75:b9:e8:10:63:4a:1b:
b0:ee:6a:a8:2a:cf:14:0b:52:54:4f:08:46:76:fb:a0:6b:8a:
c8:43:98:15:05:78:47:4c:d8:69:0f:57:5b:c6:c8:b9:eb:ea:
ca:9d:29:b7:d0:9a:45:e7:0a:d0:24:e6:c2:ec:5c:59:45:e1:
e7:09:4a:2a:45:8a:fa:2a:67:b9:c3:00:b0:7b:11:18:e1:2c:
c8:ce:b4:b6:93:bb:85:fe:6e:e1:35:1d:17:71:eb:4e:3b:96:
aa:1e:9a:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvi6mPqkqv4tZ3tXsPIlaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MDMyYmRiMTI4Yzg2ZTAwYjIxYzc3OTU5YTgwMTFjNDBk
MDY1MGMwHhcNMjMwMTAxMjI1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWNjNDVjOTAxYWI1NWEyMDhiNDkzYjhlNTNjMjIxODVjMzRkMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRyICOWOVNGTwbP85x65rrN+9G3B
dOV6x4eemeFyW5y/pjLYMJNozefUf+RBhE4c58odBblhbMBGlDeYdtjDxIUaHQk3
YxMQWw4b5qPw6/ECEMRcatnrRqvd0xRoi74qkmG54z6nm2b5aCjUHXifeJAUfHJ0
21+iZvn5FA3dM09T5tSqqS/p/TpMlJW7SPHTl9HzMJ1TXWHTQxf0afcbE3lpJ86l
4a2hfvaOuH/YAd4CYTnWOKm6u0qwAB/TSTupNTpJpaAcoOhKAjVE4gosqlObEA71
etmv9vW9coAjxaY5r5rvX3JLe6wtWRgLktrTSiwEaetCL6PxEHGDOlYFtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCnMRckBq1WiCLSTuOU8IhhcNNDhMB8GA1UdIwQY
MBaAFLkDK9sSjIbgCyHHeVmoARxA0GUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYt
ZmU4NDZmNzVkMTcwLzEvS2N4RnlRR3JWYUlJdEpPNDVUd2lHRncwME9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iY2IwM2QtMWMxMS00NTE2LWE4OGYtZmU4NDZmNzVkMTcw
LzEvdVFNcjJ4S01odUFMSWNkNVdhZ0JIRURRWlF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZhbMA8E
AgACMAkDBwAqD1EACgEwDQYJKoZIhvcNAQELBQADggEBABWjI4slm9rZ2m1i6s5v
BLOrwEx3nNWKV+IdnTnnosPVeCNw9lxzyjpig+it1AZdegEdApQPqv2iFxkSet7/
ywsjBxOd4b+u0twBExniTxHuL0uN5hLHP04/2iBykS4rmFlDWO/eJY7gdQ3/IK3n
7x/0IzdfQRbPktHrH3b5FZkPK9jKxQ0HVXgweNJyrZY+Su5r8ALnmhXT78gudbno
EGNKG7DuaqgqzxQLUlRPCEZ2+6BrishDmBUFeEdM2GkPV1vGyLnr6sqdKbfQmkXn
CtAk5sLsXFlF4ecJSipFivoqZ7nDALB7ERjhLMjOtLaTu4X+buE1HRdx6047lqoe
mmw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:10 2024 by rpki-client on console-ams.rpki-client.org