Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa
File: jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa (raw, json)
Hash identifier: 6B117uU5534EcpaF3tfc5RobbgnYjSPOnOz98qCL15k=
Subject key identifier: 8D:1B:BD:1F:96:4E:E6:9D:C9:0C:F2:08:71:CB:00:CA:19:6C:34:C8
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018876CE00E8FD629D17BCFC47ACF7F748EC
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa
Signing time: Thu 01 Jun 2023 11:53:12 +0000
ROA not before: Thu 01 Jun 2023 11:53:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52035
IP address blocks: 158.41.24.0/21 maxlen: 24
45.146.232.0/22 maxlen: 22
45.141.168.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:ce:00:e8:fd:62:9d:17:bc:fc:47:ac:f7:f7:48:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Jun 1 11:53:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d1bbd1f964ee69dc90cf20871cb00ca196c34c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c5:e6:ce:0b:be:68:8e:64:8a:34:6e:2d:1d:
de:21:e6:2d:aa:96:21:32:80:11:ba:93:ae:9d:f7:
25:2c:16:e5:9c:d3:c8:e5:36:a4:28:65:79:25:6c:
af:ce:3c:5a:d9:9a:11:e3:72:da:f3:69:60:07:78:
35:b3:20:0b:1c:d3:b8:30:1e:cc:ce:18:62:ad:24:
0e:69:14:d0:3d:17:5a:d0:91:bd:0f:02:6c:bc:96:
77:18:36:1d:d0:fa:86:a8:50:da:44:f5:5f:7b:a6:
14:9e:1e:bd:e9:59:49:9d:6d:01:df:9c:16:aa:9b:
b8:8f:7e:b6:dd:10:6f:2e:e5:a5:f2:42:eb:a4:ce:
0a:96:d8:5d:0c:be:1c:76:84:39:5e:cd:42:a7:0e:
f3:90:f8:7a:74:89:f0:cc:fd:dc:ce:d9:55:51:d2:
11:be:5b:f2:d1:af:2e:2e:fe:7f:bd:44:83:73:7a:
a1:a9:af:b3:92:71:ba:f8:73:de:c6:f2:3a:2e:2c:
aa:4f:bd:ea:4e:ca:46:29:13:39:95:75:db:22:fc:
2f:4c:fa:6b:d8:16:18:8e:7c:d3:b1:4f:58:56:5e:
07:e1:32:2f:6a:4d:9e:75:1f:ce:ed:d7:0f:8b:73:
7f:8e:50:45:1f:8f:ab:67:be:94:89:7a:c0:c0:b3:
4d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1B:BD:1F:96:4E:E6:9D:C9:0C:F2:08:71:CB:00:CA:19:6C:34:C8
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/jRu9H5ZO5p3JDPIIccsAyhlsNMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.168.0/22
45.146.232.0/22
158.41.24.0/21
Signature Algorithm: sha256WithRSAEncryption
71:c5:37:48:ea:7b:3a:c5:38:0b:ae:97:c1:71:c7:67:13:d1:
f9:27:03:a7:40:61:80:dd:f3:27:53:18:ff:cb:cf:e2:ed:5f:
8a:d3:e3:68:a2:bd:c8:49:75:d0:fe:04:db:fc:9b:48:81:77:
40:fc:da:ad:12:76:8e:82:01:47:de:e9:6d:1c:6b:18:c5:77:
69:25:e9:d0:c9:51:8e:cb:59:bb:89:55:e1:ab:18:d9:d5:00:
65:f2:9d:54:b4:1e:aa:4d:cb:06:88:ce:84:2c:45:fe:af:a3:
b2:da:0f:be:9c:33:72:6a:6e:f5:18:a5:57:bb:80:99:3f:f2:
b0:be:f2:72:ad:c8:99:6b:88:7c:c0:3a:1e:e8:2c:7c:4a:c8:
b7:70:93:64:77:2a:88:6e:1c:c5:1d:7a:25:db:fc:c8:5b:0e:
b9:56:08:14:4f:05:69:04:91:d0:b9:7c:d5:3a:59:8d:7d:c6:
fb:a1:cf:d2:2c:4f:5c:62:94:72:a2:f7:f8:5c:68:36:f8:85:
47:fe:3d:76:b0:b2:79:21:9b:e9:fd:66:bc:ef:cb:80:d8:5b:
f3:0f:07:f7:36:4b:d3:e4:c9:7a:ba:0d:50:9f:61:48:cd:ec:
c8:c5:07:55:be:eb:8c:ab:89:6e:19:25:97:6e:d7:cc:5a:d1:
c2:3e:28:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh2zgDo/WKdF7z8R6z390jsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwNjAxMTE1MzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDFiYmQxZjk2NGVlNjlkYzkwY2YyMDg3MWNiMDBjYTE5NmMzNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcXmzgu+aI5kijRuLR3eIeYtqpYh
MoARupOunfclLBblnNPI5TakKGV5JWyvzjxa2ZoR43La82lgB3g1syALHNO4MB7M
zhhirSQOaRTQPRda0JG9DwJsvJZ3GDYd0PqGqFDaRPVfe6YUnh696VlJnW0B35wW
qpu4j3623RBvLuWl8kLrpM4KlthdDL4cdoQ5Xs1Cpw7zkPh6dInwzP3cztlVUdIR
vlvy0a8uLv5/vUSDc3qhqa+zknG6+HPexvI6LiyqT73qTspGKRM5lXXbIvwvTPpr
2BYYjnzTsU9YVl4H4TIvak2edR/O7dcPi3N/jlBFH4+rZ76UiXrAwLNNSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI0bvR+WTuadyQzyCHHLAMoZbDTIMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvalJ1OUg1Wk81cDNKRFBJSWNjc0F5aGxzTk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY2oAwQC
LZLoAwQDnikYMA0GCSqGSIb3DQEBCwUAA4IBAQBxxTdI6ns6xTgLrpfBccdnE9H5
JwOnQGGA3fMnUxj/y8/i7V+K0+Noor3ISXXQ/gTb/JtIgXdA/NqtEnaOggFH3ult
HGsYxXdpJenQyVGOy1m7iVXhqxjZ1QBl8p1UtB6qTcsGiM6ELEX+r6Oy2g++nDNy
am71GKVXu4CZP/KwvvJyrciZa4h8wDoe6Cx8Ssi3cJNkdyqIbhzFHXol2/zIWw65
VggUTwVpBJHQuXzVOlmNfcb7oc/SLE9cYpRyovf4XGg2+IVH/j12sLJ5IZvp/Wa8
78uA2FvzDwf3NkvT5Ml6ug1Qn2FIzezIxQdVvuuMq4luGSWXbtfMWtHCPigl
-----END CERTIFICATE-----
Generated at Fri Jul 28 14:59:37 2023 by rpki-client on console-ams.rpki-client.org