Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/kYoj3NF7S_1QdGXHVbtt7T96kdE.roa
File: kYoj3NF7S_1QdGXHVbtt7T96kdE.roa (raw, json)
Hash identifier: EuzkLs+erMQGg+On3knzHUrl8OfywYQt1U2zSx+qWm0=
Subject key identifier: 91:8A:23:DC:D1:7B:4B:FD:50:74:65:C7:55:BB:6D:ED:3F:7A:91:D1
Certificate issuer: /CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Certificate serial: 01856E268DE000D98F9C2453833371E2C58B
Authority key identifier: 0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/kYoj3NF7S_1QdGXHVbtt7T96kdE.roa
Signing time: Sun 01 Jan 2023 16:24:58 +0000
ROA not before: Sun 01 Jan 2023 16:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 185.230.103.0/24 maxlen: 24
45.130.47.0/24 maxlen: 24
45.130.46.0/24 maxlen: 24
2a10:b583::/32 maxlen: 32
2a10:b581::/32 maxlen: 32
2a10:b582::/32 maxlen: 32
2a10:b580::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:8d:e0:00:d9:8f:9c:24:53:83:33:71:e2:c5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Validity
Not Before: Jan 1 16:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=918a23dcd17b4bfd507465c755bb6ded3f7a91d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:59:8c:b1:eb:44:c1:bf:24:81:a3:5a:16:bb:
2d:df:76:f0:25:9d:8f:bc:f3:a1:03:cd:73:85:4e:
5a:ca:f4:d8:46:74:52:df:f8:29:e9:64:12:7d:66:
08:c9:30:a1:43:ef:78:9b:8c:41:23:82:ee:17:f6:
bd:3a:70:83:b3:f7:1b:c0:dd:7a:82:8c:66:26:ce:
03:47:b7:83:e5:0e:2b:68:b4:43:48:38:87:c7:c0:
9a:8d:b1:8e:b8:3e:b2:c9:f2:9c:2c:c6:42:a2:91:
9f:86:2b:35:72:c8:c9:a8:2c:12:9f:b9:7c:25:d2:
e2:ca:c4:cc:59:48:d7:64:1c:67:48:7b:64:61:62:
3b:bc:fc:b2:35:9a:64:5b:72:75:f7:23:8f:e8:d9:
55:de:1f:f4:ca:53:0a:e5:f2:bf:f1:5e:07:91:62:
ae:9c:c5:36:2d:08:47:86:9f:a1:c6:0e:13:26:77:
fb:c0:6f:2b:f1:aa:bb:14:02:16:90:22:61:c4:1a:
55:a5:fa:59:e6:65:d3:6e:3d:1b:19:6b:f6:ed:ab:
3c:5c:5a:75:50:e5:92:f9:a8:ea:f6:40:8a:2a:99:
dd:fc:57:6c:f4:b5:94:25:9b:95:2a:e0:10:a6:93:
d4:39:b6:b4:76:2a:d5:62:b2:b9:f6:0a:87:67:d5:
98:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:8A:23:DC:D1:7B:4B:FD:50:74:65:C7:55:BB:6D:ED:3F:7A:91:D1
X509v3 Authority Key Identifier:
keyid:0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/kYoj3NF7S_1QdGXHVbtt7T96kdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.46.0/23
185.230.103.0/24
IPv6:
2a10:b580::/30
Signature Algorithm: sha256WithRSAEncryption
08:86:79:37:80:0c:60:3a:14:c2:1c:78:50:23:d2:53:67:cb:
70:a0:4b:d7:6f:a4:38:fc:66:e7:9d:d0:9b:a6:7d:7a:d3:b2:
77:c0:b7:7f:8c:18:64:02:f6:1d:65:7a:6e:7c:8c:06:de:50:
16:7f:6c:55:39:71:1b:9f:18:7a:81:ee:3b:1b:b9:29:3b:17:
a8:08:a7:6f:0d:11:a4:71:e8:3f:64:6d:2c:a8:60:32:7b:ef:
71:9d:f4:8e:45:af:c6:c6:05:63:15:f1:ee:2c:fc:dd:8a:8e:
0a:58:38:fe:f2:66:de:ad:91:bb:54:b6:6d:b6:94:ac:b8:fa:
47:70:74:52:dc:32:63:f0:51:2d:4c:62:42:66:c4:45:3a:c4:
f9:a8:f1:0f:a8:e9:e0:e1:2f:1e:eb:bf:6d:63:4c:58:2f:31:
49:65:9b:2d:74:a6:cb:95:a7:0d:a3:0f:cf:cf:2f:01:b8:a2:
cf:9a:98:cd:49:e2:14:9e:de:0a:87:fa:14:10:5f:ae:f3:fa:
27:d7:8a:b0:62:da:45:e9:e4:9e:80:f1:1f:15:b5:39:a7:b1:
dc:66:b8:00:35:ee:82:e5:bf:43:53:52:d9:2c:ac:0c:5e:7c:
f4:a6:1f:5c:2c:6f:0f:ab:8f:06:cc:66:83:9a:78:ac:4a:3e:
9c:9a:3f:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuJo3gANmPnCRTgzNx4sWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODMxZmQ3MGM2YmQzN2EyYTc1ZDdhMGVhYzAzMWM5MmRh
OGUxODUwHhcNMjMwMTAxMTYyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MThhMjNkY2QxN2I0YmZkNTA3NDY1Yzc1NWJiNmRlZDNmN2E5MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFmMsetEwb8kgaNaFrst33bwJZ2P
vPOhA81zhU5ayvTYRnRS3/gp6WQSfWYIyTChQ+94m4xBI4LuF/a9OnCDs/cbwN16
goxmJs4DR7eD5Q4raLRDSDiHx8CajbGOuD6yyfKcLMZCopGfhis1csjJqCwSn7l8
JdLiysTMWUjXZBxnSHtkYWI7vPyyNZpkW3J19yOP6NlV3h/0ylMK5fK/8V4HkWKu
nMU2LQhHhp+hxg4TJnf7wG8r8aq7FAIWkCJhxBpVpfpZ5mXTbj0bGWv27as8XFp1
UOWS+ajq9kCKKpnd/Fds9LWUJZuVKuAQppPUOba0dirVYrK59gqHZ9WY+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJGKI9zRe0v9UHRlx1W7be0/epHRMB8GA1UdIwQY
MBaAFA6DH9cMa9N6KnXXoOrAMcktqOGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEt
ZTY3NTgyZjIzMDk3LzEva1lvajNORjdTXzFRZEdYSFZidHQ3VDk2a2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEtZTY3NTgyZjIzMDk3
LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLYIuAwQA
ueZnMA0EAgACMAcDBQIqELWAMA0GCSqGSIb3DQEBCwUAA4IBAQAIhnk3gAxgOhTC
HHhQI9JTZ8twoEvXb6Q4/GbnndCbpn1607J3wLd/jBhkAvYdZXpufIwG3lAWf2xV
OXEbnxh6ge47G7kpOxeoCKdvDRGkceg/ZG0sqGAye+9xnfSORa/GxgVjFfHuLPzd
io4KWDj+8mberZG7VLZttpSsuPpHcHRS3DJj8FEtTGJCZsRFOsT5qPEPqOng4S8e
679tY0xYLzFJZZstdKbLlacNow/Pzy8BuKLPmpjNSeIUnt4Kh/oUEF+u8/on14qw
YtpF6eSegPEfFbU5p7HcZrgANe6C5b9DU1LZLKwMXnz0ph9cLG8Pq48GzGaDmnis
Sj6cmj9d
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:39 2024 by rpki-client on console-ams.rpki-client.org