Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/0qTn6R3kpboHPPWOPqcba_fJNOk.roa
File: 0qTn6R3kpboHPPWOPqcba_fJNOk.roa (raw, json)
Hash identifier: 7hjamm0IsenzCErrtccou2xLKoNrWZA2IH229pAjTPk=
Subject key identifier: D2:A4:E7:E9:1D:E4:A5:BA:07:3C:F5:8E:3E:A7:1B:6B:F7:C9:34:E9
Certificate issuer: /CN=8348da7cbe8ca41865bda1a082e00cb5c25887af
Certificate serial: 01857295B4C01CB23276157137A2DB32012D
Authority key identifier: 83:48:DA:7C:BE:8C:A4:18:65:BD:A1:A0:82:E0:0C:B5:C2:58:87:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g0jafL6MpBhlvaGgguAMtcJYh68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/0qTn6R3kpboHPPWOPqcba_fJNOk.roa
Signing time: Mon 02 Jan 2023 13:04:51 +0000
ROA not before: Mon 02 Jan 2023 13:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208419
IP address blocks: 45.138.20.0/22 maxlen: 22
2a0e:ab40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:b4:c0:1c:b2:32:76:15:71:37:a2:db:32:01:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8348da7cbe8ca41865bda1a082e00cb5c25887af
Validity
Not Before: Jan 2 13:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2a4e7e91de4a5ba073cf58e3ea71b6bf7c934e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6b:3d:a4:f9:12:0b:80:78:03:3b:12:7b:d8:
2e:ee:e1:a5:7f:e1:e8:95:1f:14:a7:c0:90:e1:fb:
1e:99:b7:27:44:69:5d:fb:48:32:84:41:49:bd:6b:
ce:78:65:6d:6d:89:54:0a:74:2f:9d:8b:51:10:fd:
8c:98:30:90:7d:92:05:a2:83:ce:fd:96:87:62:72:
1c:1f:a7:18:34:5a:b0:0f:5d:5e:67:13:df:cf:81:
e2:d3:36:ec:43:bb:0b:6f:64:96:57:57:77:59:62:
91:0d:8a:f4:fb:98:19:d2:c9:d4:c2:53:67:02:9b:
bc:31:00:90:51:0e:b3:5b:51:b0:47:3f:13:0a:a4:
c6:e9:0c:d4:bb:dd:63:82:0e:60:bd:b8:c1:68:f5:
b0:de:7a:f8:03:48:cc:fd:91:c9:e4:06:50:b0:8f:
33:39:83:7c:30:f8:8f:bb:98:90:51:10:cd:b5:7f:
70:5e:e4:e9:03:b4:ae:87:07:af:cf:bf:cd:07:69:
47:6e:b3:1d:85:79:28:82:e5:b7:05:37:86:16:b7:
32:19:33:03:8b:56:ca:05:8f:3a:7a:f9:ee:c9:51:
2f:36:40:e4:4d:79:f0:9a:a5:a0:bb:68:d8:ee:51:
af:83:12:1e:79:5d:3b:6a:e4:2d:f6:d2:32:e9:6f:
45:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A4:E7:E9:1D:E4:A5:BA:07:3C:F5:8E:3E:A7:1B:6B:F7:C9:34:E9
X509v3 Authority Key Identifier:
keyid:83:48:DA:7C:BE:8C:A4:18:65:BD:A1:A0:82:E0:0C:B5:C2:58:87:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g0jafL6MpBhlvaGgguAMtcJYh68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/0qTn6R3kpboHPPWOPqcba_fJNOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/93da3a-87d5-4433-9f38-a296092be153/1/g0jafL6MpBhlvaGgguAMtcJYh68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.20.0/22
IPv6:
2a0e:ab40::/29
Signature Algorithm: sha256WithRSAEncryption
0e:f3:fd:a9:6b:51:30:50:71:2a:1c:2d:3b:ad:17:10:85:74:
e6:dd:70:4b:77:ed:46:ab:74:af:ee:39:5e:74:f9:e3:a5:20:
91:63:26:53:31:29:4b:0a:51:45:20:ef:1e:90:2c:ca:78:29:
49:d7:56:25:d9:b3:55:5e:dd:2e:18:bb:0d:ad:d8:b9:27:27:
dc:dc:d4:91:5b:ef:14:c1:db:7c:2f:99:7c:03:08:5f:19:77:
65:13:94:fb:e9:bf:18:15:39:c2:a8:3a:0b:e9:b7:e3:8c:40:
f9:5c:83:df:3e:3d:23:c2:71:5d:ab:86:71:18:af:e6:80:8d:
35:82:6d:09:06:aa:4b:82:13:7c:83:ac:e5:32:f1:d7:0f:ad:
be:ed:f6:d9:8c:b7:3e:15:dd:d2:e2:b5:46:19:d2:a1:55:68:
53:67:6b:cd:bc:7c:1d:40:df:6e:ac:7d:eb:68:80:2e:5e:a1:
4b:38:b1:e0:77:41:2a:49:c3:7f:82:00:4b:db:48:08:bc:62:
e9:c4:c7:ef:8f:49:a4:d1:8b:51:34:09:be:cc:12:c0:f0:bb:
cb:43:d8:e1:de:38:6f:bf:53:d2:6d:9e:9c:8d:d1:ee:f9:a2:
b9:11:ed:df:09:ce:6a:6f:53:86:90:f8:9c:97:b5:82:2f:9a:
f4:d6:8f:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVylbTAHLIydhVxN6LbMgEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNDhkYTdjYmU4Y2E0MTg2NWJkYTFhMDgyZTAwY2I1YzI1
ODg3YWYwHhcNMjMwMTAyMTMwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE0ZTdlOTFkZTRhNWJhMDczY2Y1OGUzZWE3MWI2YmY3YzkzNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWs9pPkSC4B4AzsSe9gu7uGlf+Ho
lR8Up8CQ4fsembcnRGld+0gyhEFJvWvOeGVtbYlUCnQvnYtREP2MmDCQfZIFooPO
/ZaHYnIcH6cYNFqwD11eZxPfz4Hi0zbsQ7sLb2SWV1d3WWKRDYr0+5gZ0snUwlNn
Apu8MQCQUQ6zW1GwRz8TCqTG6QzUu91jgg5gvbjBaPWw3nr4A0jM/ZHJ5AZQsI8z
OYN8MPiPu5iQURDNtX9wXuTpA7Suhwevz7/NB2lHbrMdhXkoguW3BTeGFrcyGTMD
i1bKBY86evnuyVEvNkDkTXnwmqWgu2jY7lGvgxIeeV07auQt9tIy6W9FcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNKk5+kd5KW6Bzz1jj6nG2v3yTTpMB8GA1UdIwQY
MBaAFINI2ny+jKQYZb2hoILgDLXCWIevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzBqYWZMNk1wQmhsdmFHZ2d1QU10Y0pZaDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85M2RhM2EtODdkNS00NDMzLTlmMzgt
YTI5NjA5MmJlMTUzLzEvMHFUbjZSM2twYm9IUFBXT1BxY2JhX2ZKTk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85M2RhM2EtODdkNS00NDMzLTlmMzgtYTI5NjA5MmJlMTUz
LzEvZzBqYWZMNk1wQmhsdmFHZ2d1QU10Y0pZaDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYoUMA0E
AgACMAcDBQMqDqtAMA0GCSqGSIb3DQEBCwUAA4IBAQAO8/2pa1EwUHEqHC07rRcQ
hXTm3XBLd+1Gq3Sv7jledPnjpSCRYyZTMSlLClFFIO8ekCzKeClJ11Yl2bNVXt0u
GLsNrdi5Jyfc3NSRW+8Uwdt8L5l8AwhfGXdlE5T76b8YFTnCqDoL6bfjjED5XIPf
Pj0jwnFdq4ZxGK/mgI01gm0JBqpLghN8g6zlMvHXD62+7fbZjLc+Fd3S4rVGGdKh
VWhTZ2vNvHwdQN9urH3raIAuXqFLOLHgd0EqScN/ggBL20gIvGLpxMfvj0mk0YtR
NAm+zBLA8LvLQ9jh3jhvv1PSbZ6cjdHu+aK5Ee3fCc5qb1OGkPicl7WCL5r01o/2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:31 2024 by rpki-client on console-fra.rpki-client.org