Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/U5M2lUnXUFllaYe29XTYOG8RGfw.roa
File: U5M2lUnXUFllaYe29XTYOG8RGfw.roa (raw, json)
Hash identifier: Kt4spPST5k15ivD2quYad4Nfm5JM+UMebeFWD/SHJ10=
Subject key identifier: 53:93:36:95:49:D7:50:59:65:69:87:B6:F5:74:D8:38:6F:11:19:FC
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DDC7B0BABAB81EC3CFD0E83F08294
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/U5M2lUnXUFllaYe29XTYOG8RGfw.roa
Signing time: Sun 01 Jan 2023 20:55:05 +0000
ROA not before: Sun 01 Jan 2023 20:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210937
IP address blocks: 45.143.0.0/22 maxlen: 24
45.153.244.0/22 maxlen: 24
2a09:4::/48 maxlen: 48
2a09:2::/48 maxlen: 48
2a09:3::/48 maxlen: 48
2a09:5::/48 maxlen: 48
2a09:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:dc:7b:0b:ab:ab:81:ec:3c:fd:0e:83:f0:82:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5393369549d75059656987b6f574d8386f1119fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:24:bb:ca:d2:2a:3c:7f:d3:c0:73:80:18:6d:
75:7c:73:7d:f7:7d:9e:45:3e:94:aa:af:03:b9:93:
60:55:8e:bf:db:58:32:0c:46:ca:69:56:f5:ad:bf:
8e:9c:a2:e2:7d:a6:eb:ab:41:27:16:fe:5a:9c:44:
19:78:20:35:8c:d8:ca:30:90:f7:4d:b7:fb:5d:86:
f1:bf:ba:ef:cc:de:5b:37:da:45:a4:0a:ea:ec:ea:
6e:68:5c:d3:03:57:b6:6b:44:33:d1:85:02:1c:49:
67:ce:3c:0b:44:63:8a:d3:d7:da:6e:df:85:67:1d:
0a:9a:3b:0d:2f:c5:47:08:df:fa:9b:0c:46:49:6b:
d9:58:a6:a6:3a:03:84:71:9f:7c:41:f4:ea:d8:a2:
b9:12:2e:be:c4:b9:3c:12:45:3f:dc:0b:2f:a8:73:
b6:38:83:5c:03:de:a6:a1:ff:3f:80:77:25:8d:b6:
1a:10:24:af:ca:24:c4:33:93:95:8b:be:4e:9a:69:
45:01:aa:bb:29:17:a7:b4:86:5c:32:87:b6:7d:26:
98:d6:25:07:d9:cd:88:be:b8:d3:07:2e:d6:71:b6:
71:e4:36:2a:77:8b:06:fe:ee:bf:0a:d4:41:aa:3f:
b6:89:28:ff:69:36:a5:66:6c:87:f1:76:87:75:e9:
95:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:93:36:95:49:D7:50:59:65:69:87:B6:F5:74:D8:38:6F:11:19:FC
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/U5M2lUnXUFllaYe29XTYOG8RGfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.0.0/22
45.153.244.0/22
IPv6:
2a09:1::/48
2a09:2::/48
2a09:3::/48
2a09:4::/48
2a09:5::/48
Signature Algorithm: sha256WithRSAEncryption
02:21:6e:a5:6d:f1:1a:e5:7e:49:86:42:a5:4f:7a:ee:a4:69:
e9:d4:50:1e:5e:cf:1f:66:5a:db:2b:07:b9:d1:2d:98:cb:b2:
49:6d:36:04:0f:57:49:24:e7:d6:a9:2e:a7:c1:c6:9d:73:42:
65:c3:83:2f:04:9f:d4:be:6f:d5:a9:c2:1c:0c:ec:2b:a7:ad:
ab:1c:1b:de:f2:05:ec:1f:8a:66:c4:af:8b:2a:1b:40:48:a8:
67:dc:56:55:5e:10:14:0e:dd:33:3a:da:2a:5f:e6:64:e7:f2:
c9:6d:d3:36:7f:d1:c2:c2:d9:7f:b0:2c:96:b4:bb:e7:25:cb:
28:24:dd:ed:10:b1:a8:b2:71:7c:9a:e8:b5:a3:f0:a7:5d:10:
35:a5:55:1a:3c:5e:04:d7:ee:14:13:ae:fe:d3:1a:d5:b0:65:
c4:49:e7:1a:9e:83:75:de:3d:f0:af:a2:37:7a:23:c1:70:bb:
ce:e9:30:e8:a7:fe:88:07:4c:6d:c0:fd:41:73:9d:a9:c2:1f:
0a:96:b9:d1:4f:20:25:89:66:8b:1c:e1:df:50:9b:8c:a2:0e:
7e:cf:35:08:19:08:7a:79:23:4e:91:13:eb:2e:ab:7b:a3:c9:
f0:7f:72:16:74:2c:ba:54:0c:a0:f2:4b:93:6b:93:40:34:6f:
43:a1:ac:7f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVvHdx7C6urgew8/Q6D8IKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzkzMzY5NTQ5ZDc1MDU5NjU2OTg3YjZmNTc0ZDgzODZmMTExOWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiS7ytIqPH/TwHOAGG11fHN9932e
RT6Uqq8DuZNgVY6/21gyDEbKaVb1rb+OnKLifabrq0EnFv5anEQZeCA1jNjKMJD3
Tbf7XYbxv7rvzN5bN9pFpArq7OpuaFzTA1e2a0Qz0YUCHElnzjwLRGOK09fabt+F
Zx0KmjsNL8VHCN/6mwxGSWvZWKamOgOEcZ98QfTq2KK5Ei6+xLk8EkU/3AsvqHO2
OINcA96mof8/gHcljbYaECSvyiTEM5OVi75OmmlFAaq7KRentIZcMoe2fSaY1iUH
2c2IvrjTBy7WcbZx5DYqd4sG/u6/CtRBqj+2iSj/aTalZmyH8XaHdemV6QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFFOTNpVJ11BZZWmHtvV02DhvERn8MB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvVTVNMmxVblhVRmxsYVllMjlYVFlPRzhSR2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQCLY8AAwQC
LZn0MDMEAgACMC0DBwAqCQABAAADBwAqCQACAAADBwAqCQADAAADBwAqCQAEAAAD
BwAqCQAFAAAwDQYJKoZIhvcNAQELBQADggEBAAIhbqVt8RrlfkmGQqVPeu6kaenU
UB5ezx9mWtsrB7nRLZjLskltNgQPV0kk59apLqfBxp1zQmXDgy8En9S+b9WpwhwM
7CunrascG97yBewfimbEr4sqG0BIqGfcVlVeEBQO3TM62ipf5mTn8slt0zZ/0cLC
2X+wLJa0u+clyygk3e0QsaiycXya6LWj8KddEDWlVRo8XgTX7hQTrv7TGtWwZcRJ
5xqeg3XePfCvojd6I8Fwu87pMOin/ogHTG3A/UFznanCHwqWudFPICWJZosc4d9Q
m4yiDn7PNQgZCHp5I06RE+suq3ujyfB/chZ0LLpUDKDyS5Nrk0A0b0OhrH8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:34 2024 by rpki-client on console-fra.rpki-client.org