Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/oZeaLAEAXAZdAjtCU8JDjXTSKq8.roa
File: oZeaLAEAXAZdAjtCU8JDjXTSKq8.roa (raw, json)
Hash identifier: l4ijmLBkGIB1zkLID8V32AgadWXpdGBaSgvXwbG1mTw=
Subject key identifier: A1:97:9A:2C:01:00:5C:06:5D:02:3B:42:53:C2:43:8D:74:D2:2A:AF
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018A14FA57DA30370E2DA3E7035B7BD4DA8D
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/oZeaLAEAXAZdAjtCU8JDjXTSKq8.roa
Signing time: Sun 20 Aug 2023 22:04:25 +0000
ROA not before: Sun 20 Aug 2023 22:04:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.145.154.0/24 maxlen: 24
45.145.155.0/24 maxlen: 24
80.83.80.0/21 maxlen: 24
80.83.88.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:14:fa:57:da:30:37:0e:2d:a3:e7:03:5b:7b:d4:da:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Aug 20 22:04:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1979a2c01005c065d023b4253c2438d74d22aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7e:92:b8:50:96:d8:18:75:f4:17:4a:24:68:
af:6e:db:4e:13:d6:59:1b:35:51:1c:b4:be:ef:e3:
3b:df:20:c7:ee:b4:44:97:fd:09:fd:f8:3c:2b:08:
da:28:7c:54:db:61:16:a3:de:6f:cf:7d:c6:dd:f0:
76:8f:79:26:47:fc:8a:6c:b6:c0:21:86:93:d5:b5:
d4:11:a8:d6:9a:97:6e:0f:b5:6f:36:3d:cb:82:3d:
d3:8a:54:0d:ca:98:60:a6:0d:cb:73:2d:a5:b6:6a:
94:fa:c7:d3:2a:f3:bc:45:08:82:d2:60:32:bb:f5:
bd:b0:70:42:a1:4d:2f:01:25:8e:2d:4f:42:55:f0:
61:ce:13:5d:df:83:3b:72:b6:29:f8:9f:d4:51:98:
0d:73:f8:94:82:29:31:0c:bb:b3:d4:28:fc:6b:b3:
cb:a9:68:9e:5d:f0:9d:10:c8:c8:c2:e5:83:d5:a2:
0b:34:93:8c:cc:1e:53:be:90:b9:b6:21:48:5e:2a:
f3:9c:7a:30:73:76:f0:00:34:4e:56:85:c4:3c:a1:
40:37:50:d0:ad:8c:bc:a6:93:78:a8:6d:6d:99:50:
ad:0a:b6:9c:4c:07:18:7c:25:5b:6c:98:96:b1:cf:
e0:6b:87:2a:6c:8c:1f:76:1d:dc:6f:e1:dc:6b:04:
bd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:97:9A:2C:01:00:5C:06:5D:02:3B:42:53:C2:43:8D:74:D2:2A:AF
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/oZeaLAEAXAZdAjtCU8JDjXTSKq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.154.0/23
80.83.80.0-80.83.89.255
Signature Algorithm: sha256WithRSAEncryption
68:85:8e:20:69:08:48:12:87:b7:11:b2:b6:07:a4:9a:d7:0b:
b5:54:f5:0c:0c:0d:81:f0:0f:6f:8e:26:89:64:ae:75:d6:15:
f7:c5:f7:e4:48:ce:86:f0:b8:22:69:70:2f:ec:9d:06:26:47:
4e:f3:57:bc:31:1d:47:d2:f4:f6:6f:69:71:db:ed:61:d5:b1:
c7:f1:97:d0:69:2e:b3:b7:09:07:60:db:fa:40:dd:fc:57:7b:
10:da:5f:6b:76:88:12:d9:25:20:b9:97:95:c1:8d:f3:3f:8d:
66:8f:71:b4:9f:cb:b6:e4:74:48:ba:31:7b:6c:17:b1:63:71:
eb:9c:e1:3b:11:69:2f:dc:3a:39:98:ee:02:04:e8:52:6d:e0:
17:36:33:53:f4:c0:a4:7f:3e:ed:ea:c2:64:7a:a1:51:3c:e8:
39:b1:0a:e4:67:23:8a:b9:e5:2a:64:e0:2b:3e:5c:21:31:7b:
82:4f:65:26:07:d6:59:03:19:af:eb:dd:b1:c4:1e:c3:00:22:
c3:78:30:d0:8e:bd:ef:98:50:aa:a1:52:8f:74:de:6c:b1:07:
bd:6a:58:26:ca:9b:d0:e9:e1:f9:90:db:cc:d2:8d:f3:34:5a:
de:55:d3:fc:ad:f1:ee:2f:a4:f4:2e:c8:bb:47:a6:b9:10:2d:
f9:22:dd:69
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYoU+lfaMDcOLaPnA1t71NqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMwODIwMjIwNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk3OWEyYzAxMDA1YzA2NWQwMjNiNDI1M2MyNDM4ZDc0ZDIyYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmn6SuFCW2Bh19BdKJGivbttOE9ZZ
GzVRHLS+7+M73yDH7rREl/0J/fg8KwjaKHxU22EWo95vz33G3fB2j3kmR/yKbLbA
IYaT1bXUEajWmpduD7VvNj3Lgj3TilQNyphgpg3Lcy2ltmqU+sfTKvO8RQiC0mAy
u/W9sHBCoU0vASWOLU9CVfBhzhNd34M7crYp+J/UUZgNc/iUgikxDLuz1Cj8a7PL
qWieXfCdEMjIwuWD1aILNJOMzB5TvpC5tiFIXirznHowc3bwADROVoXEPKFAN1DQ
rYy8ppN4qG1tmVCtCracTAcYfCVbbJiWsc/ga4cqbIwfdh3cb+HcawS9UwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKGXmiwBAFwGXQI7QlPCQ4100iqvMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvb1plYUxBRUFYQVpkQWp0Q1U4SkRqWFRTS3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBLZGaMAwD
BARQU1ADBAFQU1gwDQYJKoZIhvcNAQELBQADggEBAGiFjiBpCEgSh7cRsrYHpJrX
C7VU9QwMDYHwD2+OJolkrnXWFffF9+RIzobwuCJpcC/snQYmR07zV7wxHUfS9PZv
aXHb7WHVscfxl9BpLrO3CQdg2/pA3fxXexDaX2t2iBLZJSC5l5XBjfM/jWaPcbSf
y7bkdEi6MXtsF7Fjceuc4TsRaS/cOjmY7gIE6FJt4Bc2M1P0wKR/Pu3qwmR6oVE8
6DmxCuRnI4q55Spk4Cs+XCExe4JPZSYH1lkDGa/r3bHEHsMAIsN4MNCOve+YUKqh
Uo903myxB71qWCbKm9Dp4fmQ28zSjfM0Wt5V0/yt8e4vpPQuyLtHprkQLfki3Wk=
-----END CERTIFICATE-----
Generated at Wed Aug 30 12:26:35 2023 by rpki-client on console-fra.rpki-client.org