Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/zsOTpFYgUe6NZcK-k4YFelIPEMQ.roa
File: zsOTpFYgUe6NZcK-k4YFelIPEMQ.roa (raw, json)
Hash identifier: epIDEfvzBbghNnUMXHdgKuzeydbKcDaVmiBw3gZ2cHM=
Subject key identifier: CE:C3:93:A4:56:20:51:EE:8D:65:C2:BE:93:86:05:7A:52:0F:10:C4
Certificate issuer: /CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Certificate serial: 01856EC22B05F9D4FEA68C7A8F46CC9E6D23
Authority key identifier: C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/zsOTpFYgUe6NZcK-k4YFelIPEMQ.roa
Signing time: Sun 01 Jan 2023 19:14:56 +0000
ROA not before: Sun 01 Jan 2023 19:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 45.136.140.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:2b:05:f9:d4:fe:a6:8c:7a:8f:46:cc:9e:6d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d21e804ab7713ad7877dde603aa7824b31983c
Validity
Not Before: Jan 1 19:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cec393a4562051ee8d65c2be9386057a520f10c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a2:f7:e3:43:66:c7:52:56:df:f2:45:ef:58:
ec:ef:8a:7c:c7:41:53:48:b2:c6:67:60:24:2e:cc:
15:f5:30:fb:58:de:ef:15:5f:4e:6e:20:91:f4:03:
dc:29:23:05:1e:a7:a1:f2:de:d8:de:6e:f0:c1:7e:
f9:aa:0e:cc:5c:ad:92:f4:ef:aa:79:4f:27:d0:1c:
1a:64:ed:9f:e8:e4:93:b9:41:1e:31:18:13:46:b9:
32:8e:ea:18:fe:75:0f:c1:2a:3e:b7:c3:41:78:fe:
15:1e:60:8f:c8:e3:ed:21:e9:53:1a:33:41:30:56:
fe:2f:08:19:9c:10:d4:60:57:3e:ee:87:36:3d:bc:
d0:b8:c1:29:03:4c:58:dc:1c:93:bd:ec:de:6d:90:
7a:f3:b6:17:79:41:f3:f4:6d:e6:68:d2:26:29:d6:
f8:3d:e6:7f:1d:fc:4c:f2:7f:d5:ba:04:e3:6b:95:
ed:4a:a5:68:2d:b9:bf:3b:3c:7c:d8:4e:8e:6a:78:
65:3b:91:61:f2:76:68:20:25:c8:0c:0e:c7:37:ba:
f1:56:86:81:a3:c9:82:f3:80:dd:a2:f2:63:6b:33:
40:cf:d0:bd:c0:6b:a3:88:89:59:07:83:16:2b:86:
31:c5:fa:aa:86:ce:33:d7:7a:c9:12:05:49:fa:c0:
89:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C3:93:A4:56:20:51:EE:8D:65:C2:BE:93:86:05:7A:52:0F:10:C4
X509v3 Authority Key Identifier:
keyid:C2:D2:1E:80:4A:B7:71:3A:D7:87:7D:DE:60:3A:A7:82:4B:31:98:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtIegEq3cTrXh33eYDqngksxmDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/zsOTpFYgUe6NZcK-k4YFelIPEMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/04b446-4ae1-4fe5-b646-59ae09edbeb9/1/wtIegEq3cTrXh33eYDqngksxmDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.140.0/23
Signature Algorithm: sha256WithRSAEncryption
05:46:f2:08:65:9c:24:82:78:8c:d4:f3:75:fd:b8:8b:9f:aa:
9f:1d:74:b7:d0:64:1a:3f:5a:7c:c9:80:2d:f2:a5:3e:24:37:
bc:4c:07:0d:4f:52:e2:a9:c5:71:d9:4c:b3:ed:3c:4c:f8:59:
56:7f:0f:9a:dc:d5:61:d5:af:7e:31:e8:f0:94:40:7a:44:64:
e3:b9:64:78:16:25:36:a5:87:ea:dd:e1:65:1c:e5:ca:25:7c:
43:f9:0d:4a:89:46:da:aa:6d:ab:3c:7d:6d:11:0f:db:60:03:
50:20:b9:f5:2b:57:c7:2c:ef:20:97:1e:80:50:76:a7:6d:6c:
ea:56:df:1f:fa:59:2e:d7:6d:0b:2a:0e:2a:34:e5:31:ff:a6:
fb:23:d3:ee:1d:91:c8:c4:5f:54:d9:5b:3d:46:f3:7e:2f:c7:
ef:6d:6f:e4:de:0a:3a:08:dc:6f:b3:52:83:aa:00:b5:32:d5:
4d:90:54:68:32:16:79:d7:f4:76:6a:92:80:1f:ff:da:9e:ea:
53:e8:42:79:d0:34:0f:a0:de:72:ad:1c:64:a6:1a:b3:c2:16:
cf:e2:50:b2:cb:03:66:2a:44:d5:62:5c:19:fd:db:c3:cd:a5:
76:f4:69:41:f8:81:56:68:46:7b:ed:0e:b3:35:fd:c4:8e:21:
70:63:43:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwisF+dT+pox6j0bMnm0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDIxZTgwNGFiNzcxM2FkNzg3N2RkZTYwM2FhNzgyNGIz
MTk4M2MwHhcNMjMwMTAxMTkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWMzOTNhNDU2MjA1MWVlOGQ2NWMyYmU5Mzg2MDU3YTUyMGYxMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaL340Nmx1JW3/JF71js74p8x0FT
SLLGZ2AkLswV9TD7WN7vFV9ObiCR9APcKSMFHqeh8t7Y3m7wwX75qg7MXK2S9O+q
eU8n0BwaZO2f6OSTuUEeMRgTRrkyjuoY/nUPwSo+t8NBeP4VHmCPyOPtIelTGjNB
MFb+LwgZnBDUYFc+7oc2PbzQuMEpA0xY3ByTvezebZB687YXeUHz9G3maNImKdb4
PeZ/HfxM8n/VugTja5XtSqVoLbm/Ozx82E6OanhlO5Fh8nZoICXIDA7HN7rxVoaB
o8mC84DdovJjazNAz9C9wGujiIlZB4MWK4Yxxfqqhs4z13rJEgVJ+sCJgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7Dk6RWIFHujWXCvpOGBXpSDxDEMB8GA1UdIwQY
MBaAFMLSHoBKt3E614d93mA6p4JLMZg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYt
NTlhZTA5ZWRiZWI5LzEvenNPVHBGWWdVZTZOWmNLLWs0WUZlbElQRU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wNGI0NDYtNGFlMS00ZmU1LWI2NDYtNTlhZTA5ZWRiZWI5
LzEvd3RJZWdFcTNjVHJYaDMzZVlEcW5na3N4bUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYiMMA0G
CSqGSIb3DQEBCwUAA4IBAQAFRvIIZZwkgniM1PN1/biLn6qfHXS30GQaP1p8yYAt
8qU+JDe8TAcNT1LiqcVx2Uyz7TxM+FlWfw+a3NVh1a9+MejwlEB6RGTjuWR4FiU2
pYfq3eFlHOXKJXxD+Q1KiUbaqm2rPH1tEQ/bYANQILn1K1fHLO8glx6AUHanbWzq
Vt8f+lku120LKg4qNOUx/6b7I9PuHZHIxF9U2Vs9RvN+L8fvbW/k3go6CNxvs1KD
qgC1MtVNkFRoMhZ51/R2apKAH//anupT6EJ50DQPoN5yrRxkphqzwhbP4lCyywNm
KkTVYlwZ/dvDzaV29GlB+IFWaEZ77Q6zNf3EjiFwY0MV
-----END CERTIFICATE-----
Generated at Fri Nov 3 07:34:12 2023 by rpki-client on console-fra.rpki-client.org