Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/PyoHhVITCu1DomaHIx2rqqnd7u8.roa
File: PyoHhVITCu1DomaHIx2rqqnd7u8.roa (raw, json)
Hash identifier: AOYQtxkSGl90OYzjdJ8U/oLCIlTm3NLkf8jszXIycuE=
Subject key identifier: 3F:2A:07:85:52:13:0A:ED:43:A2:66:87:23:1D:AB:AA:A9:DD:EE:EF
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 01890B04498B9DD3F7C70C832C4EAA2BE689
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/PyoHhVITCu1DomaHIx2rqqnd7u8.roa
Signing time: Fri 30 Jun 2023 06:36:17 +0000
ROA not before: Fri 30 Jun 2023 06:36:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.146.200.0/24 maxlen: 24
45.146.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:04:49:8b:9d:d3:f7:c7:0c:83:2c:4e:aa:2b:e6:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jun 30 06:36:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f2a078552130aed43a26687231dabaaa9ddeeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f0:e1:5d:f4:c7:00:ae:73:92:11:11:85:3b:
22:eb:96:0f:ef:6d:55:9f:a9:86:83:86:48:1a:b6:
41:0e:b3:c4:44:e3:cf:f7:55:89:85:af:1f:f0:13:
9e:45:e5:01:89:de:5d:a3:6f:f4:e4:e9:fb:04:0e:
29:e8:91:5b:83:cd:b7:18:c6:09:ac:38:58:2b:43:
80:f0:88:7a:f2:73:fa:83:f7:4d:c9:f3:83:fa:3c:
b8:ef:c5:15:e2:73:5f:01:cc:e1:6d:6a:f3:8b:f7:
ae:8f:f6:58:3a:a5:79:36:64:9c:be:fe:57:1e:60:
31:4f:50:d5:42:0d:4e:65:97:ee:8b:b6:11:fb:35:
6d:86:72:63:ac:3f:1e:f8:bc:b7:30:25:f6:bd:7e:
0c:e9:1f:95:e9:cd:f7:d7:75:20:96:1b:07:ab:75:
88:c9:a3:c1:2c:dd:4c:47:74:e4:73:a1:1f:ec:44:
66:d0:b7:f9:0c:b5:6f:56:6e:ed:0e:1c:dc:2d:cf:
f5:c2:32:28:6b:be:f1:b2:d7:d7:d2:bc:87:fb:66:
c2:31:3f:94:1f:b4:9e:fa:40:2b:46:80:b3:ca:15:
6e:6b:d3:71:a8:d4:82:59:9e:e0:5e:3f:10:1e:a4:
47:bf:2f:7c:d4:bf:76:00:92:c9:4c:9b:0a:e4:a0:
04:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2A:07:85:52:13:0A:ED:43:A2:66:87:23:1D:AB:AA:A9:DD:EE:EF
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/PyoHhVITCu1DomaHIx2rqqnd7u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.200.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:d6:c2:bd:18:91:21:fb:43:f8:86:3f:55:09:33:bb:1c:dd:
5a:6d:a1:0f:42:43:17:69:c3:a6:4b:8c:a6:64:c3:04:9e:a6:
a3:3e:4e:00:0e:fc:16:1b:8e:f4:e6:b5:99:0e:07:ea:1d:c0:
fe:a6:c9:d0:46:c7:4a:24:08:7f:29:bd:e6:b8:36:d4:0a:5d:
e0:cb:ca:f1:f9:a7:e0:66:09:c6:9c:c9:ea:bc:3e:d3:e8:e5:
72:23:fa:d5:34:1f:d2:95:4e:68:ac:24:a5:08:67:6b:83:89:
50:00:6c:ea:c9:96:37:8b:47:cd:8f:0e:86:c2:0a:90:77:b9:
d0:99:a7:f8:80:5f:5c:c6:8d:36:9d:f5:06:34:71:ab:3c:bb:
48:f2:17:5a:40:b1:55:65:b5:72:bb:89:83:d9:01:49:b5:c7:
40:88:b9:4d:84:1b:c6:4e:56:57:d9:71:e7:09:dd:6a:2d:a7:
a1:f6:d5:ec:04:e2:51:68:0f:66:6d:c0:b3:2f:34:0f:0e:ef:
86:cf:64:60:d1:30:e8:8c:78:25:3a:ca:72:4c:58:1c:79:d9:
76:52:c9:b1:e0:69:63:94:f4:10:e1:88:ea:37:e8:33:bd:4e:
3e:53:f4:30:b1:97:66:5d:b0:77:32:fd:71:0f:48:cf:a8:79:
de:77:99:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkLBEmLndP3xwyDLE6qK+aJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjMwNjMwMDYzNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjJhMDc4NTUyMTMwYWVkNDNhMjY2ODcyMzFkYWJhYWE5ZGRlZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvDhXfTHAK5zkhERhTsi65YP721V
n6mGg4ZIGrZBDrPEROPP91WJha8f8BOeReUBid5do2/05On7BA4p6JFbg823GMYJ
rDhYK0OA8Ih68nP6g/dNyfOD+jy478UV4nNfAczhbWrzi/euj/ZYOqV5NmScvv5X
HmAxT1DVQg1OZZfui7YR+zVthnJjrD8e+Ly3MCX2vX4M6R+V6c3313UglhsHq3WI
yaPBLN1MR3Tkc6Ef7ERm0Lf5DLVvVm7tDhzcLc/1wjIoa77xstfX0ryH+2bCMT+U
H7Se+kArRoCzyhVua9NxqNSCWZ7gXj8QHqRHvy981L92AJLJTJsK5KAEfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8qB4VSEwrtQ6JmhyMdq6qp3e7vMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvUHlvSGhWSVRDdTFEb21hSEl4MnJxcW5kN3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZLIMA0G
CSqGSIb3DQEBCwUAA4IBAQCz1sK9GJEh+0P4hj9VCTO7HN1abaEPQkMXacOmS4ym
ZMMEnqajPk4ADvwWG4705rWZDgfqHcD+psnQRsdKJAh/Kb3muDbUCl3gy8rx+afg
ZgnGnMnqvD7T6OVyI/rVNB/SlU5orCSlCGdrg4lQAGzqyZY3i0fNjw6GwgqQd7nQ
maf4gF9cxo02nfUGNHGrPLtI8hdaQLFVZbVyu4mD2QFJtcdAiLlNhBvGTlZX2XHn
Cd1qLaeh9tXsBOJRaA9mbcCzLzQPDu+Gz2Rg0TDojHglOspyTFgcedl2Usmx4Glj
lPQQ4YjqN+gzvU4+U/QwsZdmXbB3Mv1xD0jPqHned5nd
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:23 2024 by rpki-client on console-fra.rpki-client.org