Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/G4KS8ILWFidVYCv6QO0vqO5NUSE.roa
File: G4KS8ILWFidVYCv6QO0vqO5NUSE.roa (raw, json)
Hash identifier: sh9kt3HNKoZdN6tyjniGMoHtuY3lz2csyvB8LBIvB3Q=
Subject key identifier: 1B:82:92:F0:82:D6:16:27:55:60:2B:FA:40:ED:2F:A8:EE:4D:51:21
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F7978F2E5F476C775C598EBD33441AE
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/G4KS8ILWFidVYCv6QO0vqO5NUSE.roa
Signing time: Sun 01 Jan 2023 22:35:09 +0000
ROA not before: Sun 01 Jan 2023 22:35:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25596
IP address blocks: 45.135.4.0/22 maxlen: 22
45.136.72.0/22 maxlen: 22
45.144.216.0/22 maxlen: 22
45.146.56.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:78:f2:e5:f4:76:c7:75:c5:98:eb:d3:34:41:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b8292f082d6162755602bfa40ed2fa8ee4d5121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:55:b2:73:a2:19:0a:30:f1:83:bf:7f:79:8d:
ab:48:52:73:f5:78:d2:54:0f:4b:37:75:7c:a5:8c:
94:25:0e:21:79:f1:f6:3d:30:2e:85:47:31:87:7d:
0f:d2:4b:18:e3:63:64:78:e8:3e:ca:45:40:e5:ba:
6b:26:3d:84:7c:0c:24:fb:a2:3d:d0:a0:e6:18:d5:
a2:6c:35:85:4c:6d:83:ae:37:63:3f:55:3b:5e:2a:
fe:1c:e4:2f:dd:7b:64:dc:fe:99:ad:e9:b1:62:35:
56:f5:4b:d2:85:d6:54:17:af:03:c9:94:aa:92:db:
25:09:02:d5:f4:66:85:f8:7b:93:40:94:d7:ba:32:
48:9d:0a:52:ec:7d:be:f1:80:1e:01:5f:68:ca:bf:
e3:76:03:70:80:32:0a:5d:58:5b:ce:86:13:3b:b4:
f7:29:ab:d3:13:9c:1a:6c:3f:5e:68:70:98:11:19:
29:e7:53:50:f7:5b:34:e4:2e:f4:a7:13:53:f6:b6:
05:ab:33:5c:dd:7d:d6:46:b5:47:b3:aa:e7:ff:40:
98:9c:73:5d:00:bb:bf:82:27:74:04:e5:3e:f5:10:
cb:ca:0a:9e:ed:77:b4:94:e3:ca:72:df:51:69:f8:
9c:42:9e:23:10:ed:e6:52:d7:74:10:b7:9c:46:c3:
c6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:82:92:F0:82:D6:16:27:55:60:2B:FA:40:ED:2F:A8:EE:4D:51:21
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/G4KS8ILWFidVYCv6QO0vqO5NUSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.4.0/22
45.136.72.0/22
45.144.216.0/22
45.146.56.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:6d:78:f9:7f:eb:dc:67:06:0e:c8:ad:90:4e:9f:d9:3f:44:
98:4a:41:da:50:27:5f:aa:b7:bd:0f:26:29:20:53:96:b0:0a:
91:90:ec:06:56:6c:6d:25:40:e9:5f:d6:bf:ce:df:2e:d9:cc:
c7:4a:c1:5c:7a:bc:a9:b7:f0:45:e3:e2:76:66:df:7c:d0:ef:
b8:0e:6e:b8:b6:01:cb:34:fe:5f:9c:9f:9a:48:aa:f5:df:0e:
99:06:7f:bb:f9:70:5f:48:cf:65:ae:87:a7:e4:0c:2c:03:c7:
72:18:aa:3c:9e:52:98:1e:d4:a6:7d:52:60:02:a3:3b:6e:cb:
cc:b6:7f:38:d7:16:41:c0:e8:77:d1:87:93:e1:57:78:a9:a3:
d2:5a:67:12:f8:69:f9:79:b8:aa:72:75:bb:19:50:0c:72:e4:
a8:83:8e:00:ae:ab:a0:e1:81:f7:54:b5:62:69:68:0b:80:05:
77:19:45:3f:b0:09:be:bb:eb:8c:56:a4:9b:00:00:c3:35:2f:
dc:c8:e6:17:d2:02:69:bf:31:02:5d:12:ae:c3:6d:77:94:27:
5f:8f:0b:41:f5:d8:00:c6:1c:87:e9:cb:cb:d8:ce:74:fd:91:
4a:55:1b:a7:cd:97:a2:fd:8c:f1:68:e9:28:c4:b9:07:dd:dc:
24:5a:a9:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVveXjy5fR2x3XFmOvTNEGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjgyOTJmMDgyZDYxNjI3NTU2MDJiZmE0MGVkMmZhOGVlNGQ1MTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lWyc6IZCjDxg79/eY2rSFJz9XjS
VA9LN3V8pYyUJQ4hefH2PTAuhUcxh30P0ksY42NkeOg+ykVA5bprJj2EfAwk+6I9
0KDmGNWibDWFTG2DrjdjP1U7Xir+HOQv3Xtk3P6ZremxYjVW9UvShdZUF68DyZSq
ktslCQLV9GaF+HuTQJTXujJInQpS7H2+8YAeAV9oyr/jdgNwgDIKXVhbzoYTO7T3
KavTE5wabD9eaHCYERkp51NQ91s05C70pxNT9rYFqzNc3X3WRrVHs6rn/0CYnHNd
ALu/gid0BOU+9RDLygqe7Xe0lOPKct9RaficQp4jEO3mUtd0ELecRsPGYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBuCkvCC1hYnVWAr+kDtL6juTVEhMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRzRLUzhJTFdGaWRWWUN2NlFPMHZxTzVOVVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYcEAwQC
LYhIAwQCLZDYAwQCLZI4MA0GCSqGSIb3DQEBCwUAA4IBAQCMbXj5f+vcZwYOyK2Q
Tp/ZP0SYSkHaUCdfqre9DyYpIFOWsAqRkOwGVmxtJUDpX9a/zt8u2czHSsFceryp
t/BF4+J2Zt980O+4Dm64tgHLNP5fnJ+aSKr13w6ZBn+7+XBfSM9lroen5AwsA8dy
GKo8nlKYHtSmfVJgAqM7bsvMtn841xZBwOh30YeT4Vd4qaPSWmcS+Gn5ebiqcnW7
GVAMcuSog44Arqug4YH3VLViaWgLgAV3GUU/sAm+u+uMVqSbAADDNS/cyOYX0gJp
vzECXRKuw213lCdfjwtB9dgAxhyH6cvL2M50/ZFKVRunzZei/YzxaOkoxLkH3dwk
Wqks
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org