Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cKVoJMKv9utyrakmuPYh2Vj3YJw.roa
File: cKVoJMKv9utyrakmuPYh2Vj3YJw.roa (raw, json)
Hash identifier: 5Enq/2srdhFHBLbQR4DeIk6QQVJ4EF1gS2cAVIuf6H4=
Subject key identifier: 70:A5:68:24:C2:AF:F6:EB:72:AD:A9:26:B8:F6:21:D9:58:F7:60:9C
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0185E281D40768D90F05BDFEA43B4052D588
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cKVoJMKv9utyrakmuPYh2Vj3YJw.roa
Signing time: Tue 24 Jan 2023 06:40:37 +0000
ROA not before: Tue 24 Jan 2023 06:40:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39351
IP address blocks: 45.92.231.0/24 maxlen: 24
45.130.118.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
2a07:e341::/32 maxlen: 32
2a07:e340::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:81:d4:07:68:d9:0f:05:bd:fe:a4:3b:40:52:d5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 24 06:40:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a56824c2aff6eb72ada926b8f621d958f7609c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:54:d3:04:fb:9d:7e:e4:d7:42:92:32:90:b7:
02:c5:7f:18:f4:1a:fb:38:57:dd:7d:53:51:03:22:
d6:b1:2a:b0:1d:a1:19:e3:ee:f0:71:ad:e4:27:6f:
1c:3c:f5:4e:66:36:30:17:e9:b3:2c:8b:50:b2:c7:
ee:cc:8f:cb:80:50:8e:aa:f8:8a:00:82:c9:5c:de:
5c:4e:19:81:db:f5:90:c7:84:9d:a9:56:f7:4d:4c:
d2:97:e4:55:a1:b5:03:66:c0:61:2e:6a:f7:b7:88:
9f:01:ef:29:0b:ad:33:0a:80:a1:f8:c3:d8:e6:0f:
17:9c:3d:bb:54:0d:cf:7d:08:60:fc:64:3c:70:16:
6c:98:9e:f1:a4:cb:90:40:3b:6d:49:02:72:2e:3a:
8a:6c:2f:90:7b:b7:5b:02:1c:ab:79:e2:36:10:14:
2e:39:f0:fe:14:7a:d0:ca:e1:03:0b:da:7a:d8:77:
95:4b:40:43:f2:9c:de:3e:9e:c7:c2:b8:d2:2c:b2:
5b:d0:60:6e:c2:32:88:da:e0:bb:0b:cc:bd:14:fd:
22:30:36:77:1f:9f:c5:36:eb:3f:8f:5a:be:e3:24:
f5:49:6a:4b:09:d9:dd:54:07:15:37:73:7f:9f:c2:
65:d5:ad:f9:e9:67:e3:93:79:6e:97:84:9f:b3:82:
f4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A5:68:24:C2:AF:F6:EB:72:AD:A9:26:B8:F6:21:D9:58:F7:60:9C
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/cKVoJMKv9utyrakmuPYh2Vj3YJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.231.0/24
45.130.118.0/24
45.132.193.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
85:c6:31:b4:5e:30:1d:b4:6d:7e:f6:3c:2d:4e:fe:ae:ab:98:
43:34:92:a5:85:83:f9:8a:7a:ed:7a:7a:f7:58:70:27:e2:53:
0d:68:5a:82:3b:1d:42:bd:ba:d4:72:e4:91:20:ed:d9:f7:c4:
98:06:dd:38:e0:8d:bf:1a:5a:16:b7:80:3b:16:ec:d8:7f:92:
06:ae:d3:98:b8:9a:3f:44:89:ae:e2:8c:b7:80:54:34:a0:c7:
e5:6a:ad:98:29:fc:06:d5:f8:39:0b:f0:91:4f:94:29:a4:04:
4d:42:f1:0b:5b:97:01:46:b1:be:be:e0:b5:1c:92:aa:7a:ae:
a5:f8:b2:cd:06:72:4d:63:d9:d0:6d:14:98:86:64:b7:2c:9d:
02:9c:95:c8:25:0f:d4:e2:6e:20:5d:e0:6f:32:12:5d:69:40:
50:48:28:ed:56:0f:1a:2b:60:5d:fb:a8:c8:54:ce:9e:9e:4c:
ae:34:62:4c:96:c9:b6:b0:46:fc:b4:f0:46:7a:77:fd:69:c3:
88:7d:6d:e9:7c:48:b2:1b:0a:ba:5c:d0:2c:76:ea:e3:53:29:
1d:d0:9d:ac:1d:fb:f1:fb:01:6c:e5:7d:fa:db:13:b3:bd:ac:
15:e4:a4:97:44:41:e0:94:30:33:02:70:13:79:54:78:f5:d2:
ea:f7:fb:99
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYXigdQHaNkPBb3+pDtAUtWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTI0MDY0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE1NjgyNGMyYWZmNmViNzJhZGE5MjZiOGY2MjFkOTU4Zjc2MDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlTTBPudfuTXQpIykLcCxX8Y9Br7
OFfdfVNRAyLWsSqwHaEZ4+7wca3kJ28cPPVOZjYwF+mzLItQssfuzI/LgFCOqviK
AILJXN5cThmB2/WQx4SdqVb3TUzSl+RVobUDZsBhLmr3t4ifAe8pC60zCoCh+MPY
5g8XnD27VA3PfQhg/GQ8cBZsmJ7xpMuQQDttSQJyLjqKbC+Qe7dbAhyreeI2EBQu
OfD+FHrQyuEDC9p62HeVS0BD8pzePp7HwrjSLLJb0GBuwjKI2uC7C8y9FP0iMDZ3
H5/FNus/j1q+4yT1SWpLCdndVAcVN3N/n8Jl1a356Wfjk3lul4Sfs4L0OwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHClaCTCr/brcq2pJrj2IdlY92CcMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvY0tWb0pNS3Y5dXR5cmFrbXVQWWgyVmozWUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVznAwQA
LYJ2AwQALYTBMA0EAgACMAcDBQEqB+NAMA0GCSqGSIb3DQEBCwUAA4IBAQCFxjG0
XjAdtG1+9jwtTv6uq5hDNJKlhYP5inrtenr3WHAn4lMNaFqCOx1CvbrUcuSRIO3Z
98SYBt044I2/GloWt4A7FuzYf5IGrtOYuJo/RImu4oy3gFQ0oMflaq2YKfwG1fg5
C/CRT5QppARNQvELW5cBRrG+vuC1HJKqeq6l+LLNBnJNY9nQbRSYhmS3LJ0CnJXI
JQ/U4m4gXeBvMhJdaUBQSCjtVg8aK2Bd+6jIVM6enkyuNGJMlsm2sEb8tPBGenf9
acOIfW3pfEiyGwq6XNAsdurjUykd0J2sHfvx+wFs5X362xOzvawV5KSXREHglDAz
AnATeVR49dLq9/uZ
-----END CERTIFICATE-----
Generated at Wed Nov 22 08:50:08 2023 by rpki-client on console-fra.rpki-client.org