Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IQmk8duypH3E-JjzfysG8HiC5d4.roa
File: IQmk8duypH3E-JjzfysG8HiC5d4.roa (raw, json)
Hash identifier: Xj1KJ94cWae0si30ucT4L+2cwmH5TN6NWGWhyoMqJDM=
Subject key identifier: 21:09:A4:F1:DB:B2:A4:7D:C4:F8:98:F3:7F:2B:06:F0:78:82:E5:DE
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 01857D0F2527DF7CF2C713AA9C4995023B56
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IQmk8duypH3E-JjzfysG8HiC5d4.roa
Signing time: Wed 04 Jan 2023 13:53:42 +0000
ROA not before: Wed 04 Jan 2023 13:53:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.153.238.0/24 maxlen: 24
45.153.236.0/24 maxlen: 24
45.153.237.0/24 maxlen: 24
77.83.71.0/24 maxlen: 24
84.252.84.0/23 maxlen: 23
45.11.232.0/24 maxlen: 24
84.252.86.0/24 maxlen: 24
84.252.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7d:0f:25:27:df:7c:f2:c7:13:aa:9c:49:95:02:3b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jan 4 13:53:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2109a4f1dbb2a47dc4f898f37f2b06f07882e5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d8:c9:82:be:4f:ab:88:09:a4:43:81:47:f5:
36:06:4d:fb:03:6a:39:48:32:c0:f0:68:5d:1d:08:
d3:82:27:eb:84:d0:70:57:58:63:1f:9f:51:03:14:
b1:f8:7d:b4:32:65:2f:14:80:fc:c8:e3:16:c5:13:
8c:0c:bf:75:94:fa:10:5c:25:24:7f:e1:84:53:79:
64:55:42:74:5c:cd:66:4d:5a:91:c1:23:33:03:99:
a2:03:86:b8:a5:e4:51:65:21:96:af:13:c3:82:18:
26:9a:f5:9e:f7:86:05:10:54:da:92:b5:c5:db:2a:
6a:dc:63:51:12:0c:18:ef:5c:34:2d:95:a7:ac:14:
2e:3d:e2:a5:75:0b:41:ba:29:b7:8b:f1:6a:b3:88:
7c:90:af:a7:62:62:4e:bb:75:33:e8:14:8d:93:9a:
c8:36:dc:bf:df:49:b8:e4:8d:b2:66:2e:6f:28:a3:
40:33:3d:63:60:50:86:d0:09:b2:6e:b4:d1:9f:8c:
40:78:2b:46:19:c5:d7:a3:bc:64:2e:33:5c:9e:51:
00:97:6c:b0:dc:69:8e:73:c4:42:bd:56:66:9f:06:
f2:2c:77:94:f8:8f:6f:15:d0:1e:da:2c:45:1e:77:
87:36:e5:d3:b7:42:e8:cb:ee:67:cb:2c:5f:ba:a3:
f0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:09:A4:F1:DB:B2:A4:7D:C4:F8:98:F3:7F:2B:06:F0:78:82:E5:DE
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/IQmk8duypH3E-JjzfysG8HiC5d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.232.0/24
45.153.236.0-45.153.238.255
77.83.71.0/24
84.252.84.0/22
Signature Algorithm: sha256WithRSAEncryption
34:bf:93:97:e2:df:36:68:cf:12:50:85:72:cb:22:97:3a:78:
80:1c:7a:df:a1:d4:56:17:3c:b4:0d:6c:5b:e7:5f:f3:2f:e5:
86:20:13:bd:02:cd:2e:2a:0e:62:30:55:88:85:1c:9d:11:56:
fa:f8:13:c9:40:75:4d:a5:37:b0:63:47:9d:14:8f:ef:d0:e9:
59:33:ca:94:e8:b3:dc:d8:24:90:f5:e0:08:38:a0:ab:47:27:
90:4c:ce:e9:0e:27:b7:95:b1:fb:4e:35:91:9d:f1:dc:f9:66:
83:36:65:e1:c1:95:fd:78:fd:d6:af:57:92:d8:f5:18:38:8e:
28:de:7b:4c:32:17:aa:af:0d:da:99:73:d9:18:00:3c:98:f3:
a8:42:7e:c3:42:f6:8f:62:cc:9f:4f:5a:08:28:4d:0f:f2:11:
f8:9d:de:4f:3a:e7:54:92:5a:65:04:39:3d:fa:a8:bd:a2:3f:
6f:9a:ae:8f:5c:4b:e9:5b:dc:68:01:c8:ba:ee:7f:8a:06:58:
ea:6f:33:eb:76:ae:da:86:36:05:5d:a3:86:97:95:ca:32:43:
17:19:61:a5:73:a3:be:b7:21:d2:24:47:08:ae:75:62:5f:33:
8d:05:36:a4:e3:c4:d7:df:fe:2f:7c:a7:78:ce:67:43:26:25:
2e:97:eb:07
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYV9DyUn33zyxxOqnEmVAjtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjMwMTA0MTM1MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTA5YTRmMWRiYjJhNDdkYzRmODk4ZjM3ZjJiMDZmMDc4ODJlNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9jJgr5Pq4gJpEOBR/U2Bk37A2o5
SDLA8GhdHQjTgifrhNBwV1hjH59RAxSx+H20MmUvFID8yOMWxROMDL91lPoQXCUk
f+GEU3lkVUJ0XM1mTVqRwSMzA5miA4a4peRRZSGWrxPDghgmmvWe94YFEFTakrXF
2ypq3GNREgwY71w0LZWnrBQuPeKldQtBuim3i/Fqs4h8kK+nYmJOu3Uz6BSNk5rI
Nty/30m45I2yZi5vKKNAMz1jYFCG0AmybrTRn4xAeCtGGcXXo7xkLjNcnlEAl2yw
3GmOc8RCvVZmnwbyLHeU+I9vFdAe2ixFHneHNuXTt0Loy+5nyyxfuqPwnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCEJpPHbsqR9xPiY838rBvB4guXeMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvSVFtazhkdXlwSDNFLUpqemZ5c0c4SGlDNWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQvoMAwD
BAItmewDBAAtme4DBABNU0cDBAJU/FQwDQYJKoZIhvcNAQELBQADggEBADS/k5fi
3zZozxJQhXLLIpc6eIAcet+h1FYXPLQNbFvnX/Mv5YYgE70CzS4qDmIwVYiFHJ0R
Vvr4E8lAdU2lN7BjR50Uj+/Q6VkzypTos9zYJJD14Ag4oKtHJ5BMzukOJ7eVsftO
NZGd8dz5ZoM2ZeHBlf14/davV5LY9Rg4jijee0wyF6qvDdqZc9kYADyY86hCfsNC
9o9izJ9PWggoTQ/yEfid3k8651SSWmUEOT36qL2iP2+aro9cS+lb3GgByLruf4oG
WOpvM+t2rtqGNgVdo4aXlcoyQxcZYaVzo763IdIkRwiudWJfM40FNqTjxNff/i98
p3jOZ0MmJS6X6wc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org