Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/m12js_OBoDgClv9thxkVEruO6s4.roa
File: m12js_OBoDgClv9thxkVEruO6s4.roa (raw, json)
Hash identifier: e0UjQ3L5pk/H3x/MNhnByNqIgRUL/T1O2iu1ywerAmg=
Subject key identifier: 9B:5D:A3:B3:F3:81:A0:38:02:96:FF:6D:87:19:15:12:BB:8E:EA:CE
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018AF2B74589659C521ED1BD163DF2601D64
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/m12js_OBoDgClv9thxkVEruO6s4.roa
Signing time: Mon 02 Oct 2023 23:26:51 +0000
ROA not before: Mon 02 Oct 2023 23:26:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.92.0/23 maxlen: 24
45.149.94.0/24 maxlen: 24
80.246.224.0/24 maxlen: 24
80.246.225.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.233.0/24 maxlen: 24
80.246.228.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
80.246.234.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:b7:45:89:65:9c:52:1e:d1:bd:16:3d:f2:60:1d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 2 23:26:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b5da3b3f381a0380296ff6d87191512bb8eeace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:1e:14:1e:92:db:83:77:46:cc:f0:56:6a:
c1:81:3a:ce:07:81:96:79:68:24:61:3a:71:cd:1a:
59:a3:c2:84:a4:bc:e7:f9:ed:c5:a5:c5:d3:b3:e9:
bd:18:eb:0d:e1:27:69:82:4a:84:23:09:47:cb:7e:
f1:39:04:03:8f:73:f5:41:95:1a:19:2f:ec:b9:64:
4a:c5:1b:51:e8:e3:26:8c:2d:31:a3:26:5f:38:68:
b7:23:10:d5:02:e6:b8:7f:3d:b9:65:04:3e:57:1e:
d1:06:02:30:df:cd:b0:c2:02:0b:51:8b:0c:79:78:
9f:f3:3f:58:f8:c0:7c:bc:2e:98:28:1d:3d:cd:71:
5f:86:9b:62:d9:65:74:c7:df:83:e1:8b:31:40:9d:
ba:85:29:c5:3a:36:c9:ed:fb:8a:31:a0:1e:6d:71:
34:b3:f4:3f:fa:c2:51:23:7d:05:46:83:af:b5:5d:
33:ab:93:8c:66:b2:93:33:b0:bd:b6:fe:57:fe:a5:
e7:34:05:b0:ee:d2:47:fc:a8:1a:c0:fe:bb:50:37:
2a:ee:3b:b7:55:4f:b9:9e:2c:ee:14:e8:a5:76:fc:
39:10:ce:ca:56:67:ab:54:0a:0c:df:47:bf:ec:76:
72:dd:2d:fd:88:67:81:79:d1:21:b1:6d:bd:35:40:
3b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:5D:A3:B3:F3:81:A0:38:02:96:FF:6D:87:19:15:12:BB:8E:EA:CE
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/m12js_OBoDgClv9thxkVEruO6s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.92.0-45.149.94.255
80.246.224.0/23
80.246.228.0/24
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
16:48:75:62:f4:0d:3c:c2:83:9a:8d:58:7a:04:f1:37:d0:b8:
19:5c:e4:70:d5:f6:2c:20:a6:21:d1:2d:85:1c:eb:13:a2:da:
35:2a:01:09:d5:03:1b:57:54:f2:9d:0d:b7:a2:42:f3:06:24:
c3:2b:68:dd:bd:8b:61:52:d3:b3:ec:14:c6:e7:83:5b:95:1d:
7b:09:62:7d:c9:2e:2b:ec:1a:b0:60:8a:f4:99:af:e9:72:a5:
ef:e9:91:d4:9e:34:59:bf:61:63:99:ca:3a:07:de:3a:47:fa:
41:ed:38:d4:f1:ac:65:51:fe:bf:8b:83:6f:76:a5:5a:2e:54:
c4:78:22:fe:0e:d0:33:a0:77:12:95:1c:98:9e:06:01:9f:13:
bf:12:4e:ec:4d:e5:d9:92:4b:ee:80:9b:99:62:64:87:b3:b4:
6e:f1:1d:c3:77:e8:d9:9d:99:05:38:f1:1d:e0:11:ac:ff:b7:
f3:f3:8c:61:f2:e6:51:0c:09:05:6f:ea:4a:b3:28:80:1d:a2:
46:7d:4a:13:c9:6b:47:aa:f3:a9:a1:28:11:92:73:a5:95:4b:
87:05:85:d8:07:70:3a:0b:4a:91:0a:47:ba:0c:af:8a:0c:0f:
22:29:e0:58:bc:15:2a:c9:3f:45:96:29:58:ec:16:8c:03:4d:
6e:86:89:e5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYryt0WJZZxSHtG9Fj3yYB1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMDAyMjMyNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjVkYTNiM2YzODFhMDM4MDI5NmZmNmQ4NzE5MTUxMmJiOGVlYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOYeFB6S24N3RszwVmrBgTrOB4GW
eWgkYTpxzRpZo8KEpLzn+e3FpcXTs+m9GOsN4SdpgkqEIwlHy37xOQQDj3P1QZUa
GS/suWRKxRtR6OMmjC0xoyZfOGi3IxDVAua4fz25ZQQ+Vx7RBgIw382wwgILUYsM
eXif8z9Y+MB8vC6YKB09zXFfhpti2WV0x9+D4YsxQJ26hSnFOjbJ7fuKMaAebXE0
s/Q/+sJRI30FRoOvtV0zq5OMZrKTM7C9tv5X/qXnNAWw7tJH/KgawP67UDcq7ju3
VU+5nizuFOildvw5EM7KVmerVAoM30e/7HZy3S39iGeBedEhsW29NUA75QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJtdo7PzgaA4Apb/bYcZFRK7jurOMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvbTEyanNfT0JvRGdDbHY5dGh4a1ZFcnVPNnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAItlVwD
BAAtlV4DBAFQ9uADBABQ9uQDBANQ9ugwDQYJKoZIhvcNAQELBQADggEBABZIdWL0
DTzCg5qNWHoE8TfQuBlc5HDV9iwgpiHRLYUc6xOi2jUqAQnVAxtXVPKdDbeiQvMG
JMMraN29i2FS07PsFMbng1uVHXsJYn3JLivsGrBgivSZr+lype/pkdSeNFm/YWOZ
yjoH3jpH+kHtONTxrGVR/r+Lg292pVouVMR4Iv4O0DOgdxKVHJieBgGfE78STuxN
5dmSS+6Am5liZIeztG7xHcN36NmdmQU48R3gEaz/t/PzjGHy5lEMCQVv6kqzKIAd
okZ9ShPJa0eq86mhKBGSc6WVS4cFhdgHcDoLSpEKR7oMr4oMDyIp4Fi8FSrJP0WW
KVjsFowDTW6GieU=
-----END CERTIFICATE-----
Generated at Sun Oct 8 18:29:08 2023 by rpki-client on console-fra.rpki-client.org