Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ik1bvt4bcuOXaD82l3lq3z16Li0.roa
File: ik1bvt4bcuOXaD82l3lq3z16Li0.roa (raw, json)
Hash identifier: xeMR7j3l0mDv/XMlZx+vSWFf9hyDA9/8mBYOdwA6OSg=
Subject key identifier: 8A:4D:5B:BE:DE:1B:72:E3:97:68:3F:36:97:79:6A:DF:3D:7A:2E:2D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A5F5A3F94FBF517E3FBC78E02F8FB79FB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ik1bvt4bcuOXaD82l3lq3z16Li0.roa
Signing time: Mon 04 Sep 2023 08:41:04 +0000
ROA not before: Mon 04 Sep 2023 08:41:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 45.128.59.0/24 maxlen: 24
45.88.180.0/24 maxlen: 24
45.86.66.0/24 maxlen: 24
45.15.143.0/24 maxlen: 24
45.86.73.0/24 maxlen: 24
171.22.108.0/22 maxlen: 22
45.15.177.0/24 maxlen: 24
45.89.104.0/24 maxlen: 24
45.92.195.0/24 maxlen: 24
92.118.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:5a:3f:94:fb:f5:17:e3:fb:c7:8e:02:f8:fb:79:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 4 08:41:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a4d5bbede1b72e397683f3697796adf3d7a2e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5d:a0:14:74:17:b0:0f:97:c1:c8:4b:93:f3:
f9:c9:ef:af:28:d3:7e:e0:7f:ef:de:68:fa:82:ae:
d5:b8:31:08:19:82:3e:74:0d:75:77:e1:52:98:78:
da:ab:54:17:5b:87:cb:4d:41:1f:22:0d:0f:94:7c:
16:1f:5e:d9:0b:42:1a:c7:9d:c8:9c:16:43:00:f4:
29:39:70:ee:fc:8c:66:3f:6c:52:2e:b6:84:fb:f5:
77:81:51:d5:c7:e8:d8:2c:cc:de:dd:65:3a:bd:38:
d8:be:73:db:1a:12:7e:5d:58:2d:d8:98:a2:21:d4:
ff:df:11:71:90:15:8e:57:96:68:52:f9:54:37:57:
85:ea:46:7e:b2:55:ef:ef:f1:0b:7c:ec:25:fb:62:
cb:55:20:a5:2f:fb:df:fe:e5:ee:1c:a9:a3:a4:9a:
09:4a:a0:d2:71:a1:ef:e3:3c:1b:db:30:96:e1:69:
c2:ac:f6:d8:cf:ae:30:1c:13:d3:e1:69:f9:33:11:
27:29:c5:6d:3f:20:13:73:26:32:eb:8a:85:03:b6:
51:11:ba:29:8a:46:18:0a:f5:f4:95:f4:26:ee:0b:
40:c7:c3:d5:6d:39:fe:cd:45:4a:3f:d9:df:f9:01:
83:28:d4:3b:f6:53:73:41:60:7d:3d:13:1e:12:fc:
3b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4D:5B:BE:DE:1B:72:E3:97:68:3F:36:97:79:6A:DF:3D:7A:2E:2D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ik1bvt4bcuOXaD82l3lq3z16Li0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.143.0/24
45.15.177.0/24
45.86.66.0/24
45.86.73.0/24
45.88.180.0/24
45.89.104.0/24
45.92.195.0/24
45.128.59.0/24
92.118.235.0/24
171.22.108.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:1e:d9:a7:6d:2e:2e:cb:d4:f1:11:d0:81:d8:cf:04:b8:a2:
f6:c3:af:fb:08:a0:a5:8d:35:88:28:48:6b:0f:ba:d4:ab:02:
b8:36:75:a0:82:58:55:c5:ce:02:a3:29:b9:11:90:a8:f7:37:
8e:94:42:c8:7a:e5:bc:84:4c:52:ab:40:e7:4c:ff:a8:1b:12:
87:c1:72:0a:4f:82:16:78:84:d3:a0:c8:f6:b8:0f:7a:1e:5b:
f4:5b:ad:1a:e2:ac:92:98:bb:67:d3:54:1a:83:b4:09:4b:ac:
43:69:e4:d8:83:ea:c2:4a:3a:44:00:f9:75:1d:e4:d1:b4:09:
d2:c5:b8:27:97:24:97:9d:1c:38:9b:e2:6a:08:20:91:00:24:
14:0d:b1:c0:c8:21:06:e3:0c:b3:f3:2e:41:f4:54:72:56:7c:
ef:7c:1b:af:7c:5d:39:04:1e:8b:e7:d8:65:de:4b:43:7e:50:
71:4f:71:9b:2f:6d:8b:e4:52:26:17:cb:e7:5b:a8:c7:3f:53:
00:fb:31:59:1c:66:9d:8d:b9:64:72:ee:a1:3d:c3:cd:17:69:
1a:1c:60:33:41:44:e5:7d:c0:39:14:3f:7a:e5:c7:ee:3f:7c:
a3:40:c3:b8:a4:1e:2f:83:49:e1:20:97:42:a9:08:d0:9d:f5:
1f:02:e1:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYpfWj+U+/UX4/vHjgL4+3n7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA0MDg0MTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRkNWJiZWRlMWI3MmUzOTc2ODNmMzY5Nzc5NmFkZjNkN2EyZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl2gFHQXsA+XwchLk/P5ye+vKNN+
4H/v3mj6gq7VuDEIGYI+dA11d+FSmHjaq1QXW4fLTUEfIg0PlHwWH17ZC0Iax53I
nBZDAPQpOXDu/IxmP2xSLraE+/V3gVHVx+jYLMze3WU6vTjYvnPbGhJ+XVgt2Jii
IdT/3xFxkBWOV5ZoUvlUN1eF6kZ+slXv7/ELfOwl+2LLVSClL/vf/uXuHKmjpJoJ
SqDScaHv4zwb2zCW4WnCrPbYz64wHBPT4Wn5MxEnKcVtPyATcyYy64qFA7ZREbop
ikYYCvX0lfQm7gtAx8PVbTn+zUVKP9nf+QGDKNQ79lNzQWB9PRMeEvw7LQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIpNW77eG3Ljl2g/Npd5at89ei4tMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaWsxYnZ0NGJjdU9YYUQ4MmwzbHEzejE2TGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQ+PAwQA
LQ+xAwQALVZCAwQALVZJAwQALVi0AwQALVloAwQALVzDAwQALYA7AwQAXHbrAwQC
qxZsMA0GCSqGSIb3DQEBCwUAA4IBAQANHtmnbS4uy9TxEdCB2M8EuKL2w6/7CKCl
jTWIKEhrD7rUqwK4NnWgglhVxc4Coym5EZCo9zeOlELIeuW8hExSq0DnTP+oGxKH
wXIKT4IWeITToMj2uA96Hlv0W60a4qySmLtn01Qag7QJS6xDaeTYg+rCSjpEAPl1
HeTRtAnSxbgnlySXnRw4m+JqCCCRACQUDbHAyCEG4wyz8y5B9FRyVnzvfBuvfF05
BB6L59hl3ktDflBxT3GbL22L5FImF8vnW6jHP1MA+zFZHGadjblkcu6hPcPNF2ka
HGAzQUTlfcA5FD965cfuP3yjQMO4pB4vg0nhIJdCqQjQnfUfAuE8
-----END CERTIFICATE-----
Generated at Wed Sep 6 13:39:27 2023 by rpki-client on console-fra.rpki-client.org