Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pK1gINObqJTMAYBOz0Mh27UYQKg.roa
File: pK1gINObqJTMAYBOz0Mh27UYQKg.roa (raw, json)
Hash identifier: V/wBVgpp+eO6c7xw5htylVsqccpA2zqrUDgxWuMLz8I=
Subject key identifier: A4:AD:60:20:D3:9B:A8:94:CC:01:80:4E:CF:43:21:DB:B5:18:40:A8
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B49BC80C44C30B1D901E2AAE6BBC0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pK1gINObqJTMAYBOz0Mh27UYQKg.roa
Signing time: Sun 01 Jan 2023 18:15:00 +0000
ROA not before: Sun 01 Jan 2023 18:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58110
IP address blocks: 45.88.169.0/24 maxlen: 24
45.15.140.0/24 maxlen: 24
45.92.162.0/24 maxlen: 24
45.15.184.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:49:bc:80:c4:4c:30:b1:d9:01:e2:aa:e6:bb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4ad6020d39ba894cc01804ecf4321dbb51840a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a3:0e:ff:fb:03:6c:e3:88:96:2f:63:5d:47:
8c:96:ed:bf:07:ed:af:91:4d:a8:cd:e3:b3:ba:55:
83:28:02:53:c5:67:ef:9e:d5:fa:71:bb:00:f7:df:
ad:b4:af:fb:ce:0e:48:55:61:28:66:63:bb:9b:47:
3c:d1:30:ee:36:b7:2c:d5:c1:9f:f2:f0:d5:9e:cb:
d3:65:d9:c5:aa:89:d1:41:0e:4a:b3:77:d9:72:b1:
b8:8a:61:be:be:f4:f3:29:68:5a:a3:6d:0c:90:ce:
d4:06:52:d2:d7:89:92:2f:32:f9:57:4c:49:8d:3e:
82:a5:75:5b:83:8c:77:24:b2:cf:ae:62:5c:56:4a:
6c:dd:24:be:ef:38:97:ae:b5:b6:aa:61:22:f6:be:
ce:22:ef:97:2b:d7:f9:24:ad:4f:9b:db:2d:08:d5:
73:bf:fd:17:d6:1c:49:ec:9c:a9:42:d7:19:05:6d:
17:67:a5:b6:33:8b:eb:f5:80:55:d9:ad:96:27:5e:
c0:a0:cb:f2:7b:66:b4:72:73:3c:fc:6e:27:87:41:
98:2b:96:de:d9:cf:66:9e:1b:3d:51:59:98:fa:d2:
6d:f0:1f:35:4e:ad:4f:78:6e:82:5d:53:fa:38:a5:
66:60:81:5f:9c:fc:a2:66:7d:21:ce:aa:dd:51:66:
81:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AD:60:20:D3:9B:A8:94:CC:01:80:4E:CF:43:21:DB:B5:18:40:A8
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/pK1gINObqJTMAYBOz0Mh27UYQKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.140.0/24
45.15.184.0/24
45.88.169.0/24
45.92.162.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:ae:a7:98:a7:b4:e0:2e:a1:48:7d:cc:5f:2e:00:c9:22:9f:
c1:18:ab:38:92:3d:ee:bd:b0:79:52:a9:a7:20:bd:c9:a8:09:
6a:eb:31:46:12:9d:56:3b:45:b6:3e:27:c5:93:dd:5d:c1:30:
ee:ea:9b:8f:5f:21:c5:64:02:42:17:db:ee:dd:91:a6:0b:58:
04:ea:65:d9:a1:88:22:3a:05:18:0f:05:a6:a7:42:51:3d:de:
ac:30:67:ab:c0:8f:22:55:c7:af:44:c7:c1:f5:12:73:0a:c3:
56:f7:99:48:ca:30:40:8f:4e:22:eb:9c:24:11:4f:61:04:ab:
11:32:f2:9d:d6:0a:e0:77:70:91:2c:4e:32:33:96:31:a2:21:
8d:98:7b:96:83:1d:c1:f5:91:0a:5d:8d:4a:51:24:37:a4:95:
91:8f:4c:2c:0a:0c:53:94:57:02:1e:05:d3:be:13:a3:b1:ca:
fd:6c:ee:e5:9b:fd:37:e0:22:2c:6f:b0:7b:86:53:98:e7:0f:
9f:9d:5e:ea:cc:2a:a2:fa:43:b8:dd:de:4d:2a:98:5b:d5:ee:
3d:ce:2e:5c:90:c0:1f:0a:ff:42:5e:e2:4b:0e:6f:6f:79:04:
1c:46:57:de:c6:ee:f7:71:09:6e:08:f5:18:74:6c:d6:e5:92:
c2:ae:d8:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVui0m8gMRMMLHZAeKq5rvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFkNjAyMGQzOWJhODk0Y2MwMTgwNGVjZjQzMjFkYmI1MTg0MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaMO//sDbOOIli9jXUeMlu2/B+2v
kU2ozeOzulWDKAJTxWfvntX6cbsA99+ttK/7zg5IVWEoZmO7m0c80TDuNrcs1cGf
8vDVnsvTZdnFqonRQQ5Ks3fZcrG4imG+vvTzKWhao20MkM7UBlLS14mSLzL5V0xJ
jT6CpXVbg4x3JLLPrmJcVkps3SS+7ziXrrW2qmEi9r7OIu+XK9f5JK1Pm9stCNVz
v/0X1hxJ7JypQtcZBW0XZ6W2M4vr9YBV2a2WJ17AoMvye2a0cnM8/G4nh0GYK5be
2c9mnhs9UVmY+tJt8B81Tq1PeG6CXVP6OKVmYIFfnPyiZn0hzqrdUWaBfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKStYCDTm6iUzAGATs9DIdu1GECoMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcEsxZ0lOT2JxSlRNQVlCT3owTWgyN1VZUUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ+MAwQA
LQ+4AwQALVipAwQALVyiMA0GCSqGSIb3DQEBCwUAA4IBAQBbrqeYp7TgLqFIfcxf
LgDJIp/BGKs4kj3uvbB5UqmnIL3JqAlq6zFGEp1WO0W2PifFk91dwTDu6puPXyHF
ZAJCF9vu3ZGmC1gE6mXZoYgiOgUYDwWmp0JRPd6sMGerwI8iVcevRMfB9RJzCsNW
95lIyjBAj04i65wkEU9hBKsRMvKd1grgd3CRLE4yM5YxoiGNmHuWgx3B9ZEKXY1K
USQ3pJWRj0wsCgxTlFcCHgXTvhOjscr9bO7lm/034CIsb7B7hlOY5w+fnV7qzCqi
+kO43d5NKphb1e49zi5ckMAfCv9CXuJLDm9veQQcRlfexu73cQluCPUYdGzW5ZLC
rtim
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:23 2023 by rpki-client on console-ams.rpki-client.org