Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/k45PezNWGXAOMC4mIiE8lX5e2MI.roa
File: k45PezNWGXAOMC4mIiE8lX5e2MI.roa (raw, json)
Hash identifier: ug7AgHQIvv6WEZ+MJDBFmd1HD0h5WHzL9z3nqicp4u4=
Subject key identifier: 93:8E:4F:7B:33:56:19:70:0E:30:2E:26:22:21:3C:95:7E:5E:D8:C2
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0185FD974706AB4D2BB319D7411565F92654
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/k45PezNWGXAOMC4mIiE8lX5e2MI.roa
Signing time: Sun 29 Jan 2023 12:53:47 +0000
ROA not before: Sun 29 Jan 2023 12:53:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208161
IP address blocks: 87.107.146.0/23 maxlen: 24
87.107.154.0/24 maxlen: 24
87.107.155.0/24 maxlen: 24
87.107.164.0/23 maxlen: 24
87.107.54.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fd:97:47:06:ab:4d:2b:b3:19:d7:41:15:65:f9:26:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jan 29 12:53:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=938e4f7b335619700e302e2622213c957e5ed8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:73:89:0c:bc:ec:91:75:80:74:e2:45:fb:d5:
b9:db:06:28:f8:a1:1d:10:3c:0c:75:b4:d4:74:fe:
07:ec:18:85:67:d4:5b:f0:55:d0:c2:15:90:96:d1:
06:a5:e1:ab:ae:03:e0:be:98:8c:0c:c2:32:34:37:
13:64:10:03:27:fe:85:3f:ba:8c:29:85:eb:4e:9c:
9b:9b:ac:5c:46:94:36:5b:a8:2d:3e:bd:c3:ce:3e:
82:cd:cd:47:29:d2:67:89:cd:29:ab:2c:64:be:6a:
fd:c7:81:2a:35:7c:ef:c8:e4:88:cb:cd:f7:8f:bf:
cd:a2:20:22:79:b2:20:2a:6b:52:c1:b2:5e:bf:af:
03:ad:f1:19:10:9f:ce:c8:f8:6e:38:6c:e1:64:a0:
9e:de:cd:ed:05:77:cc:f2:0f:63:c3:ef:15:89:49:
b5:91:86:74:ea:7e:7a:61:0d:2c:d4:d8:30:33:87:
91:4d:d9:a4:94:fa:6a:5a:32:1f:8a:65:6c:77:9f:
64:48:6d:7c:fe:f1:3c:7d:81:0b:12:24:ac:a0:40:
c4:d6:b9:d8:d9:22:f9:0e:44:94:59:0e:88:89:8a:
d3:df:51:7e:79:f5:0d:dd:40:c5:1a:a9:a8:b5:28:
10:b3:d7:15:64:10:8e:63:29:14:95:a1:17:41:3c:
aa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8E:4F:7B:33:56:19:70:0E:30:2E:26:22:21:3C:95:7E:5E:D8:C2
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/k45PezNWGXAOMC4mIiE8lX5e2MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.54.0/23
87.107.146.0/23
87.107.154.0/23
87.107.164.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:fb:1c:2b:1e:eb:94:e8:85:3a:32:12:0b:b7:a7:30:88:7c:
27:de:bd:16:42:90:83:8a:95:25:f7:61:83:c7:ee:20:8f:fb:
a8:86:d0:5f:ed:a9:ca:a8:ce:cf:13:1c:37:cb:45:63:ad:0a:
b0:ba:a2:a0:66:ce:06:1d:04:0c:90:eb:53:89:dd:0e:41:6b:
11:0c:7d:c9:24:9f:ca:47:51:ef:00:96:2c:f3:d9:b7:a6:f7:
1a:12:0e:f2:33:3f:61:0b:db:d2:32:f6:52:ca:02:ec:56:da:
c8:02:32:7d:2d:c2:71:b9:a8:65:71:df:fb:96:fc:87:85:ba:
3f:67:11:e5:0c:82:06:2d:06:7d:b6:b6:4d:3e:a4:58:1d:29:
dc:0f:5f:f5:b6:27:4b:d7:86:c4:85:35:61:ed:d9:24:ff:3f:
1c:16:e4:b1:e1:7e:2c:c9:1e:00:41:c4:b3:2f:96:a2:a1:b9:
b0:08:77:6f:5f:50:e9:dc:63:b9:f7:f8:ec:66:4a:ed:fd:bb:
f6:eb:ba:07:46:be:38:16:51:af:5c:e9:2f:5e:48:09:a7:59:
4a:3a:68:8d:2a:5b:79:64:f4:a5:58:a9:1a:fc:6b:0b:ca:ad:
10:d2:5f:56:1b:5f:5d:59:1f:13:2b:15:0e:0b:8f:2e:4a:bc:
ea:dc:de:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYX9l0cGq00rsxnXQRVl+SZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjMwMTI5MTI1MzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzhlNGY3YjMzNTYxOTcwMGUzMDJlMjYyMjIxM2M5NTdlNWVkOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33OJDLzskXWAdOJF+9W52wYo+KEd
EDwMdbTUdP4H7BiFZ9Rb8FXQwhWQltEGpeGrrgPgvpiMDMIyNDcTZBADJ/6FP7qM
KYXrTpybm6xcRpQ2W6gtPr3Dzj6Czc1HKdJnic0pqyxkvmr9x4EqNXzvyOSIy833
j7/NoiAiebIgKmtSwbJev68DrfEZEJ/OyPhuOGzhZKCe3s3tBXfM8g9jw+8ViUm1
kYZ06n56YQ0s1NgwM4eRTdmklPpqWjIfimVsd59kSG18/vE8fYELEiSsoEDE1rnY
2SL5DkSUWQ6IiYrT31F+efUN3UDFGqmotSgQs9cVZBCOYykUlaEXQTyq6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJOOT3szVhlwDjAuJiIhPJV+XtjCMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvazQ1UGV6TldHWEFPTUM0bUlpRThsWDVlMk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV2s2AwQB
V2uSAwQBV2uaAwQBV2ukMA0GCSqGSIb3DQEBCwUAA4IBAQBe+xwrHuuU6IU6MhIL
t6cwiHwn3r0WQpCDipUl92GDx+4gj/uohtBf7anKqM7PExw3y0VjrQqwuqKgZs4G
HQQMkOtTid0OQWsRDH3JJJ/KR1HvAJYs89m3pvcaEg7yMz9hC9vSMvZSygLsVtrI
AjJ9LcJxuahlcd/7lvyHhbo/ZxHlDIIGLQZ9trZNPqRYHSncD1/1tidL14bEhTVh
7dkk/z8cFuSx4X4syR4AQcSzL5aiobmwCHdvX1Dp3GO59/jsZkrt/bv267oHRr44
FlGvXOkvXkgJp1lKOmiNKlt5ZPSlWKka/GsLyq0Q0l9WG19dWR8TKxUOC48uSrzq
3N58
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-fra.rpki-client.org