Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/30FY3TeCvgrq213uYy0bVfkp_CU.roa
File: 30FY3TeCvgrq213uYy0bVfkp_CU.roa (raw, json)
Hash identifier: er1HxDk0CRNMkDnln30B2QRGthMP1nN+4P9cnJ3+jYk=
Subject key identifier: DF:41:58:DD:37:82:BE:0A:EA:DB:5D:EE:63:2D:1B:55:F9:29:FC:25
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 01856FF019893B0A9BDB68710DCB98A15023
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/30FY3TeCvgrq213uYy0bVfkp_CU.roa
Signing time: Mon 02 Jan 2023 00:44:44 +0000
ROA not before: Mon 02 Jan 2023 00:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61157
IP address blocks: 45.84.74.0/23 maxlen: 23
2a0e:a680:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:19:89:3b:0a:9b:db:68:71:0d:cb:98:a1:50:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Jan 2 00:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df4158dd3782be0aeadb5dee632d1b55f929fc25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ed:86:83:29:3c:56:3d:db:96:38:1d:9e:10:
c3:dc:da:32:a0:90:34:fa:7e:ac:91:8b:5a:a5:73:
4b:5b:e8:fa:54:8b:9a:de:fc:f6:8f:9e:92:e9:4a:
05:8e:90:b0:b5:a4:f6:14:b8:75:83:d6:a2:cf:1c:
9a:ce:9b:c4:27:28:b2:f8:e5:60:e9:37:5a:43:81:
d8:69:3f:4f:b4:d6:ba:bf:6d:82:c4:4b:27:e9:28:
01:2b:3a:ac:fc:da:58:bc:da:40:aa:13:f3:e4:a8:
ad:eb:9e:06:43:b1:7a:70:49:1d:59:b1:6e:1e:5c:
c0:3d:23:fb:21:71:7e:fe:9b:70:9c:c7:34:ac:ff:
68:bf:5f:6c:6a:86:26:44:0f:70:5e:b7:ed:58:2c:
84:49:fb:c3:5f:61:b0:80:56:ca:38:29:0d:9e:9f:
4c:d3:18:54:24:6c:e6:f0:2d:83:9a:1d:54:9c:eb:
f1:6a:41:5c:d5:14:e6:82:0f:9e:02:b1:ea:da:3d:
02:fc:ed:89:94:4f:ab:fd:b1:d0:7d:35:9b:a8:fd:
e3:f6:01:97:27:f7:bd:f1:0a:69:e1:01:d5:98:62:
75:f6:05:4d:29:bd:ca:8a:69:20:c6:12:ee:4e:be:
f9:67:fa:8d:40:e8:d6:71:a6:7d:21:0e:fe:00:1f:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:41:58:DD:37:82:BE:0A:EA:DB:5D:EE:63:2D:1B:55:F9:29:FC:25
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/30FY3TeCvgrq213uYy0bVfkp_CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.74.0/23
IPv6:
2a0e:a680:1::/48
Signature Algorithm: sha256WithRSAEncryption
88:45:83:b4:71:b9:d6:cd:a5:61:f1:84:34:f0:d3:b8:8d:ce:
ad:76:34:d0:70:fc:5f:aa:ca:d0:2c:cc:9b:80:6f:cc:16:24:
72:42:70:51:0c:2d:92:77:fd:db:b1:5e:e1:9d:08:f0:f5:0d:
4f:c6:f6:c1:ed:a2:c1:f2:58:86:9b:53:5e:4e:79:1d:bf:ab:
d5:36:03:fe:a8:13:89:a7:24:20:06:07:5a:fd:91:e0:27:22:
69:1a:93:f0:5f:da:a9:9a:55:f0:5a:b7:74:3a:30:e8:bc:e5:
a7:5c:6e:ff:38:9c:ba:13:a2:79:4e:7f:fc:68:24:af:7d:1d:
f9:f2:1e:0b:4a:0f:be:1b:ff:8b:da:c4:18:02:11:0c:c4:3c:
27:02:fe:bc:9b:cf:fd:1c:24:a1:cf:ef:94:b1:19:5b:a4:10:
b8:fb:1f:82:7a:de:87:31:d6:6c:a4:7e:ba:d6:72:7a:ea:e3:
49:5c:d4:43:6e:5c:12:7b:ed:a9:ab:9d:c7:bd:45:87:fe:c3:
19:0e:f0:df:b7:51:a7:23:af:ab:95:2a:01:c3:ab:db:00:8f:
b9:d0:62:2f:21:1b:8d:6d:3a:30:ca:5c:78:20:3c:c2:8c:a6:
02:d6:2f:c4:2d:bd:41:fc:65:6e:08:58:ba:87:ac:b0:2c:fd:
83:49:f9:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv8BmJOwqb22hxDcuYoVAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjMwMTAyMDA0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjQxNThkZDM3ODJiZTBhZWFkYjVkZWU2MzJkMWI1NWY5MjlmYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe2Ggyk8Vj3bljgdnhDD3NoyoJA0
+n6skYtapXNLW+j6VIua3vz2j56S6UoFjpCwtaT2FLh1g9aizxyazpvEJyiy+OVg
6TdaQ4HYaT9PtNa6v22CxEsn6SgBKzqs/NpYvNpAqhPz5Kit654GQ7F6cEkdWbFu
HlzAPSP7IXF+/ptwnMc0rP9ov19saoYmRA9wXrftWCyESfvDX2GwgFbKOCkNnp9M
0xhUJGzm8C2Dmh1UnOvxakFc1RTmgg+eArHq2j0C/O2JlE+r/bHQfTWbqP3j9gGX
J/e98Qpp4QHVmGJ19gVNKb3KimkgxhLuTr75Z/qNQOjWcaZ9IQ7+AB9ZpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN9BWN03gr4K6ttd7mMtG1X5KfwlMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEvMzBGWTNUZUN2Z3JxMjEzdVl5MGJWZmtwX0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLVRKMA8E
AgACMAkDBwAqDqaAAAEwDQYJKoZIhvcNAQELBQADggEBAIhFg7RxudbNpWHxhDTw
07iNzq12NNBw/F+qytAszJuAb8wWJHJCcFEMLZJ3/duxXuGdCPD1DU/G9sHtosHy
WIabU15OeR2/q9U2A/6oE4mnJCAGB1r9keAnImkak/Bf2qmaVfBat3Q6MOi85adc
bv84nLoTonlOf/xoJK99HfnyHgtKD74b/4vaxBgCEQzEPCcC/rybz/0cJKHP75Sx
GVukELj7H4J63ocx1mykfrrWcnrq40lc1ENuXBJ77amrnce9RYf+wxkO8N+3Uacj
r6uVKgHDq9sAj7nQYi8hG41tOjDKXHggPMKMpgLWL8QtvUH8ZW4IWLqHrLAs/YNJ
+UU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:35 2024 by rpki-client on console-fra.rpki-client.org