Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0pBPydERDWrhBBqqqFKe1B-REag.roa
File: 0pBPydERDWrhBBqqqFKe1B-REag.roa (raw, json)
Hash identifier: Uw5f3b2ShgkMG5M3EJmE77wKKu6TTHJ6VN+G4QBcasA=
Subject key identifier: D2:90:4F:C9:D1:11:0D:6A:E1:04:1A:AA:A8:52:9E:D4:1F:91:11:A8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B50BA1CB415954F6648F66C031113CC0B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0pBPydERDWrhBBqqqFKe1B-REag.roa
Signing time: Sat 21 Oct 2023 05:34:16 +0000
ROA not before: Sat 21 Oct 2023 05:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 45.89.32.0/22 maxlen: 24
45.131.248.0/22 maxlen: 24
45.146.184.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:50:ba:1c:b4:15:95:4f:66:48:f6:6c:03:11:13:cc:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 21 05:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2904fc9d1110d6ae1041aaaa8529ed41f9111a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:be:3d:00:f7:13:c0:ce:67:ff:33:17:75:4e:
39:06:01:7d:16:d7:f6:87:52:74:1d:06:d1:61:2d:
47:29:c3:80:7b:80:6c:33:88:79:3f:d5:1b:b5:e2:
03:3c:d3:27:34:c2:47:80:ef:0f:ab:5b:a6:c8:8f:
06:96:8c:14:07:55:9b:1b:b4:1d:fd:33:34:37:aa:
4a:e5:b3:9b:87:c9:7a:b4:d1:1f:8f:6a:61:bf:40:
11:7e:7c:2b:a6:51:c1:14:71:02:9e:8b:df:98:90:
26:df:01:5b:6c:f3:53:35:ae:22:7d:28:d3:13:e3:
77:0a:e7:bd:20:a8:55:61:f4:29:43:e7:32:55:b0:
cd:de:06:d0:28:3b:c6:51:69:21:8c:31:15:b0:cd:
ac:b2:b1:f4:a3:01:de:5e:cc:35:e4:a8:24:f6:6b:
ab:db:ab:79:dc:2a:0a:35:1a:fa:c0:7e:5f:92:0f:
8f:9a:4d:a8:49:c6:1d:d8:d4:19:f5:f3:79:15:75:
b2:f6:c2:28:0d:93:3b:4f:00:d2:92:d5:2d:1d:b6:
af:ca:33:b7:20:e8:77:90:18:34:e9:62:e2:79:c1:
a3:33:cd:39:c1:d1:7c:0b:41:1b:20:69:23:59:3f:
d2:57:b6:ce:8f:f4:8b:a1:24:8f:ad:cc:25:e8:35:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:90:4F:C9:D1:11:0D:6A:E1:04:1A:AA:A8:52:9E:D4:1F:91:11:A8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/0pBPydERDWrhBBqqqFKe1B-REag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.32.0/22
45.131.248.0/22
45.146.184.0/23
Signature Algorithm: sha256WithRSAEncryption
47:5d:5d:27:16:b9:b5:9b:ae:54:ba:72:88:0f:f0:bb:19:84:
32:52:b0:28:be:72:39:7a:9e:26:76:e2:cf:50:25:52:14:60:
50:8f:be:10:df:37:ef:e3:cb:0b:cc:f2:a2:9b:42:70:eb:ed:
74:ff:56:77:1d:bd:68:fc:85:05:de:14:3b:4f:51:78:5d:29:
38:4d:48:e4:12:df:82:c0:ef:66:2f:5c:f0:fd:9b:e0:17:44:
3f:01:76:8f:7a:50:42:bb:24:03:d9:d9:13:b4:8a:c7:56:75:
19:b4:ab:5d:9a:5a:db:cf:ce:e8:48:71:f9:95:1f:06:fb:3c:
a7:e8:08:fd:fb:b2:80:d7:64:62:75:01:26:92:aa:ba:ad:fc:
c7:47:f0:9b:7e:06:b8:1c:cb:40:59:95:31:38:27:70:b2:9d:
c9:60:8e:6f:20:a0:32:79:fc:76:88:3f:fa:67:86:40:28:84:
31:94:b3:6e:95:ed:91:17:90:a7:8d:f3:7b:be:04:0b:ac:77:
26:91:56:f6:ba:b4:ea:4a:bb:1d:9c:bd:5e:4e:90:85:76:c7:
7f:c6:53:bc:9d:66:f1:ac:af:78:2c:c1:ec:23:8f:08:c3:68:
af:13:98:0b:6c:2e:38:db:7f:f9:b1:df:e0:6d:0f:8c:aa:f2:
15:dd:63:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtQuhy0FZVPZkj2bAMRE8wLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDIxMDUzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkwNGZjOWQxMTEwZDZhZTEwNDFhYWFhODUyOWVkNDFmOTExMWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL49APcTwM5n/zMXdU45BgF9Ftf2
h1J0HQbRYS1HKcOAe4BsM4h5P9UbteIDPNMnNMJHgO8Pq1umyI8GlowUB1WbG7Qd
/TM0N6pK5bObh8l6tNEfj2phv0ARfnwrplHBFHECnovfmJAm3wFbbPNTNa4ifSjT
E+N3Cue9IKhVYfQpQ+cyVbDN3gbQKDvGUWkhjDEVsM2ssrH0owHeXsw15Kgk9mur
26t53CoKNRr6wH5fkg+Pmk2oScYd2NQZ9fN5FXWy9sIoDZM7TwDSktUtHbavyjO3
IOh3kBg06WLiecGjM805wdF8C0EbIGkjWT/SV7bOj/SLoSSPrcwl6DUJdQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNKQT8nREQ1q4QQaqqhSntQfkRGoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMHBCUHlkRVJEV3JoQkJxcXFGS2UxQi1SRWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVkgAwQC
LYP4AwQBLZK4MA0GCSqGSIb3DQEBCwUAA4IBAQBHXV0nFrm1m65UunKID/C7GYQy
UrAovnI5ep4mduLPUCVSFGBQj74Q3zfv48sLzPKim0Jw6+10/1Z3Hb1o/IUF3hQ7
T1F4XSk4TUjkEt+CwO9mL1zw/ZvgF0Q/AXaPelBCuyQD2dkTtIrHVnUZtKtdmlrb
z87oSHH5lR8G+zyn6Aj9+7KA12RidQEmkqq6rfzHR/Cbfga4HMtAWZUxOCdwsp3J
YI5vIKAyefx2iD/6Z4ZAKIQxlLNule2RF5CnjfN7vgQLrHcmkVb2urTqSrsdnL1e
TpCFdsd/xlO8nWbxrK94LMHsI48Iw2ivE5gLbC4423/5sd/gbQ+MqvIV3WPT
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:27 2024 by rpki-client on console-fra.rpki-client.org