Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-vH5q1TA7PhKqpRfi_TcUixpvOE.roa
File: 1-vH5q1TA7PhKqpRfi_TcUixpvOE.roa (raw, json)
Hash identifier: Ckun5XUVT72REDXk/anPbjNUD81XX5pzq1S4vCyvEUI=
Subject key identifier: FA:F1:F9:AB:54:C0:EC:F8:4A:AA:94:5F:8B:F4:DC:52:2C:69:BC:E1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018885847C47CBA10279D737C69B4E921AEB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-vH5q1TA7PhKqpRfi_TcUixpvOE.roa
Signing time: Sun 04 Jun 2023 08:27:12 +0000
ROA not before: Sun 04 Jun 2023 08:27:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211826
IP address blocks: 45.130.200.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
194.32.123.0/24 maxlen: 24
45.135.185.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:85:84:7c:47:cb:a1:02:79:d7:37:c6:9b:4e:92:1a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 4 08:27:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faf1f9ab54c0ecf84aaa945f8bf4dc522c69bce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:82:12:f9:c1:4f:bc:02:9f:eb:81:3c:a3:4b:
76:6e:aa:b7:7b:80:f3:7a:c6:0e:fa:d7:7a:78:2b:
51:36:d5:56:da:84:7e:38:bb:b2:6e:d4:07:7b:eb:
13:ae:37:52:94:13:a4:eb:dc:f2:b7:9f:2e:8f:b8:
85:28:7a:a4:fe:f4:0c:df:d6:17:9b:4e:e6:7d:f8:
39:5f:d8:f9:a9:fe:39:e4:7b:ff:34:d2:bd:e1:d2:
4b:92:50:18:7f:d7:1b:6e:f5:f0:40:89:fe:99:f4:
0e:6f:41:d5:30:bb:8f:e0:f4:d9:06:43:b0:7a:65:
c3:60:80:c4:f1:04:94:44:89:14:16:6c:c0:9c:b9:
12:ff:f1:4e:18:55:7b:f4:0d:95:bb:03:54:3f:50:
09:58:c9:b8:99:8e:c6:97:5d:a6:49:ad:dd:28:51:
86:8f:1a:c7:04:78:38:34:6f:68:90:c4:29:7c:6e:
2b:30:23:76:a7:e8:9a:79:be:fb:29:a1:54:82:82:
a5:bf:f6:f1:db:eb:13:55:9e:81:fa:d8:ea:7d:36:
c6:e5:bc:19:19:b0:ce:b2:30:6b:1c:a8:b3:7d:d1:
14:d7:b4:24:62:eb:94:97:d8:49:bd:5d:fb:ce:e7:
06:8a:f1:df:8a:b3:ca:d9:51:89:5d:44:b8:48:03:
91:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F1:F9:AB:54:C0:EC:F8:4A:AA:94:5F:8B:F4:DC:52:2C:69:BC:E1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-vH5q1TA7PhKqpRfi_TcUixpvOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.200.0/24
45.135.185.0/24
194.32.123.0/24
217.74.16.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a2:74:5e:48:22:a5:2b:9d:97:56:ff:f1:92:10:99:95:f0:
77:cb:b6:69:42:fe:47:28:ee:c6:1c:dd:09:f0:01:bc:ff:41:
22:45:14:c1:6d:30:7f:f9:24:d7:db:87:d8:f1:28:90:db:53:
59:b1:53:bd:f1:58:fd:c8:e0:9f:41:21:c6:99:0e:44:4e:dc:
c6:fb:c2:bb:4c:cf:be:b7:bc:4e:f3:2d:e5:79:05:ce:19:a6:
05:6f:d0:03:55:8a:33:6e:66:af:7e:fd:38:46:4a:84:72:91:
6c:bf:a3:a2:ad:52:63:45:78:9f:2a:2a:8d:6a:04:11:62:ba:
54:68:13:1f:d8:b7:12:19:c4:cb:a4:1b:a4:ae:85:c6:f3:6e:
9d:be:91:15:50:93:54:87:82:22:13:8e:46:9d:d1:b5:e0:f6:
f9:fd:85:48:7a:85:7d:64:18:9b:16:24:e0:dd:51:72:97:de:
c1:36:69:d1:63:f7:4e:18:c0:c2:9f:f9:ee:6a:1c:51:8a:5b:
fa:3c:7e:96:4e:87:5d:a7:e3:69:92:6a:4f:6a:aa:1f:22:7f:
f3:39:51:d7:91:82:96:fc:af:42:f8:4e:29:f5:b8:e3:67:5d:
11:98:ed:7a:35:06:25:9b:5f:1e:81:e5:86:77:dd:df:04:b6:
a3:83:e0:ec
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYiFhHxHy6ECedc3xptOkhrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjA0MDgyNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWYxZjlhYjU0YzBlY2Y4NGFhYTk0NWY4YmY0ZGM1MjJjNjliY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYIS+cFPvAKf64E8o0t2bqq3e4Dz
esYO+td6eCtRNtVW2oR+OLuybtQHe+sTrjdSlBOk69zyt58uj7iFKHqk/vQM39YX
m07mffg5X9j5qf455Hv/NNK94dJLklAYf9cbbvXwQIn+mfQOb0HVMLuP4PTZBkOw
emXDYIDE8QSURIkUFmzAnLkS//FOGFV79A2VuwNUP1AJWMm4mY7Gl12mSa3dKFGG
jxrHBHg4NG9okMQpfG4rMCN2p+iaeb77KaFUgoKlv/bx2+sTVZ6B+tjqfTbG5bwZ
GbDOsjBrHKizfdEU17QkYuuUl9hJvV37zucGivHfirPK2VGJXUS4SAORZQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPrx+atUwOz4SqqUX4v03FIsabzhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS12SDVxMVRBN1BoS3FwUmZpX1RjVWl4cHZPRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2CyAME
AC2HuQMEAMIgewMEANlKEDANBgkqhkiG9w0BAQsFAAOCAQEAIaJ0XkgipSudl1b/
8ZIQmZXwd8u2aUL+RyjuxhzdCfABvP9BIkUUwW0wf/kk19uH2PEokNtTWbFTvfFY
/cjgn0EhxpkORE7cxvvCu0zPvre8TvMt5XkFzhmmBW/QA1WKM25mr379OEZKhHKR
bL+joq1SY0V4nyoqjWoEEWK6VGgTH9i3EhnEy6QbpK6FxvNunb6RFVCTVIeCIhOO
Rp3RteD2+f2FSHqFfWQYmxYk4N1RcpfewTZp0WP3ThjAwp/57mocUYpb+jx+lk6H
XafjaZJqT2qqHyJ/8zlR15GClvyvQvhOKfW442ddEZjtejUGJZtfHoHlhnfd3wS2
o4Pg7A==
-----END CERTIFICATE-----
Generated at Mon Aug 7 10:37:43 2023 by rpki-client on console-fra.rpki-client.org