Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Pb4q9EHo-elr0KM6xwSMKlz2P64.roa
File: Pb4q9EHo-elr0KM6xwSMKlz2P64.roa (raw, json)
Hash identifier: gjPtoNqyHbSFj9cvRvewMnCZbClP7/hGX8SnQZ6voC4=
Subject key identifier: 3D:BE:2A:F4:41:E8:F9:E9:6B:D0:A3:3A:C7:04:8C:2A:5C:F6:3F:AE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857103190FFF375B674F29239726EAAA94
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Pb4q9EHo-elr0KM6xwSMKlz2P64.roa
Signing time: Mon 02 Jan 2023 05:45:06 +0000
ROA not before: Mon 02 Jan 2023 05:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206286
IP address blocks: 45.141.24.0/24 maxlen: 24
45.144.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:19:0f:ff:37:5b:67:4f:29:23:97:26:ea:aa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3dbe2af441e8f9e96bd0a33ac7048c2a5cf63fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:80:11:5c:33:fc:71:29:78:e1:0e:46:8c:e3:
39:d5:ab:67:8c:46:e2:0f:62:ec:74:2d:a2:5d:fb:
31:a0:e9:2d:f1:6f:b7:81:e3:bc:82:74:7a:48:0c:
14:df:48:d9:9d:e4:9f:64:5c:39:43:85:da:3d:14:
36:6a:03:e4:ae:ee:ef:d5:4d:a2:a7:0d:07:f9:59:
b1:58:64:88:2a:5c:69:61:3d:aa:4d:a6:03:51:fb:
92:9e:0c:ea:a7:67:85:7f:ea:bb:31:92:2b:d2:df:
31:79:27:2b:8f:e4:3d:58:37:92:7f:65:d2:25:80:
37:54:d6:87:2d:34:07:8d:57:7f:88:67:6e:f7:a8:
7a:c0:d1:dc:63:92:02:30:28:48:7d:97:82:7d:1a:
d6:96:16:c1:cf:3e:91:5c:ee:bd:10:ee:50:9a:b5:
7f:ca:06:20:03:d3:1e:e5:a9:e5:48:7c:f6:e1:dc:
a0:57:c1:84:bc:9b:e6:ed:40:f3:dd:01:20:0c:af:
86:87:64:4b:1d:e4:ff:7f:b5:92:2d:d2:2e:24:ab:
3d:4b:23:28:a2:11:0c:5f:af:33:f5:96:f8:a4:6b:
92:81:2a:ba:dd:ea:de:7c:e3:6b:3d:8f:cf:8d:60:
b2:5b:69:5d:62:e2:0d:7a:70:07:62:7b:b9:d5:53:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BE:2A:F4:41:E8:F9:E9:6B:D0:A3:3A:C7:04:8C:2A:5C:F6:3F:AE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Pb4q9EHo-elr0KM6xwSMKlz2P64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.24.0/24
45.144.225.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:6f:2b:96:d0:e0:32:86:e2:f7:9f:9f:53:ef:c1:0d:0e:08:
91:b3:17:14:8c:cc:9c:4f:f3:c1:43:2c:c9:d1:ee:94:e5:be:
e9:dd:5d:21:6b:17:80:04:70:44:ef:e6:8d:8a:26:30:91:01:
eb:e7:97:d9:f8:7d:69:1c:de:e2:ea:d9:9b:a2:ba:5b:5b:b5:
dd:e3:ff:d9:15:30:2e:56:b9:d5:75:b3:e2:56:a6:81:c0:d0:
80:e4:ae:75:2c:f7:d0:e4:55:de:0a:4a:00:2d:94:f0:86:82:
26:47:8e:58:f0:cd:e6:31:71:83:5d:f0:f0:d3:37:9d:1c:30:
da:ff:75:70:e8:e6:e6:71:e4:96:e4:ac:6a:03:d5:2d:a0:b1:
50:af:7d:0e:c5:8d:63:df:0e:95:29:5c:a2:96:32:b8:5f:d2:
23:01:3b:c3:29:b8:f7:e9:1d:0e:4e:e3:8d:3b:b8:21:e4:dd:
2f:64:2d:13:1d:d5:10:a5:1d:d2:56:92:94:06:70:94:fb:94:
2c:de:6e:38:6e:46:b3:aa:81:3c:6a:60:53:fa:a6:57:b7:25:
5e:b4:c8:4b:61:ee:99:91:e5:ad:1b:f8:a6:04:23:2e:f0:3f:
47:0f:24:0e:54:f3:e1:5d:c1:7c:a7:5b:70:b1:63:31:0b:bb:
58:f5:d7:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAxkP/zdbZ08pI5cm6qqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJlMmFmNDQxZThmOWU5NmJkMGEzM2FjNzA0OGMyYTVjZjYzZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIARXDP8cSl44Q5GjOM51atnjEbi
D2LsdC2iXfsxoOkt8W+3geO8gnR6SAwU30jZneSfZFw5Q4XaPRQ2agPkru7v1U2i
pw0H+VmxWGSIKlxpYT2qTaYDUfuSngzqp2eFf+q7MZIr0t8xeScrj+Q9WDeSf2XS
JYA3VNaHLTQHjVd/iGdu96h6wNHcY5ICMChIfZeCfRrWlhbBzz6RXO69EO5QmrV/
ygYgA9Me5anlSHz24dygV8GEvJvm7UDz3QEgDK+Gh2RLHeT/f7WSLdIuJKs9SyMo
ohEMX68z9Zb4pGuSgSq63erefONrPY/PjWCyW2ldYuINenAHYnu51VNBJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2+KvRB6Pnpa9CjOscEjCpc9j+uMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUGI0cTlFSG8tZWxyMEtNNnh3U01LbHoyUDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY0YAwQA
LZDhMA0GCSqGSIb3DQEBCwUAA4IBAQBabyuW0OAyhuL3n59T78ENDgiRsxcUjMyc
T/PBQyzJ0e6U5b7p3V0haxeABHBE7+aNiiYwkQHr55fZ+H1pHN7i6tmborpbW7Xd
4//ZFTAuVrnVdbPiVqaBwNCA5K51LPfQ5FXeCkoALZTwhoImR45Y8M3mMXGDXfDw
0zedHDDa/3Vw6ObmceSW5KxqA9UtoLFQr30OxY1j3w6VKVyiljK4X9IjATvDKbj3
6R0OTuONO7gh5N0vZC0THdUQpR3SVpKUBnCU+5Qs3m44bkazqoE8amBT+qZXtyVe
tMhLYe6ZkeWtG/imBCMu8D9HDyQOVPPhXcF8p1twsWMxC7tY9dcm
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org