Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hHjYRTHuf0L70bWmrX2ujAjMP8k.roa
File: hHjYRTHuf0L70bWmrX2ujAjMP8k.roa (raw, json)
Hash identifier: WtgraueiAwVAr5KQO+vNs2M44q9JtDk4t2u1kxzUU0Y=
Subject key identifier: 84:78:D8:45:31:EE:7F:42:FB:D1:B5:A6:AD:7D:AE:8C:08:CC:3F:C9
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01878EFB39CCE4C4BE86FE63ADBE2B0F0529
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hHjYRTHuf0L70bWmrX2ujAjMP8k.roa
Signing time: Mon 17 Apr 2023 11:30:41 +0000
ROA not before: Mon 17 Apr 2023 11:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 45.123.40.0/22 maxlen: 24
45.141.203.0/24 maxlen: 24
45.141.200.0/23 maxlen: 24
185.35.138.0/23 maxlen: 24
185.35.136.0/23 maxlen: 24
2a0b:64c0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:fb:39:cc:e4:c4:be:86:fe:63:ad:be:2b:0f:05:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 17 11:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8478d84531ee7f42fbd1b5a6ad7dae8c08cc3fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1e:a5:f8:c8:77:8a:ab:0d:25:72:a7:8b:9e:
45:45:14:8b:ab:de:e2:02:d6:69:20:d2:ff:03:13:
d5:b7:02:3e:77:43:34:2a:71:dc:5d:23:72:33:eb:
81:81:97:e7:43:96:3d:63:d9:14:1f:5a:89:c8:2a:
e2:ac:24:87:38:07:08:5e:26:02:1f:90:d3:d8:e3:
33:a0:02:0d:66:d3:f6:09:da:76:4d:03:e6:98:aa:
41:0a:4d:6d:1d:57:a7:0e:f2:b2:fa:84:42:41:e3:
79:e0:1d:ec:10:7a:f1:87:1a:dc:1b:7a:9a:7a:5b:
b3:9f:11:6d:a1:51:71:77:6a:3d:f9:61:e1:0e:b2:
68:6b:a8:6e:e1:08:64:52:15:cf:81:27:ee:87:66:
c9:aa:73:d3:6c:ed:1d:1f:2c:43:ce:bb:55:97:47:
17:05:a6:e9:45:52:51:0d:3d:ef:77:ca:2b:9e:ea:
eb:23:fa:ba:d8:ff:ce:72:6a:ec:d9:8a:bd:f8:6d:
97:cb:2c:29:2a:c3:4a:27:45:ce:97:fa:33:28:37:
6b:8d:3e:1c:15:e5:2c:e4:86:ae:51:d2:f9:68:56:
53:4c:43:1f:49:bd:3b:25:0b:27:2a:98:a3:1d:83:
ee:bb:f2:46:d1:84:a0:2a:3b:16:43:b5:2e:6e:ce:
b5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:78:D8:45:31:EE:7F:42:FB:D1:B5:A6:AD:7D:AE:8C:08:CC:3F:C9
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hHjYRTHuf0L70bWmrX2ujAjMP8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.123.40.0/22
45.141.200.0/23
45.141.203.0/24
185.35.136.0/22
IPv6:
2a0b:64c0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:71:87:11:94:5c:2e:ff:b3:48:d3:cb:6f:78:d7:d3:ee:4f:
d4:f4:d8:0d:5c:75:1b:e3:f5:5d:bc:16:fb:fe:67:9f:35:50:
dc:37:66:14:9b:0c:2a:11:04:a7:24:82:de:63:35:54:38:b3:
ec:b5:65:8d:eb:93:a4:ac:a8:24:f7:6e:25:dc:90:7e:a2:52:
19:5b:e3:80:9c:48:b7:21:4b:07:4a:8f:b7:66:f6:6e:03:38:
52:40:78:e4:08:10:e6:2b:9a:3d:6b:d5:65:89:6f:e6:6c:c9:
a2:0a:f4:ea:f0:e5:2c:ec:88:c3:4e:dc:e9:a0:66:08:9c:3b:
22:02:7f:77:c0:6e:86:ae:a0:4c:8a:02:5f:ea:46:84:82:32:
3f:d1:f3:14:d6:56:04:7e:3e:ae:91:91:4f:eb:de:bd:54:31:
49:b1:98:e6:64:25:ed:24:52:5f:d0:26:70:aa:17:fb:14:b4:
60:65:90:57:c5:0d:7a:98:32:6e:47:83:01:81:9a:0f:d9:67:
21:ac:93:a7:45:06:65:37:ae:9b:4e:8c:a3:d9:73:f0:99:5c:
07:6e:aa:85:43:94:98:51:b3:a1:c7:3b:6e:41:85:63:f9:78:
8e:ac:ae:c8:1e:d0:c1:42:44:bb:01:e8:2b:6a:aa:31:ec:39:
b2:76:60:e7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYeO+znM5MS+hv5jrb4rDwUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDE3MTEzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDc4ZDg0NTMxZWU3ZjQyZmJkMWI1YTZhZDdkYWU4YzA4Y2MzZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR6l+Mh3iqsNJXKni55FRRSLq97i
AtZpINL/AxPVtwI+d0M0KnHcXSNyM+uBgZfnQ5Y9Y9kUH1qJyCrirCSHOAcIXiYC
H5DT2OMzoAINZtP2Cdp2TQPmmKpBCk1tHVenDvKy+oRCQeN54B3sEHrxhxrcG3qa
eluznxFtoVFxd2o9+WHhDrJoa6hu4QhkUhXPgSfuh2bJqnPTbO0dHyxDzrtVl0cX
BabpRVJRDT3vd8ornurrI/q62P/Ocmrs2Yq9+G2XyywpKsNKJ0XOl/ozKDdrjT4c
FeUs5IauUdL5aFZTTEMfSb07JQsnKpijHYPuu/JG0YSgKjsWQ7Uubs61dwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIR42EUx7n9C+9G1pq19rowIzD/JMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaEhqWVJUSHVmMEw3MGJXbXJYMnVqQWpNUDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLXsoAwQB
LY3IAwQALY3LAwQCuSOIMA0EAgACMAcDBQAqC2TAMA0GCSqGSIb3DQEBCwUAA4IB
AQBvcYcRlFwu/7NI08tveNfT7k/U9NgNXHUb4/VdvBb7/mefNVDcN2YUmwwqEQSn
JILeYzVUOLPstWWN65OkrKgk924l3JB+olIZW+OAnEi3IUsHSo+3ZvZuAzhSQHjk
CBDmK5o9a9VliW/mbMmiCvTq8OUs7IjDTtzpoGYInDsiAn93wG6GrqBMigJf6kaE
gjI/0fMU1lYEfj6ukZFP6969VDFJsZjmZCXtJFJf0CZwqhf7FLRgZZBXxQ16mDJu
R4MBgZoP2WchrJOnRQZlN66bToyj2XPwmVwHbqqFQ5SYUbOhxztuQYVj+XiOrK7I
HtDBQkS7Aegraqox7DmydmDn
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org