Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lWscts2CP2mlWa8SAPpxeiUbqtQ.roa
File: lWscts2CP2mlWa8SAPpxeiUbqtQ.roa (raw, json)
Hash identifier: BfJ4gcR9wmHb5x3KXe5679EJLHu2y4F5PfNnR8gLu0M=
Subject key identifier: 95:6B:1C:B6:CD:82:3F:69:A5:59:AF:12:00:FA:71:7A:25:1B:AA:D4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571032229C437A0BD8038B57C1FCCFD89
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lWscts2CP2mlWa8SAPpxeiUbqtQ.roa
Signing time: Mon 02 Jan 2023 05:45:08 +0000
ROA not before: Mon 02 Jan 2023 05:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 262287
IP address blocks: 45.91.49.0/24 maxlen: 24
45.91.48.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:22:29:c4:37:a0:bd:80:38:b5:7c:1f:cc:fd:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956b1cb6cd823f69a559af1200fa717a251baad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6c:1b:90:29:13:18:c3:e8:11:c2:95:ac:d5:
f8:58:b7:3d:f4:25:5d:12:58:41:8a:e7:ef:cb:23:
aa:e6:15:9a:c4:13:23:6d:28:00:98:60:2e:7f:f4:
67:48:a6:3f:11:c5:ad:6e:14:05:70:a7:1f:a2:f4:
cf:01:d1:2b:23:33:0e:d5:0b:3e:4e:76:37:60:d9:
1a:44:8a:f8:cb:bb:46:7c:f5:e2:8a:fe:e8:10:1f:
f9:dd:ac:49:be:f5:71:81:08:19:89:c4:8b:6a:b0:
a7:e3:8c:e2:06:90:2f:2b:a9:66:9f:99:bd:52:9f:
04:91:43:17:e5:ea:0f:90:8b:53:9e:77:7b:39:b1:
46:53:89:bb:f9:e9:bc:ed:3b:49:c3:21:a7:c4:44:
9a:bb:eb:df:37:58:a2:20:e4:ef:be:f4:cb:61:96:
84:be:03:cd:51:14:5b:1d:f7:d8:a7:8e:af:1b:0e:
e0:e3:8f:36:18:2d:62:d3:82:96:58:e4:a0:93:71:
51:7b:ea:2b:e2:2e:eb:af:77:25:16:a8:62:d3:5e:
7d:19:a6:1b:a7:5f:28:70:a6:75:c0:ba:0d:0b:2a:
e0:53:48:f5:1f:9a:94:78:fe:36:fc:cc:2e:32:45:
4c:05:ff:d8:ec:27:a1:d7:19:79:f4:6f:dc:92:d9:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6B:1C:B6:CD:82:3F:69:A5:59:AF:12:00:FA:71:7A:25:1B:AA:D4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/lWscts2CP2mlWa8SAPpxeiUbqtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.48.0/23
Signature Algorithm: sha256WithRSAEncryption
29:87:c0:0b:af:62:b8:45:0f:cb:42:75:90:aa:a7:e7:6c:66:
0a:d3:47:69:4a:f2:65:f6:9e:a6:38:bd:0c:a1:68:61:0f:d5:
f4:8e:78:86:9b:13:92:5c:9f:f7:4a:2e:62:3d:c4:81:30:c9:
2e:3a:54:66:53:9d:55:5f:55:79:29:34:40:a3:4f:50:fd:49:
c2:4a:34:0f:cb:58:bf:22:45:a1:d2:13:af:5f:9d:ac:dd:c3:
88:7c:fd:72:ab:1b:98:7d:48:76:99:47:ea:de:3d:45:4b:45:
7d:47:2d:62:d2:ae:b4:53:77:1b:29:ec:4a:68:9c:ea:5e:10:
e3:06:cb:57:0c:e8:83:7c:b6:0e:35:94:4f:44:ed:4a:9b:22:
ea:20:a0:5c:ea:d5:53:3c:c3:35:52:9f:63:1d:b5:37:03:33:
5c:9b:00:0d:4e:a3:6a:14:a5:18:0d:de:b5:54:6a:b3:8f:96:
73:f5:e0:f0:9c:ba:25:a8:db:d7:b7:6d:18:2b:ce:52:d0:b8:
26:6a:bc:71:53:8d:41:e3:f5:db:5f:0f:16:4e:ed:97:d4:fb:
cf:65:6e:09:9d:9e:9c:47:eb:a2:f9:0b:5f:47:66:db:75:ad:
cb:ae:94:1e:21:6d:fe:bc:4c:5e:93:7f:e9:14:c1:83:b3:51:
fa:9c:90:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAyIpxDegvYA4tXwfzP2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZiMWNiNmNkODIzZjY5YTU1OWFmMTIwMGZhNzE3YTI1MWJhYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWwbkCkTGMPoEcKVrNX4WLc99CVd
ElhBiufvyyOq5hWaxBMjbSgAmGAuf/RnSKY/EcWtbhQFcKcfovTPAdErIzMO1Qs+
TnY3YNkaRIr4y7tGfPXiiv7oEB/53axJvvVxgQgZicSLarCn44ziBpAvK6lmn5m9
Up8EkUMX5eoPkItTnnd7ObFGU4m7+em87TtJwyGnxESau+vfN1iiIOTvvvTLYZaE
vgPNURRbHffYp46vGw7g4482GC1i04KWWOSgk3FRe+or4i7rr3clFqhi0159GaYb
p18ocKZ1wLoNCyrgU0j1H5qUeP42/MwuMkVMBf/Y7Ceh1xl59G/cktkOOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVrHLbNgj9ppVmvEgD6cXolG6rUMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbFdzY3RzMkNQMm1sV2E4U0FQcHhlaVVicXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVswMA0G
CSqGSIb3DQEBCwUAA4IBAQAph8ALr2K4RQ/LQnWQqqfnbGYK00dpSvJl9p6mOL0M
oWhhD9X0jniGmxOSXJ/3Si5iPcSBMMkuOlRmU51VX1V5KTRAo09Q/UnCSjQPy1i/
IkWh0hOvX52s3cOIfP1yqxuYfUh2mUfq3j1FS0V9Ry1i0q60U3cbKexKaJzqXhDj
BstXDOiDfLYONZRPRO1KmyLqIKBc6tVTPMM1Up9jHbU3AzNcmwANTqNqFKUYDd61
VGqzj5Zz9eDwnLolqNvXt20YK85S0LgmarxxU41B4/XbXw8WTu2X1PvPZW4JnZ6c
R+ui+QtfR2bbda3LrpQeIW3+vExek3/pFMGDs1H6nJAw
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org