Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mYKkVFF4w7Kc2lO1kUqGexdaM-4.roa
File: mYKkVFF4w7Kc2lO1kUqGexdaM-4.roa (raw, json)
Hash identifier: Mt4fCsYysQOq3f3wK3nhan891f0wX23H184RpUvPFlI=
Subject key identifier: 99:82:A4:54:51:78:C3:B2:9C:DA:53:B5:91:4A:86:7B:17:5A:33:EE
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018612F5E3CDF6B55EEEED0200ACD7D0D777
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mYKkVFF4w7Kc2lO1kUqGexdaM-4.roa
Signing time: Thu 02 Feb 2023 16:29:09 +0000
ROA not before: Thu 02 Feb 2023 16:29:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 45.156.158.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:f5:e3:cd:f6:b5:5e:ee:ed:02:00:ac:d7:d0:d7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 2 16:29:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9982a4545178c3b29cda53b5914a867b175a33ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a1:af:e1:c2:c9:f9:39:f0:31:c7:39:5f:e6:
86:1d:49:0e:4a:64:b1:a3:14:6b:a7:6c:eb:3c:cc:
50:e5:e1:61:20:94:da:68:d3:b5:06:0d:6b:01:5f:
04:5f:00:20:75:53:69:8a:be:18:8c:1a:50:90:ab:
e6:e3:cd:a4:bc:63:a5:09:b5:05:7e:dd:28:02:67:
5d:6f:9b:86:c2:e2:ab:fe:71:30:18:cf:12:20:1e:
8e:8b:3b:4e:b9:3e:05:d2:34:74:1a:9b:2d:7e:79:
46:77:56:66:d2:8e:8e:bb:e4:dd:31:aa:0e:aa:30:
3d:dd:d8:9f:95:da:a1:95:fd:7c:3d:4c:4b:b4:58:
a6:50:5e:82:c3:d6:f3:f4:5a:24:28:fc:4e:e0:53:
aa:c0:60:80:a2:e5:fa:92:ee:65:8d:b3:47:74:7c:
91:37:24:63:db:01:46:e6:0a:22:74:57:cd:49:f7:
fe:49:59:16:30:4e:c5:07:d8:cc:b8:5e:8f:19:69:
a2:6b:89:eb:d2:65:c5:f7:28:16:a9:39:9b:cb:37:
14:80:af:e6:71:37:8a:2f:17:fe:b1:4a:b0:92:fa:
72:73:9d:f0:c4:d0:a1:d8:d1:5b:f7:2a:69:db:05:
5c:dc:c0:75:4e:8f:87:31:57:b5:03:ce:1d:9e:92:
5e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:82:A4:54:51:78:C3:B2:9C:DA:53:B5:91:4A:86:7B:17:5A:33:EE
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mYKkVFF4w7Kc2lO1kUqGexdaM-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
89.37.62.0/24
93.115.109.0/24
Signature Algorithm: sha256WithRSAEncryption
98:5b:76:12:e0:c2:73:6d:20:ac:06:e3:92:d8:d9:39:37:5b:
64:0d:5a:cb:ba:5a:85:0c:d3:10:88:cd:6d:f6:6d:41:e0:2e:
6c:1f:3c:63:d5:c6:a5:15:9a:81:c1:c2:c1:07:3f:f7:88:01:
8f:88:dd:e1:95:7d:25:e1:8a:23:95:14:a1:b7:68:0f:f4:d9:
2c:7a:0d:ba:53:29:77:ac:03:1a:56:3a:6d:f7:1c:54:d5:0f:
b4:e9:75:b6:4d:0b:91:8c:07:aa:e4:8c:f2:ed:b4:4a:92:9c:
08:1a:9d:4d:14:7c:2b:72:5c:fe:83:00:3c:5f:ab:a2:02:3d:
4e:4d:f0:87:f1:23:eb:85:12:e1:a6:d0:5e:3f:9f:9a:2c:0a:
e6:3d:45:d2:2f:af:63:d8:e3:00:56:88:c4:1f:60:9c:6c:83:
60:fd:4b:b1:1a:3c:d3:ed:2a:05:b9:12:e7:3c:aa:df:c3:a0:
cc:5b:56:ce:78:80:dc:fa:bb:d5:0f:ca:5c:29:5b:24:fe:36:
73:a1:4a:19:3b:f7:87:1a:a6:ac:cd:3b:e8:22:8c:8f:70:80:
23:22:48:12:29:9a:1f:ad:9b:0b:2b:e6:f2:24:d9:49:0b:b0:
b7:3c:7e:17:bc:44:d1:a0:fe:8d:a7:7b:91:7c:2e:b5:54:90:
bb:b7:8e:3c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYS9ePN9rVe7u0CAKzX0Nd3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTYyOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTgyYTQ1NDUxNzhjM2IyOWNkYTUzYjU5MTRhODY3YjE3NWEzM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqGv4cLJ+TnwMcc5X+aGHUkOSmSx
oxRrp2zrPMxQ5eFhIJTaaNO1Bg1rAV8EXwAgdVNpir4YjBpQkKvm482kvGOlCbUF
ft0oAmddb5uGwuKr/nEwGM8SIB6OiztOuT4F0jR0GpstfnlGd1Zm0o6Ou+TdMaoO
qjA93difldqhlf18PUxLtFimUF6Cw9bz9FokKPxO4FOqwGCAouX6ku5ljbNHdHyR
NyRj2wFG5goidFfNSff+SVkWME7FB9jMuF6PGWmia4nr0mXF9ygWqTmbyzcUgK/m
cTeKLxf+sUqwkvpyc53wxNCh2NFb9ypp2wVc3MB1To+HMVe1A84dnpJeHQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJmCpFRReMOynNpTtZFKhnsXWjPuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbVlLa1ZGRjR3N0tjMmxPMWtVcUdleGRhTS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtnJ0D
BAAtnJ4DBABZJT4DBABdc20wDQYJKoZIhvcNAQELBQADggEBAJhbdhLgwnNtIKwG
45LY2Tk3W2QNWsu6WoUM0xCIzW32bUHgLmwfPGPVxqUVmoHBwsEHP/eIAY+I3eGV
fSXhiiOVFKG3aA/02Sx6DbpTKXesAxpWOm33HFTVD7TpdbZNC5GMB6rkjPLttEqS
nAganU0UfCtyXP6DADxfq6ICPU5N8IfxI+uFEuGm0F4/n5osCuY9RdIvr2PY4wBW
iMQfYJxsg2D9S7EaPNPtKgW5Euc8qt/DoMxbVs54gNz6u9UPylwpWyT+NnOhShk7
94capqzNO+gijI9wgCMiSBIpmh+tmwsr5vIk2UkLsLc8fhe8RNGg/o2ne5F8LrVU
kLu3jjw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org