Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/K3aU0WQ0WEvpYkCqkaazmjG-_Ow.roa
File: K3aU0WQ0WEvpYkCqkaazmjG-_Ow.roa (raw, json)
Hash identifier: BEo7nVc1MIGtbT/CPsqejPk+aQBEN5+/pHy2uvAMtG0=
Subject key identifier: 2B:76:94:D1:64:34:58:4B:E9:62:40:AA:91:A6:B3:9A:31:BE:FC:EC
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 01856C780FA14C7FA8E6201A2C5FBDDA581E
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/K3aU0WQ0WEvpYkCqkaazmjG-_Ow.roa
Signing time: Sun 01 Jan 2023 08:34:45 +0000
ROA not before: Sun 01 Jan 2023 08:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61432
IP address blocks: 45.143.203.0/24 maxlen: 24
185.156.72.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:0f:a1:4c:7f:a8:e6:20:1a:2c:5f:bd:da:58:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 1 08:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b7694d16434584be96240aa91a6b39a31befcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b4:ab:04:d1:92:4b:a5:92:7b:fb:60:2f:82:
3f:d4:5e:fa:0a:db:ad:d7:62:ea:cc:ec:24:37:7b:
d1:c1:b5:cf:0e:9b:3d:e9:6a:f5:bf:c9:ea:15:d7:
13:fc:84:91:fc:26:b4:bb:f3:04:34:2e:d0:5a:c2:
6b:b0:8f:d4:66:e5:10:96:e3:60:63:98:8b:8a:ae:
27:e9:f3:b4:9b:5f:c9:09:59:e6:5b:36:2c:da:7c:
82:95:ad:58:55:0f:6b:23:fc:20:ef:d5:20:10:d2:
55:55:c1:3d:7e:07:8b:93:6a:8d:e3:56:88:4b:8f:
e3:53:c9:dd:22:cc:fe:23:c0:85:6b:4c:0c:e6:3c:
71:a9:73:7f:c8:51:6f:c9:60:49:c3:9f:ab:b3:f0:
4b:62:6b:40:72:3d:7e:e2:1a:09:be:e7:c1:2f:41:
c4:f0:7b:87:73:70:2b:e6:d6:88:52:82:c6:bd:ca:
8b:ad:17:e7:78:b5:4b:e4:1b:da:61:c1:43:b9:fb:
06:c7:09:46:10:3f:43:02:e2:9d:fe:8f:06:4a:2d:
e6:14:6c:99:09:4b:d4:c1:32:59:d2:e9:3f:31:c9:
a0:60:f9:30:75:5a:12:aa:3d:98:83:1e:cf:8d:c8:
86:1b:af:29:52:02:ec:96:0f:c7:68:a0:1c:5b:88:
c0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:76:94:D1:64:34:58:4B:E9:62:40:AA:91:A6:B3:9A:31:BE:FC:EC
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/K3aU0WQ0WEvpYkCqkaazmjG-_Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.203.0/24
185.156.72.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d7:22:0d:07:ad:02:e5:04:48:c7:d2:3a:64:9c:32:3f:bc:
0f:b4:ff:85:de:9f:10:24:db:d2:89:74:db:05:88:5f:a9:ed:
05:43:95:4f:2c:dd:8d:7d:1b:18:10:fe:a2:b4:d0:30:b2:db:
9f:43:82:93:27:fe:b8:46:84:84:0f:74:e6:eb:b2:24:ce:e0:
0d:5e:6e:6f:9b:2f:f8:9b:c9:49:20:86:4d:5f:95:3f:24:62:
48:2c:8b:e6:8d:65:93:21:74:87:22:37:6b:b9:01:16:67:c7:
bc:b6:4a:8e:11:b7:82:2e:b2:b4:5e:76:c5:cb:18:85:a0:fd:
06:fb:12:05:90:54:52:64:9d:97:d0:76:f5:83:8d:ea:bf:25:
a3:2a:25:15:4a:35:e5:c9:70:4c:91:63:f4:0f:29:ba:9f:63:
11:af:df:5f:2c:83:c0:4b:72:38:eb:7b:35:42:1d:2b:36:73:
28:4a:d7:d0:89:85:73:2f:0a:5c:03:31:07:f6:2e:32:98:2c:
55:ec:9e:cf:2d:9d:12:65:89:62:97:a4:3c:d3:16:58:86:7a:
e3:64:5d:ea:a8:1f:92:ed:38:2d:f6:3b:4e:eb:90:5b:66:fd:
f8:69:84:29:a8:92:db:56:ba:31:06:38:68:98:7e:57:9e:98:
11:18:a1:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVseA+hTH+o5iAaLF+92lgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjMwMTAxMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc2OTRkMTY0MzQ1ODRiZTk2MjQwYWE5MWE2YjM5YTMxYmVmY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLSrBNGSS6WSe/tgL4I/1F76Ctut
12LqzOwkN3vRwbXPDps96Wr1v8nqFdcT/ISR/Ca0u/MENC7QWsJrsI/UZuUQluNg
Y5iLiq4n6fO0m1/JCVnmWzYs2nyCla1YVQ9rI/wg79UgENJVVcE9fgeLk2qN41aI
S4/jU8ndIsz+I8CFa0wM5jxxqXN/yFFvyWBJw5+rs/BLYmtAcj1+4hoJvufBL0HE
8HuHc3Ar5taIUoLGvcqLrRfneLVL5BvaYcFDufsGxwlGED9DAuKd/o8GSi3mFGyZ
CUvUwTJZ0uk/McmgYPkwdVoSqj2Ygx7PjciGG68pUgLslg/HaKAcW4jAEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCt2lNFkNFhL6WJAqpGms5oxvvzsMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvSzNhVTBXUTBXRXZwWWtDcWthYXptakctX093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY/LAwQA
uZxIMA0GCSqGSIb3DQEBCwUAA4IBAQCG1yINB60C5QRIx9I6ZJwyP7wPtP+F3p8Q
JNvSiXTbBYhfqe0FQ5VPLN2NfRsYEP6itNAwstufQ4KTJ/64RoSED3Tm67IkzuAN
Xm5vmy/4m8lJIIZNX5U/JGJILIvmjWWTIXSHIjdruQEWZ8e8tkqOEbeCLrK0XnbF
yxiFoP0G+xIFkFRSZJ2X0Hb1g43qvyWjKiUVSjXlyXBMkWP0Dym6n2MRr99fLIPA
S3I463s1Qh0rNnMoStfQiYVzLwpcAzEH9i4ymCxV7J7PLZ0SZYlil6Q80xZYhnrj
ZF3qqB+S7Tgt9jtO65BbZv34aYQpqJLbVroxBjhomH5XnpgRGKGn
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:07:56 2023 by rpki-client on console-ams.rpki-client.org