Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/OotJoobHqTk2Lxkw36XFxd1yHWo.roa
File: OotJoobHqTk2Lxkw36XFxd1yHWo.roa (raw, json)
Hash identifier: jWhp1GWm02hcH9SHajQpAR0saMyJHlpQQ+Nf4CN4NjI=
Subject key identifier: 3A:8B:49:A2:86:C7:A9:39:36:2F:19:30:DF:A5:C5:C5:DD:72:1D:6A
Certificate issuer: /CN=74fb3a6b7fc28e8674e611cb098076f0e4c557c2
Certificate serial: 0185704BE58DD10F64AC7B7E2B1C23D05CB3
Authority key identifier: 74:FB:3A:6B:7F:C2:8E:86:74:E6:11:CB:09:80:76:F0:E4:C5:57:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dPs6a3_CjoZ05hHLCYB28OTFV8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/OotJoobHqTk2Lxkw36XFxd1yHWo.roa
Signing time: Mon 02 Jan 2023 02:25:00 +0000
ROA not before: Mon 02 Jan 2023 02:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209004
IP address blocks: 45.11.75.0/24 maxlen: 24
45.11.72.0/22 maxlen: 24
45.11.72.0/24 maxlen: 24
45.11.72.0/23 maxlen: 24
45.11.73.0/24 maxlen: 24
45.11.74.0/23 maxlen: 23
45.11.74.0/24 maxlen: 24
2a0e:6700::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e5:8d:d1:0f:64:ac:7b:7e:2b:1c:23:d0:5c:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74fb3a6b7fc28e8674e611cb098076f0e4c557c2
Validity
Not Before: Jan 2 02:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a8b49a286c7a939362f1930dfa5c5c5dd721d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:de:72:ee:49:10:d5:32:72:7d:75:94:49:53:
42:cc:c9:bd:24:0a:3d:20:df:2a:16:7d:f2:e9:26:
ad:04:51:b1:3d:de:69:ff:12:44:7c:c9:5a:e9:47:
17:b6:58:cd:78:1d:74:3b:17:07:8e:5e:85:ef:2a:
c0:be:e6:91:29:07:e0:7a:9b:3f:e0:d7:2f:44:f8:
10:a5:fa:05:a3:ab:96:81:28:1e:04:4a:3f:96:62:
6d:57:ba:06:60:f5:49:34:b9:0f:03:36:78:9c:0d:
91:29:ee:60:1a:2b:b6:5f:28:f3:a6:8a:25:45:e1:
a4:ed:e5:01:ab:95:d0:9a:82:9f:8b:3c:e9:c1:16:
a1:5c:15:c6:ee:57:9a:b0:9d:99:7f:f7:4b:0e:bb:
8e:c4:64:d1:3f:80:ce:6a:26:ab:4a:c6:d5:75:15:
94:34:bf:02:26:d2:87:1c:ff:b6:b2:2a:f7:bc:a7:
7f:ef:17:60:8c:4e:02:49:35:62:8b:53:0e:f1:2d:
ca:e5:15:e0:c2:34:76:fe:7c:86:e8:5e:89:3f:fc:
b1:b0:33:09:ea:3e:8e:85:03:fe:9b:14:5b:02:e8:
9d:fd:b8:43:68:80:10:85:53:44:49:1f:34:23:d9:
d2:4f:f2:99:c5:23:8f:6c:5f:2c:58:4d:a3:fe:ee:
37:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8B:49:A2:86:C7:A9:39:36:2F:19:30:DF:A5:C5:C5:DD:72:1D:6A
X509v3 Authority Key Identifier:
keyid:74:FB:3A:6B:7F:C2:8E:86:74:E6:11:CB:09:80:76:F0:E4:C5:57:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dPs6a3_CjoZ05hHLCYB28OTFV8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/OotJoobHqTk2Lxkw36XFxd1yHWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/ca0f55-5774-45de-a6c0-782c780e7c1c/1/dPs6a3_CjoZ05hHLCYB28OTFV8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.72.0/22
IPv6:
2a0e:6700::/29
Signature Algorithm: sha256WithRSAEncryption
09:b2:75:d1:9e:13:a9:65:b8:25:06:d5:99:9a:b6:df:2f:cb:
dd:5c:c1:09:26:21:1b:a9:13:72:70:18:5d:75:ae:e0:e1:57:
41:0d:ee:5f:0a:2e:62:97:58:4d:e0:c8:fa:02:cf:34:24:58:
ac:fd:b5:5b:2f:b2:ad:1a:29:47:ca:cb:26:7a:f2:b6:07:b0:
d3:5d:16:e5:63:80:27:52:8a:51:50:57:ea:79:53:3c:b8:0f:
80:82:62:1d:bc:59:30:07:e5:32:75:aa:49:53:d9:10:b6:ec:
50:8e:43:bf:ac:ea:f1:8b:b5:b6:cd:46:39:ea:d1:e1:9f:42:
d8:ce:7b:33:ce:fa:4e:21:72:89:f4:5b:ea:54:34:c0:5d:b8:
9a:21:70:c2:51:40:00:3e:09:1b:e2:94:88:f5:9b:2e:0d:02:
91:de:c5:b5:b9:f8:84:4e:15:2d:ce:e5:f5:f0:28:2e:b6:6f:
1b:73:aa:05:60:fe:85:dd:e2:b8:5b:fe:9e:52:0b:89:61:6b:
34:10:9d:d6:ea:6b:65:82:85:b0:ce:0a:df:0a:4e:bf:45:cd:
4b:ac:a2:e6:94:a2:84:ef:a2:c0:55:ad:17:c4:4a:47:70:fd:
a1:1f:ae:58:d8:ae:93:0a:c5:45:ee:b5:65:84:c7:86:20:9f:
85:b5:3a:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwS+WN0Q9krHt+Kxwj0FyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZmIzYTZiN2ZjMjhlODY3NGU2MTFjYjA5ODA3NmYwZTRj
NTU3YzIwHhcNMjMwMTAyMDIyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYThiNDlhMjg2YzdhOTM5MzYyZjE5MzBkZmE1YzVjNWRkNzIxZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7N5y7kkQ1TJyfXWUSVNCzMm9JAo9
IN8qFn3y6SatBFGxPd5p/xJEfMla6UcXtljNeB10OxcHjl6F7yrAvuaRKQfgeps/
4NcvRPgQpfoFo6uWgSgeBEo/lmJtV7oGYPVJNLkPAzZ4nA2RKe5gGiu2Xyjzpool
ReGk7eUBq5XQmoKfizzpwRahXBXG7leasJ2Zf/dLDruOxGTRP4DOaiarSsbVdRWU
NL8CJtKHHP+2sir3vKd/7xdgjE4CSTVii1MO8S3K5RXgwjR2/nyG6F6JP/yxsDMJ
6j6OhQP+mxRbAuid/bhDaIAQhVNESR80I9nST/KZxSOPbF8sWE2j/u43cQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDqLSaKGx6k5Ni8ZMN+lxcXdch1qMB8GA1UdIwQY
MBaAFHT7Omt/wo6GdOYRywmAdvDkxVfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFBzNmEzX0Nqb1owNWhITENZQjI4T1RGVjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jYTBmNTUtNTc3NC00NWRlLWE2YzAt
NzgyYzc4MGU3YzFjLzEvT290Sm9vYkhxVGsyTHhrdzM2WEZ4ZDF5SFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jYTBmNTUtNTc3NC00NWRlLWE2YzAtNzgyYzc4MGU3YzFj
LzEvZFBzNmEzX0Nqb1owNWhITENZQjI4T1RGVjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQtIMA0E
AgACMAcDBQMqDmcAMA0GCSqGSIb3DQEBCwUAA4IBAQAJsnXRnhOpZbglBtWZmrbf
L8vdXMEJJiEbqRNycBhdda7g4VdBDe5fCi5il1hN4Mj6As80JFis/bVbL7KtGilH
yssmevK2B7DTXRblY4AnUopRUFfqeVM8uA+AgmIdvFkwB+UydapJU9kQtuxQjkO/
rOrxi7W2zUY56tHhn0LYznszzvpOIXKJ9FvqVDTAXbiaIXDCUUAAPgkb4pSI9Zsu
DQKR3sW1ufiEThUtzuX18Cgutm8bc6oFYP6F3eK4W/6eUguJYWs0EJ3W6mtlgoWw
zgrfCk6/Rc1LrKLmlKKE76LAVa0XxEpHcP2hH65Y2K6TCsVF7rVlhMeGIJ+FtTol
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:44 2024 by rpki-client on console-fra.rpki-client.org