Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/AJO68EsOioWb4sYeg0iwsaGCudw.roa
File: AJO68EsOioWb4sYeg0iwsaGCudw.roa (raw, json)
Hash identifier: Gvc23n3sN7ZC752dCdtvmC38xUJPsmGsHJ7GJSD9lpU=
Subject key identifier: 00:93:BA:F0:4B:0E:8A:85:9B:E2:C6:1E:83:48:B0:B1:A1:82:B9:DC
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 01856CB85E8C13ED7DD76B73757F35B7AD6C
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/AJO68EsOioWb4sYeg0iwsaGCudw.roa
Signing time: Sun 01 Jan 2023 09:45:00 +0000
ROA not before: Sun 01 Jan 2023 09:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138195
IP address blocks: 45.94.68.0/22 maxlen: 24
45.154.12.0/22 maxlen: 24
45.141.136.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:5e:8c:13:ed:7d:d7:6b:73:75:7f:35:b7:ad:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 09:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0093baf04b0e8a859be2c61e8348b0b1a182b9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:9b:03:af:cc:61:ef:4d:e3:20:97:c0:39:
b6:6e:9e:56:3f:ce:0f:ae:bb:b2:71:2c:30:8a:34:
32:6b:87:42:67:c4:57:d7:62:0c:ac:51:86:6e:e0:
28:8c:8a:59:22:a9:f5:d3:57:b2:9e:20:a6:be:3e:
31:cc:2e:52:29:04:d9:e8:78:ec:1b:dc:6d:a3:03:
2b:ec:89:fe:1c:39:29:98:b5:ce:14:ff:d9:eb:f1:
40:06:8f:59:54:1e:da:88:42:9b:e9:b6:67:f3:9d:
ee:ba:de:19:12:59:40:a2:f4:88:dc:5a:88:59:bc:
35:b6:ba:bd:fd:46:f6:ca:9a:e3:94:79:3f:a9:9b:
16:c0:da:1e:9e:de:ca:07:6a:01:f3:ed:0f:f1:f3:
95:f6:99:31:62:c5:a9:c7:39:27:87:c9:f6:c3:51:
14:5c:4d:6c:4e:d4:83:ed:70:4b:9d:8d:9f:5f:8e:
55:94:19:52:64:88:05:83:13:9e:81:65:82:e7:7c:
47:5e:af:e2:0b:b9:8e:b9:79:56:24:f0:59:21:87:
48:5d:15:ac:be:14:84:02:23:fe:b3:85:a0:f9:0a:
11:f5:5e:50:eb:61:e4:41:0d:cd:7e:80:ca:1d:9f:
37:6d:f2:3f:fd:d1:51:83:f8:cb:d3:21:fb:00:61:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:93:BA:F0:4B:0E:8A:85:9B:E2:C6:1E:83:48:B0:B1:A1:82:B9:DC
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/AJO68EsOioWb4sYeg0iwsaGCudw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.68.0/22
45.141.136.0/22
45.154.12.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:96:8b:a4:54:45:d0:11:ed:f0:41:ba:07:b4:78:82:6e:83:
15:e1:9d:64:07:3f:1c:63:92:fa:18:61:6b:c8:05:4c:b0:73:
82:b9:ca:40:9f:f5:d5:da:6e:82:2d:57:e3:ab:de:fb:fe:ed:
60:b2:31:d3:8a:20:c7:94:bd:70:01:7a:22:a5:69:df:2d:1d:
be:b8:a6:84:95:be:52:98:a8:d8:87:fc:29:66:c8:ac:a8:9e:
3c:2c:11:37:83:f0:a8:4b:26:80:24:62:f1:5b:08:30:6e:59:
65:8c:e1:2d:44:22:b1:55:99:d4:af:5e:e3:39:ce:ac:db:7e:
54:00:b6:98:7c:cb:3a:e9:dc:37:0b:c5:77:16:e7:b3:16:33:
ad:db:2b:26:5a:be:09:32:e5:c6:54:d6:c9:99:b6:08:fd:54:
5c:58:12:20:bd:c3:c7:b5:80:99:d6:66:ff:72:e3:be:71:4a:
1b:ca:26:01:b8:2d:f5:6c:f6:51:70:62:5f:50:86:f0:2d:f9:
3c:f2:e3:54:3e:2f:95:52:04:55:de:ce:82:8b:c7:0f:18:f2:
37:a7:c7:96:17:a6:28:c3:82:84:9e:ea:40:cc:3c:02:84:0e:
2f:34:6d:53:29:d9:d3:23:af:fa:fb:5b:b9:97:87:99:fd:16:
80:3d:07:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsuF6ME+1912tzdX81t61sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjMwMTAxMDk0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDkzYmFmMDRiMGU4YTg1OWJlMmM2MWU4MzQ4YjBiMWExODJiOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9GbA6/MYe9N4yCXwDm2bp5WP84P
rruycSwwijQya4dCZ8RX12IMrFGGbuAojIpZIqn101eyniCmvj4xzC5SKQTZ6Hjs
G9xtowMr7In+HDkpmLXOFP/Z6/FABo9ZVB7aiEKb6bZn853uut4ZEllAovSI3FqI
Wbw1trq9/Ub2yprjlHk/qZsWwNoent7KB2oB8+0P8fOV9pkxYsWpxzknh8n2w1EU
XE1sTtSD7XBLnY2fX45VlBlSZIgFgxOegWWC53xHXq/iC7mOuXlWJPBZIYdIXRWs
vhSEAiP+s4Wg+QoR9V5Q62HkQQ3NfoDKHZ83bfI//dFRg/jL0yH7AGH5jwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFACTuvBLDoqFm+LGHoNIsLGhgrncMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvQUpPNjhFc09pb1diNHNZZWcwaXdzYUdDdWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLV5EAwQC
LY2IAwQCLZoMMA0GCSqGSIb3DQEBCwUAA4IBAQCjloukVEXQEe3wQboHtHiCboMV
4Z1kBz8cY5L6GGFryAVMsHOCucpAn/XV2m6CLVfjq977/u1gsjHTiiDHlL1wAXoi
pWnfLR2+uKaElb5SmKjYh/wpZsisqJ48LBE3g/CoSyaAJGLxWwgwbllljOEtRCKx
VZnUr17jOc6s235UALaYfMs66dw3C8V3FuezFjOt2ysmWr4JMuXGVNbJmbYI/VRc
WBIgvcPHtYCZ1mb/cuO+cUobyiYBuC31bPZRcGJfUIbwLfk88uNUPi+VUgRV3s6C
i8cPGPI3p8eWF6Yow4KEnupAzDwChA4vNG1TKdnTI6/6+1u5l4eZ/RaAPQfN
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:58 2024 by rpki-client on console-fra.rpki-client.org