Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Fq81KrmrasqytMvCwOi3uknDnuM.roa
File: Fq81KrmrasqytMvCwOi3uknDnuM.roa (raw, json)
Hash identifier: xOm2xjEfuOjT0g3iGBRJNc5aA9DGqgyY3gFZR88TE4U=
Subject key identifier: 16:AF:35:2A:B9:AB:6A:CA:B2:B4:CB:C2:C0:E8:B7:BA:49:C3:9E:E3
Certificate issuer: /CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Certificate serial: 01856CB85F046517851044AF53F8295D32A9
Authority key identifier: 5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Fq81KrmrasqytMvCwOi3uknDnuM.roa
Signing time: Sun 01 Jan 2023 09:45:00 +0000
ROA not before: Sun 01 Jan 2023 09:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140224
IP address blocks: 45.81.128.0/24 maxlen: 24
45.135.116.0/23 maxlen: 24
45.91.83.0/24 maxlen: 24
45.91.82.0/24 maxlen: 24
45.91.81.0/24 maxlen: 24
45.91.80.0/24 maxlen: 24
45.155.222.0/23 maxlen: 24
45.140.88.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:5f:04:65:17:85:10:44:af:53:f8:29:5d:32:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b2dd9fe628b6bc10141de0241766a1b7a63193f
Validity
Not Before: Jan 1 09:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16af352ab9ab6acab2b4cbc2c0e8b7ba49c39ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ba:0f:da:81:e7:0f:a6:12:54:e5:e1:4c:ee:
e5:fb:a3:f6:1c:1b:35:0e:a9:9f:a7:00:a9:28:ce:
a0:ae:98:9a:55:3a:55:e7:da:e9:d4:e4:68:3b:98:
a3:b1:81:9a:fa:60:62:57:9f:63:60:2d:ff:29:74:
74:0f:6e:ee:1d:bc:c9:3e:02:cc:77:64:a1:c2:90:
29:a3:25:27:4e:ee:72:1a:55:53:0b:90:05:1b:a2:
9a:1a:32:41:78:aa:37:52:61:60:d7:3f:04:31:d0:
08:3e:b7:20:9c:69:ce:61:b0:be:8d:4d:d7:8d:18:
8a:a9:8d:ce:ff:ca:50:76:35:ea:11:9d:2b:7d:58:
74:ae:76:35:d9:55:4f:0e:f1:6d:c5:d9:65:f0:e1:
bd:71:c4:e5:53:0f:7d:e1:9a:84:90:00:bd:c6:d4:
7b:79:c6:65:41:41:fd:85:6b:f2:3b:87:8f:7d:d5:
32:33:54:89:95:52:d4:00:b9:32:b2:e4:6e:ec:65:
dd:87:9a:e0:1e:ec:68:27:18:3e:fc:e8:48:bc:e5:
fa:61:b9:ff:81:11:2c:1f:7c:09:20:75:b0:2d:24:
b1:49:9f:45:b1:ed:98:28:d8:3b:33:1f:16:32:d2:
fe:3f:be:50:8c:3f:58:3f:12:9b:2e:a9:61:a0:5a:
ce:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:AF:35:2A:B9:AB:6A:CA:B2:B4:CB:C2:C0:E8:B7:BA:49:C3:9E:E3
X509v3 Authority Key Identifier:
keyid:5B:2D:D9:FE:62:8B:6B:C1:01:41:DE:02:41:76:6A:1B:7A:63:19:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Fq81KrmrasqytMvCwOi3uknDnuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4de889-dc9d-41e5-b3aa-0d7b551f828c/1/Wy3Z_mKLa8EBQd4CQXZqG3pjGT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.128.0/24
45.91.80.0/22
45.135.116.0/23
45.140.88.0/23
45.155.222.0/23
Signature Algorithm: sha256WithRSAEncryption
16:28:0c:a6:56:ec:6d:f6:dd:47:1f:40:a1:63:ae:14:9b:c3:
c2:18:21:e3:f9:a5:1c:f8:53:42:55:b2:85:9b:6f:5e:c0:84:
e6:19:de:14:af:d5:7c:00:cb:c9:a7:1f:96:b4:35:af:9f:c0:
23:62:37:b9:32:bd:b0:5d:24:ec:6b:0c:c6:5a:83:29:86:f8:
30:ba:a3:15:d6:31:d7:52:f5:9d:c6:ef:b1:83:49:ed:e0:a0:
3d:7b:41:24:5c:b2:a4:90:0b:cf:ac:16:4c:e1:45:0e:67:bf:
8d:cd:5b:83:9d:7e:b4:0b:9c:a8:2a:2c:2c:48:02:ad:a2:dd:
00:93:5e:4e:1b:6c:2f:41:78:ae:d5:03:09:b0:15:92:1d:46:
24:84:79:c4:b9:03:be:c4:99:b8:1b:2b:fe:de:d0:21:a5:83:
0d:d7:56:70:12:25:21:a3:9c:29:46:23:6c:35:33:da:92:cb:
f0:3a:73:61:69:4d:42:60:c5:fe:d1:2e:ba:de:04:66:10:59:
08:a1:d6:94:01:65:0c:af:da:75:61:1f:6e:48:64:d6:a0:85:
14:13:df:ba:22:71:95:ff:af:e4:34:2f:bf:36:16:68:48:2b:
f6:43:23:85:30:fc:9c:19:15:4b:54:70:6c:89:40:24:54:35:
99:e0:f7:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsuF8EZReFEESvU/gpXTKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMmRkOWZlNjI4YjZiYzEwMTQxZGUwMjQxNzY2YTFiN2E2
MzE5M2YwHhcNMjMwMTAxMDk0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmFmMzUyYWI5YWI2YWNhYjJiNGNiYzJjMGU4YjdiYTQ5YzM5ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuboP2oHnD6YSVOXhTO7l+6P2HBs1
DqmfpwCpKM6grpiaVTpV59rp1ORoO5ijsYGa+mBiV59jYC3/KXR0D27uHbzJPgLM
d2ShwpApoyUnTu5yGlVTC5AFG6KaGjJBeKo3UmFg1z8EMdAIPrcgnGnOYbC+jU3X
jRiKqY3O/8pQdjXqEZ0rfVh0rnY12VVPDvFtxdll8OG9ccTlUw994ZqEkAC9xtR7
ecZlQUH9hWvyO4ePfdUyM1SJlVLUALkysuRu7GXdh5rgHuxoJxg+/OhIvOX6Ybn/
gREsH3wJIHWwLSSxSZ9Fse2YKNg7Mx8WMtL+P75QjD9YPxKbLqlhoFrOoQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBavNSq5q2rKsrTLwsDot7pJw57jMB8GA1UdIwQY
MBaAFFst2f5ii2vBAUHeAkF2aht6Yxk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEt
MGQ3YjU1MWY4MjhjLzEvRnE4MUtybXJhc3F5dE12Q3dPaTN1a25EbnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80ZGU4ODktZGM5ZC00MWU1LWIzYWEtMGQ3YjU1MWY4Mjhj
LzEvV3kzWl9tS0xhOEVCUWQ0Q1FYWnFHM3BqR1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVGAAwQC
LVtQAwQBLYd0AwQBLYxYAwQBLZveMA0GCSqGSIb3DQEBCwUAA4IBAQAWKAymVuxt
9t1HH0ChY64Um8PCGCHj+aUc+FNCVbKFm29ewITmGd4Ur9V8AMvJpx+WtDWvn8Aj
Yje5Mr2wXSTsawzGWoMphvgwuqMV1jHXUvWdxu+xg0nt4KA9e0EkXLKkkAvPrBZM
4UUOZ7+NzVuDnX60C5yoKiwsSAKtot0Ak15OG2wvQXiu1QMJsBWSHUYkhHnEuQO+
xJm4Gyv+3tAhpYMN11ZwEiUho5wpRiNsNTPaksvwOnNhaU1CYMX+0S663gRmEFkI
odaUAWUMr9p1YR9uSGTWoIUUE9+6InGV/6/kNC+/NhZoSCv2QyOFMPycGRVLVHBs
iUAkVDWZ4PdP
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:23 2024 by rpki-client on console-ams.rpki-client.org