Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/4nQwwqrMIIKjrR3lP5ou0WLxWA0.roa
File: 4nQwwqrMIIKjrR3lP5ou0WLxWA0.roa (raw, json)
Hash identifier: GHCtbcQoe5bkiEw+OTxNakS404esIJk7HUwvp4nzjq0=
Subject key identifier: E2:74:30:C2:AA:CC:20:82:A3:AD:1D:E5:3F:9A:2E:D1:62:F1:58:0D
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018B84AFCE785D03C426C304C5BB6E21490D
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/4nQwwqrMIIKjrR3lP5ou0WLxWA0.roa
Signing time: Tue 31 Oct 2023 07:43:15 +0000
ROA not before: Tue 31 Oct 2023 07:43:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.85.14.0/24 maxlen: 24
45.85.15.0/24 maxlen: 24
193.43.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:af:ce:78:5d:03:c4:26:c3:04:c5:bb:6e:21:49:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Oct 31 07:43:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e27430c2aacc2082a3ad1de53f9a2ed162f1580d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8a:cf:b3:6b:30:21:48:d8:09:6b:0c:1a:f6:
8d:de:38:aa:93:dc:7e:36:df:4c:fb:24:bf:38:5d:
8a:9f:e2:68:04:c5:25:13:20:b6:c5:da:a9:19:96:
33:98:75:09:86:fa:0b:6b:f4:a2:d1:6a:9c:7a:7f:
7a:d8:49:4c:9c:63:fa:1f:fe:20:55:53:4a:ea:3e:
b0:bb:10:26:d8:46:66:3a:d7:c3:8e:d4:33:a9:75:
86:19:56:34:36:56:a8:b4:fb:6c:af:65:a5:e0:3d:
22:d1:96:a8:c9:5a:fc:fb:f8:46:c4:55:68:6a:c6:
a8:63:67:0e:f4:f5:82:c4:3b:23:0f:fa:f6:a2:a5:
3c:40:6b:32:8c:d5:75:09:25:23:f5:d0:88:04:aa:
5f:ad:87:1e:28:db:c4:13:2a:72:ad:e1:97:e0:98:
0f:db:11:75:38:64:3e:40:98:c6:20:2c:20:76:0c:
1f:3b:ba:61:0a:a6:63:ba:19:1b:ab:e7:4c:b8:fd:
a9:bc:bc:65:f4:59:d8:26:0e:91:db:27:1c:2d:52:
b8:79:22:e7:a2:50:a3:fe:8f:66:54:24:c0:3a:80:
de:ad:d4:53:05:4e:bc:c8:4a:3f:cb:08:57:a3:9e:
ec:8d:b7:77:82:fc:3d:ae:a3:0d:a8:81:93:f4:ac:
7f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:74:30:C2:AA:CC:20:82:A3:AD:1D:E5:3F:9A:2E:D1:62:F1:58:0D
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/4nQwwqrMIIKjrR3lP5ou0WLxWA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.14.0/23
193.43.138.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:82:1b:bc:d4:42:f4:d6:d6:5d:76:ef:c7:a9:26:f3:67:8d:
89:9a:4d:5a:3b:e0:8b:ab:ab:f2:be:6b:54:ec:f9:9c:4c:29:
25:c6:81:ca:25:59:61:07:d9:cb:90:38:d2:a5:c8:36:4f:7d:
e7:c6:19:23:da:11:fa:fd:40:65:34:8a:65:03:71:85:eb:ba:
24:89:fe:45:4c:44:22:59:da:8d:92:6b:c4:f0:d5:35:f4:ef:
eb:07:35:aa:3a:a5:6e:5b:d2:cb:18:ed:79:cf:9a:ef:e1:11:
73:21:98:95:52:a0:17:13:e6:b2:5a:ef:95:65:b4:5d:4e:82:
c2:47:cb:2a:8c:b7:8f:d2:3c:48:72:54:19:c5:d1:6d:24:d0:
1a:17:39:22:19:1c:12:29:5e:ad:ca:44:fe:7b:a5:78:03:69:
c6:a5:8f:65:a5:be:7f:7a:97:7c:c4:6f:4b:36:1a:a2:3a:b2:
64:ce:56:bb:b9:d9:16:d4:5d:65:e5:4b:27:fd:75:46:e4:a2:
cd:a5:b4:31:09:27:97:bc:dc:9b:ee:f6:46:2b:52:cd:a3:24:
4c:88:ba:31:d2:39:19:6f:63:17:ee:14:ff:ae:ed:d4:1b:02:
61:88:cf:f4:ca:07:07:74:3a:36:9f:77:c6:15:89:ad:23:de:
41:15:10:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuEr854XQPEJsMExbtuIUkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjMxMDMxMDc0MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjc0MzBjMmFhY2MyMDgyYTNhZDFkZTUzZjlhMmVkMTYyZjE1ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IrPs2swIUjYCWsMGvaN3jiqk9x+
Nt9M+yS/OF2Kn+JoBMUlEyC2xdqpGZYzmHUJhvoLa/Si0Wqcen962ElMnGP6H/4g
VVNK6j6wuxAm2EZmOtfDjtQzqXWGGVY0NlaotPtsr2Wl4D0i0ZaoyVr8+/hGxFVo
asaoY2cO9PWCxDsjD/r2oqU8QGsyjNV1CSUj9dCIBKpfrYceKNvEEypyreGX4JgP
2xF1OGQ+QJjGICwgdgwfO7phCqZjuhkbq+dMuP2pvLxl9FnYJg6R2yccLVK4eSLn
olCj/o9mVCTAOoDerdRTBU68yEo/ywhXo57sjbd3gvw9rqMNqIGT9Kx/ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOJ0MMKqzCCCo60d5T+aLtFi8VgNMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvNG5Rd3dxck1JSUtqclIzbFA1b3UwV0x4V0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVUOAwQA
wSuKMA0GCSqGSIb3DQEBCwUAA4IBAQCKghu81EL01tZddu/HqSbzZ42Jmk1aO+CL
q6vyvmtU7PmcTCklxoHKJVlhB9nLkDjSpcg2T33nxhkj2hH6/UBlNIplA3GF67ok
if5FTEQiWdqNkmvE8NU19O/rBzWqOqVuW9LLGO15z5rv4RFzIZiVUqAXE+ayWu+V
ZbRdToLCR8sqjLeP0jxIclQZxdFtJNAaFzkiGRwSKV6tykT+e6V4A2nGpY9lpb5/
epd8xG9LNhqiOrJkzla7udkW1F1l5Usn/XVG5KLNpbQxCSeXvNyb7vZGK1LNoyRM
iLox0jkZb2MX7hT/ru3UGwJhiM/0ygcHdDo2n3fGFYmtI95BFRDy
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:59 2024 by rpki-client on console-ams.rpki-client.org