Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/2v3a0blDdEGWYpM7eGigw6WsJto.roa
File: 2v3a0blDdEGWYpM7eGigw6WsJto.roa (raw, json)
Hash identifier: cFCU66XoKKXP3xLXYAmuXRDzuuHKQ3qSczyUBp7uU4w=
Subject key identifier: DA:FD:DA:D1:B9:43:74:41:96:62:93:3B:78:68:A0:C3:A5:AC:26:DA
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018ACB780DD20FFDD52F6716685799FC6EBF
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/2v3a0blDdEGWYpM7eGigw6WsJto.roa
Signing time: Mon 25 Sep 2023 08:32:37 +0000
ROA not before: Mon 25 Sep 2023 08:32:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208949
IP address blocks: 45.148.145.0/24 maxlen: 24
45.88.0.0/24 maxlen: 24
45.142.1.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:78:0d:d2:0f:fd:d5:2f:67:16:68:57:99:fc:6e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Sep 25 08:32:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dafddad1b94374419662933b7868a0c3a5ac26da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6b:7d:a5:de:9a:1f:81:65:54:22:5a:58:0d:
25:73:19:38:ce:b4:09:26:42:23:2e:4f:12:d5:ed:
a8:ec:f5:65:e6:ec:79:2d:8e:fd:43:d6:6f:73:51:
08:65:e3:a0:6e:a6:be:74:58:29:a8:e0:eb:05:cb:
cc:60:80:e7:21:d6:20:d4:34:f8:33:87:7e:f8:e6:
b4:09:9d:36:d9:f5:30:c9:ba:39:49:5d:78:93:94:
ae:18:33:72:b6:c0:94:ed:72:66:e9:ff:4d:c5:37:
aa:54:93:4b:62:47:4e:1f:63:ba:ba:60:1e:35:56:
bf:76:90:bd:e7:16:d9:d8:40:ca:b8:92:30:ec:43:
52:6d:cc:39:4e:22:d3:bf:c7:8f:e6:c6:94:b3:9b:
29:0a:2a:13:17:86:66:25:38:34:8c:41:22:d5:ab:
a1:91:42:c7:d6:44:06:5b:f0:e8:5e:61:20:11:b7:
21:b7:a3:8d:ed:cb:56:60:a0:c9:d5:48:75:26:d5:
6c:7f:2f:cf:3f:c1:1b:c9:d5:ee:d9:3f:b3:ba:06:
64:03:a8:53:23:ca:14:77:fb:06:4a:c4:ad:c0:66:
13:3b:e8:ad:a5:af:95:43:eb:c3:0c:b8:1d:29:05:
1b:6f:69:e8:7f:6e:39:c5:83:08:ec:6a:66:f3:5e:
42:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FD:DA:D1:B9:43:74:41:96:62:93:3B:78:68:A0:C3:A5:AC:26:DA
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/2v3a0blDdEGWYpM7eGigw6WsJto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.0.0/24
45.142.1.0-45.142.2.255
45.148.145.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:37:2e:5a:98:39:ac:44:27:88:d1:4b:49:96:1e:c2:39:a3:
75:9d:5a:a4:72:69:c0:a1:cd:25:0c:63:33:a6:23:91:34:06:
3d:75:82:78:7f:36:b7:55:db:2d:9d:40:fa:b3:38:89:4a:c4:
71:e6:06:de:3f:65:f1:f4:b1:15:4b:e1:b0:e9:c7:28:c4:ce:
28:61:24:33:85:04:e6:31:3a:f2:c7:7c:e6:cf:1b:7b:fb:b2:
6c:58:53:4f:7e:5e:eb:91:d9:25:ef:c9:39:20:e2:a0:c9:56:
9a:62:53:66:0a:e3:fa:b5:0f:6d:16:9a:4a:1f:56:85:d9:85:
49:bc:d1:c5:22:b1:04:10:73:a5:2f:cc:da:2d:ca:09:0f:0f:
d4:8a:4c:67:a8:59:ba:14:36:05:56:dd:71:67:98:7e:69:a5:
97:9a:2a:57:fd:c4:f8:d3:54:bd:e5:bf:e4:93:c4:45:9f:4b:
2e:25:e6:15:28:72:52:e0:7c:3a:a3:8f:55:9d:42:2e:60:a1:
5f:cb:aa:ce:18:ce:c6:64:fe:88:bc:6a:f2:59:15:49:0c:70:
8a:17:2c:b9:29:0b:04:4d:8c:87:25:09:02:cd:fb:78:bb:1e:
0b:7a:99:2e:34:e0:1c:c7:58:a1:ad:db:fd:53:82:a1:d4:ff:
03:ea:28:1e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYrLeA3SD/3VL2cWaFeZ/G6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwOTI1MDgzMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWZkZGFkMWI5NDM3NDQxOTY2MjkzM2I3ODY4YTBjM2E1YWMyNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2t9pd6aH4FlVCJaWA0lcxk4zrQJ
JkIjLk8S1e2o7PVl5ux5LY79Q9Zvc1EIZeOgbqa+dFgpqODrBcvMYIDnIdYg1DT4
M4d++Oa0CZ022fUwybo5SV14k5SuGDNytsCU7XJm6f9NxTeqVJNLYkdOH2O6umAe
NVa/dpC95xbZ2EDKuJIw7ENSbcw5TiLTv8eP5saUs5spCioTF4ZmJTg0jEEi1auh
kULH1kQGW/DoXmEgEbcht6ON7ctWYKDJ1Uh1JtVsfy/PP8EbydXu2T+zugZkA6hT
I8oUd/sGSsStwGYTO+itpa+VQ+vDDLgdKQUbb2nof245xYMI7Gpm815CWQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNr92tG5Q3RBlmKTO3hooMOlrCbaMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvMnYzYTBibERkRUdXWXBNN2VHaWd3NldzSnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVgAMAwD
BAAtjgEDBAAtjgIDBAAtlJEwDQYJKoZIhvcNAQELBQADggEBAHw3LlqYOaxEJ4jR
S0mWHsI5o3WdWqRyacChzSUMYzOmI5E0Bj11gnh/NrdV2y2dQPqzOIlKxHHmBt4/
ZfH0sRVL4bDpxyjEzihhJDOFBOYxOvLHfObPG3v7smxYU09+XuuR2SXvyTkg4qDJ
VppiU2YK4/q1D20WmkofVoXZhUm80cUisQQQc6UvzNotygkPD9SKTGeoWboUNgVW
3XFnmH5ppZeaKlf9xPjTVL3lv+STxEWfSy4l5hUoclLgfDqjj1WdQi5goV/Lqs4Y
zsZk/oi8avJZFUkMcIoXLLkpCwRNjIclCQLN+3i7Hgt6mS404BzHWKGt2/1TgqHU
/wPqKB4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:16 2024 by rpki-client on console.sobornost.net