Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/tGELIFumf925DrrCPTm0WJQfZxA.roa
File: tGELIFumf925DrrCPTm0WJQfZxA.roa (raw, json)
Hash identifier: UjNBCMK5jgrPCGJfy2YuteNaXmOGJY98IHf8PHIJmmg=
Subject key identifier: B4:61:0B:20:5B:A6:7F:DD:B9:0E:BA:C2:3D:39:B4:58:94:1F:67:10
Certificate issuer: /CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Certificate serial: 018634D6A75043DCAC476AF1F5AF011C0A50
Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/tGELIFumf925DrrCPTm0WJQfZxA.roa
Signing time: Thu 09 Feb 2023 06:22:08 +0000
ROA not before: Thu 09 Feb 2023 06:22:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208339
IP address blocks: 45.143.204.0/24 maxlen: 24
45.143.204.0/23 maxlen: 23
45.143.204.0/22 maxlen: 22
45.143.205.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:34:d6:a7:50:43:dc:ac:47:6a:f1:f5:af:01:1c:0a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Validity
Not Before: Feb 9 06:22:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4610b205ba67fddb90ebac23d39b458941f6710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:34:7f:58:59:4c:07:84:b5:d8:c4:79:42:aa:
a9:df:1e:f0:0c:a2:07:b9:fe:4c:d7:3e:18:aa:77:
73:a9:5e:07:0d:6b:f3:69:df:07:8c:5b:b5:7d:94:
24:fe:09:d1:47:db:0a:f6:f9:c3:52:88:18:05:d1:
2a:a0:d3:7a:df:0e:db:ed:3f:cd:84:29:46:09:6a:
64:5e:6b:1a:18:b1:aa:56:84:58:db:e3:73:8d:a5:
7b:98:d6:b7:c3:31:1c:98:11:83:2e:86:6e:10:98:
14:f1:b5:77:1d:a1:2e:e7:1e:fc:f6:df:9e:f9:35:
81:98:94:73:ee:6e:7f:0e:50:5a:d8:14:f5:44:b2:
41:c6:ee:7f:5f:c7:bd:b0:4f:f9:06:af:a2:c4:9d:
23:2c:a2:5b:c3:f4:a8:f2:ab:10:cd:ac:d4:fc:5d:
f5:58:b3:1c:cd:f6:93:50:df:1f:e0:4b:a1:d0:d5:
47:30:7a:06:16:3a:33:47:b0:06:89:93:cb:a3:42:
3e:3f:2d:c7:89:87:61:4b:db:ee:86:3d:e1:62:8b:
af:66:69:0c:a0:3d:26:1d:e3:05:55:b0:9a:cf:7a:
7c:63:ce:22:fb:a1:b6:79:81:79:d6:6b:59:82:c1:
b8:02:34:3b:83:1d:0d:5d:2b:97:f3:7d:62:72:b3:
36:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:61:0B:20:5B:A6:7F:DD:B9:0E:BA:C2:3D:39:B4:58:94:1F:67:10
X509v3 Authority Key Identifier:
keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/tGELIFumf925DrrCPTm0WJQfZxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.204.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:e7:53:62:66:74:7e:63:eb:26:f4:16:f3:5d:aa:26:11:e5:
9d:4a:91:b2:c6:65:af:ba:d1:59:cc:65:3c:45:5c:bf:f7:0c:
66:fd:51:09:f4:79:7b:45:76:c1:a8:92:b8:04:76:6c:81:78:
30:5d:b2:34:2c:d3:9f:d6:cc:ed:a6:cc:c4:d0:f4:be:05:44:
ee:46:47:ff:26:cb:81:8f:81:ad:94:af:34:cb:98:8a:15:db:
8b:cc:f4:ee:da:e6:69:cd:6a:c2:dd:c4:f1:64:ae:7a:bb:da:
29:2a:e7:7b:a4:ca:2b:7d:ae:50:bb:f0:1a:27:9d:05:bd:f3:
84:21:a4:12:65:63:70:17:6c:d6:b4:82:5a:b5:30:66:29:96:
28:5e:9f:60:71:75:53:ea:0a:ed:63:55:98:f4:ed:da:45:a9:
c9:75:fa:3b:5c:ad:76:3a:a2:71:f9:18:2e:94:23:61:c2:c1:
1b:02:08:39:de:5e:de:ce:b5:5c:f3:db:7c:51:4d:61:8e:4f:
96:ba:17:a4:bd:ff:cb:53:5e:1b:bc:84:b9:83:c1:f8:48:0a:
16:7a:5d:bf:57:80:77:21:99:ac:b7:86:9e:0b:45:d2:c9:e3:
4f:9d:78:92:c0:a1:92:b8:19:d6:bc:ef:3b:4f:93:dd:3e:69:
47:df:20:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY01qdQQ9ysR2rx9a8BHApQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4
YTFiZDkwHhcNMjMwMjA5MDYyMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDYxMGIyMDViYTY3ZmRkYjkwZWJhYzIzZDM5YjQ1ODk0MWY2NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDR/WFlMB4S12MR5Qqqp3x7wDKIH
uf5M1z4YqndzqV4HDWvzad8HjFu1fZQk/gnRR9sK9vnDUogYBdEqoNN63w7b7T/N
hClGCWpkXmsaGLGqVoRY2+NzjaV7mNa3wzEcmBGDLoZuEJgU8bV3HaEu5x789t+e
+TWBmJRz7m5/DlBa2BT1RLJBxu5/X8e9sE/5Bq+ixJ0jLKJbw/So8qsQzazU/F31
WLMczfaTUN8f4Euh0NVHMHoGFjozR7AGiZPLo0I+Py3HiYdhS9vuhj3hYouvZmkM
oD0mHeMFVbCaz3p8Y84i+6G2eYF51mtZgsG4AjQ7gx0NXSuX831icrM2IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRhCyBbpn/duQ66wj05tFiUH2cQMB8GA1UdIwQY
MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt
MjhmYzcwNjNkOTUyLzEvdEdFTElGdW1mOTI1RHJyQ1BUbTBXSlFmWnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy
LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY/MMA0G
CSqGSIb3DQEBCwUAA4IBAQC951NiZnR+Y+sm9BbzXaomEeWdSpGyxmWvutFZzGU8
RVy/9wxm/VEJ9Hl7RXbBqJK4BHZsgXgwXbI0LNOf1sztpszE0PS+BUTuRkf/JsuB
j4GtlK80y5iKFduLzPTu2uZpzWrC3cTxZK56u9opKud7pMorfa5Qu/AaJ50FvfOE
IaQSZWNwF2zWtIJatTBmKZYoXp9gcXVT6grtY1WY9O3aRanJdfo7XK12OqJx+Rgu
lCNhwsEbAgg53l7ezrVc89t8UU1hjk+Wuhekvf/LU14bvIS5g8H4SAoWel2/V4B3
IZmst4aeC0XSyeNPnXiSwKGSuBnWvO87T5PdPmlH3yAH
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:27 2023 by rpki-client on console.sobornost.net