Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/eaYjvWhM8fOIBirZw6St6NcwQN4.roa
File: eaYjvWhM8fOIBirZw6St6NcwQN4.roa (raw, json)
Hash identifier: rCLPTxLAyYZOtDYyE3P0sWWBz/stMPywuYnYcy8ooEw=
Subject key identifier: 79:A6:23:BD:68:4C:F1:F3:88:06:2A:D9:C3:A4:AD:E8:D7:30:40:DE
Certificate issuer: /CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Certificate serial: 018570E754F158D6F1174ABC0EA171C27739
Authority key identifier: AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/eaYjvWhM8fOIBirZw6St6NcwQN4.roa
Signing time: Mon 02 Jan 2023 05:14:46 +0000
ROA not before: Mon 02 Jan 2023 05:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212832
IP address blocks: 45.152.69.0/24 maxlen: 24
45.152.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:54:f1:58:d6:f1:17:4a:bc:0e:a1:71:c2:77:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaf4969842de9c4c1e1a5759d98d1ed5c0d62ef8
Validity
Not Before: Jan 2 05:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79a623bd684cf1f388062ad9c3a4ade8d73040de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:ad:66:6c:35:03:bd:f9:e5:6a:65:f1:ad:
47:75:99:ed:db:bc:d8:11:43:97:2d:07:bd:21:50:
8a:38:07:1e:ae:3d:48:30:79:e1:99:64:75:9b:b5:
7e:ee:20:8e:e2:d0:46:a2:75:8e:64:81:b9:7d:2c:
5e:7d:b3:57:83:6a:b9:a3:1c:5a:de:e0:ea:1b:7a:
f4:af:96:25:a1:d3:b0:78:82:46:e3:6e:05:c1:f9:
b6:0f:c5:36:8d:79:b0:09:43:54:8d:af:7b:89:9e:
4a:3f:bd:22:32:82:43:01:2b:ef:09:b5:43:99:fa:
e0:0b:32:c4:7e:81:6d:42:cc:3f:43:7a:f7:74:09:
b8:4e:de:16:b7:66:41:d7:64:60:8c:e8:1f:41:f0:
2a:ed:b8:b3:8f:dd:ad:6b:a6:6a:5c:14:29:e6:71:
b8:ba:1e:1a:1e:9c:1e:36:e9:80:94:71:9e:02:d5:
bf:8a:a4:48:e0:f0:46:ff:9d:24:1d:a0:a2:fc:73:
02:06:44:7f:a3:91:dc:cd:d8:8c:79:f1:c2:25:92:
37:00:da:6e:26:1b:0f:63:b4:60:f6:1d:e7:d2:57:
6b:89:af:5d:93:6f:11:3c:7c:e7:e7:6b:63:0f:d8:
37:1a:0f:7f:4d:4a:2c:99:1d:c5:f6:f5:3c:a2:eb:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A6:23:BD:68:4C:F1:F3:88:06:2A:D9:C3:A4:AD:E8:D7:30:40:DE
X509v3 Authority Key Identifier:
keyid:AA:F4:96:98:42:DE:9C:4C:1E:1A:57:59:D9:8D:1E:D5:C0:D6:2E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvSWmELenEweGldZ2Y0e1cDWLvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/eaYjvWhM8fOIBirZw6St6NcwQN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/720f9f-f0b8-44d2-8367-f81fdf74e655/1/qvSWmELenEweGldZ2Y0e1cDWLvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.69.0/24
45.152.71.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:02:a4:0b:69:49:4f:a4:12:11:c3:0c:31:41:1c:e8:8b:8e:
2f:e9:3d:f3:b0:fe:42:f1:81:9e:10:8d:a5:90:d8:00:4c:6b:
e6:cf:d9:97:1e:78:dd:4b:1b:b0:a2:88:1b:11:f2:af:46:7e:
fd:3b:ee:39:81:a9:68:42:97:d7:88:33:73:2d:96:6b:2c:86:
71:a7:1f:e6:8c:11:c0:e9:c0:ce:53:4d:dd:8e:27:a4:ba:2b:
84:3a:d2:94:14:68:7b:06:e7:60:b9:54:35:2a:f4:17:31:9b:
6b:ad:f3:22:4f:44:ad:01:d7:1b:d5:24:cd:82:3b:47:28:f6:
52:3a:00:5a:99:b6:d6:e0:20:fd:3c:fd:a2:de:93:03:6d:dc:
ff:4b:11:a4:79:83:82:93:44:df:de:3b:2e:cd:a3:c3:7b:51:
cf:1b:4a:fa:48:fb:ef:7f:0f:ea:63:e0:1b:a0:14:72:9a:87:
05:4d:53:87:c2:c7:d5:62:f9:f8:aa:61:e0:f3:e7:77:94:80:
0f:90:d4:0b:72:49:c1:78:34:8b:b1:c1:bf:a0:e1:69:0c:88:
15:85:76:5d:7a:a2:7f:d0:fb:8b:a6:94:c7:42:17:ea:77:b0:
7a:49:6c:a4:06:1f:14:4d:a7:68:36:68:a8:55:dc:bc:79:1f:
d1:3f:e8:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw51TxWNbxF0q8DqFxwnc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZjQ5Njk4NDJkZTljNGMxZTFhNTc1OWQ5OGQxZWQ1YzBk
NjJlZjgwHhcNMjMwMTAyMDUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE2MjNiZDY4NGNmMWYzODgwNjJhZDljM2E0YWRlOGQ3MzA0MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM+tZmw1A7355Wpl8a1HdZnt27zY
EUOXLQe9IVCKOAcerj1IMHnhmWR1m7V+7iCO4tBGonWOZIG5fSxefbNXg2q5oxxa
3uDqG3r0r5YlodOweIJG424Fwfm2D8U2jXmwCUNUja97iZ5KP70iMoJDASvvCbVD
mfrgCzLEfoFtQsw/Q3r3dAm4Tt4Wt2ZB12RgjOgfQfAq7bizj92ta6ZqXBQp5nG4
uh4aHpweNumAlHGeAtW/iqRI4PBG/50kHaCi/HMCBkR/o5HczdiMefHCJZI3ANpu
JhsPY7Rg9h3n0ldria9dk28RPHzn52tjD9g3Gg9/TUosmR3F9vU8ouu/cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHmmI71oTPHziAYq2cOkrejXMEDeMB8GA1UdIwQY
MBaAFKr0lphC3pxMHhpXWdmNHtXA1i74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjct
ZjgxZmRmNzRlNjU1LzEvZWFZanZXaE04Zk9JQmlyWnc2U3Q2TmN3UU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83MjBmOWYtZjBiOC00NGQyLTgzNjctZjgxZmRmNzRlNjU1
LzEvcXZTV21FTGVuRXdlR2xkWjJZMGUxY0RXTHZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZhFAwQA
LZhHMA0GCSqGSIb3DQEBCwUAA4IBAQCxAqQLaUlPpBIRwwwxQRzoi44v6T3zsP5C
8YGeEI2lkNgATGvmz9mXHnjdSxuwoogbEfKvRn79O+45galoQpfXiDNzLZZrLIZx
px/mjBHA6cDOU03djiekuiuEOtKUFGh7BudguVQ1KvQXMZtrrfMiT0StAdcb1STN
gjtHKPZSOgBambbW4CD9PP2i3pMDbdz/SxGkeYOCk0Tf3jsuzaPDe1HPG0r6SPvv
fw/qY+AboBRymocFTVOHwsfVYvn4qmHg8+d3lIAPkNQLcknBeDSLscG/oOFpDIgV
hXZdeqJ/0PuLppTHQhfqd7B6SWykBh8UTadoNmioVdy8eR/RP+ga
-----END CERTIFICATE-----
Generated at Tue Jan 2 16:35:18 2024 by rpki-client on console.sobornost.net