Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/MkYnq1jtD0reamiXuMsTX2kcaWs.roa
File: MkYnq1jtD0reamiXuMsTX2kcaWs.roa (raw, json)
Hash identifier: EoCy/BLvtfhbH1+jpHzrEMTSyOMItc+h5WDuWrOGDbY=
Subject key identifier: 32:46:27:AB:58:ED:0F:4A:DE:6A:68:97:B8:CB:13:5F:69:1C:69:6B
Certificate issuer: /CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Certificate serial: 01856F14A92B0693AE82E35949FF002E5A85
Authority key identifier: D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/MkYnq1jtD0reamiXuMsTX2kcaWs.roa
Signing time: Sun 01 Jan 2023 20:45:02 +0000
ROA not before: Sun 01 Jan 2023 20:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 45.145.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a9:2b:06:93:ae:82:e3:59:49:ff:00:2e:5a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Validity
Not Before: Jan 1 20:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=324627ab58ed0f4ade6a6897b8cb135f691c696b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dc:5d:82:e9:cc:8d:68:7f:ee:99:73:c4:2b:
84:fe:d7:1d:4e:b1:5f:52:14:cf:e7:c6:de:c3:43:
0b:b0:07:85:bc:a7:e2:e7:30:b8:08:cb:08:66:4b:
7b:72:4a:7d:5f:c8:ab:5c:8e:b3:16:72:51:59:ad:
44:3a:b8:6a:f1:89:46:42:0b:03:3b:41:c5:b1:c7:
1f:a3:e1:44:b0:ba:b5:cd:18:67:97:53:02:8e:da:
4a:12:71:80:93:91:50:26:76:a7:ad:c2:59:85:6a:
c4:73:32:93:e4:30:47:93:7f:77:dd:4a:50:03:02:
bf:26:0c:b0:9e:db:c0:bd:b1:2c:48:c3:ae:ab:f2:
76:d3:58:9d:53:b6:b5:ed:cf:75:ca:0a:77:d4:21:
77:0a:3c:ba:76:b4:9f:ec:77:58:8d:37:95:7a:76:
6d:0f:68:c5:65:ba:a7:1f:d4:c3:dc:3c:77:24:f7:
da:f1:6e:1f:3a:a1:19:22:24:05:3e:e9:fa:55:b2:
7a:41:ce:7d:55:d2:c7:fb:4d:32:34:3b:42:41:8c:
b5:c1:5c:1f:bb:ca:5f:57:3a:a9:d4:c1:e5:19:e1:
bd:6d:8a:2e:93:1b:09:ba:cd:89:95:5c:0e:f1:78:
89:db:d5:82:c0:44:fb:3d:02:50:27:f3:e7:75:d2:
7e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:46:27:AB:58:ED:0F:4A:DE:6A:68:97:B8:CB:13:5F:69:1C:69:6B
X509v3 Authority Key Identifier:
keyid:D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/MkYnq1jtD0reamiXuMsTX2kcaWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/0romGKtLYELuJcRnngd15DBtccY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.176.0/22
Signature Algorithm: sha256WithRSAEncryption
54:7d:61:2c:ed:c8:ea:56:04:ac:f0:81:a4:de:09:f7:17:bf:
4b:38:95:bc:4a:4b:5f:4f:8f:6a:93:5f:7e:28:19:92:dd:e5:
33:13:76:94:c3:c4:c2:40:f4:2d:95:40:b4:05:ed:fe:c0:df:
1d:0f:8e:a8:13:7e:24:27:ad:b6:17:12:86:c4:b8:c9:f3:90:
37:28:86:71:2c:69:b5:c8:ac:2b:d1:53:84:53:f6:53:57:21:
f8:27:19:ee:58:78:3d:2d:24:06:e8:0a:b5:7d:75:cb:3c:6e:
28:cc:61:37:be:7d:f6:07:33:48:09:a8:da:d0:c1:50:04:85:
74:a0:80:94:d9:df:4b:c9:43:7f:e0:53:d0:a4:1b:be:d0:6f:
f1:56:70:13:21:4e:40:25:dd:ab:00:40:88:fe:3f:d0:b5:d8:
42:bf:97:a8:f6:3b:17:dc:83:17:2b:7a:d4:16:c8:be:0b:cc:
a9:78:93:75:c9:2d:b4:ce:f2:f9:50:df:97:c1:5c:1f:d6:af:
37:43:71:ef:c7:18:70:aa:96:6d:7e:c7:8b:69:40:35:68:40:
6a:ef:4d:88:d8:83:61:9c:ea:44:08:27:4a:47:a0:a9:b1:17:
c2:5c:9d:1d:32:b8:5f:05:b6:9d:23:4c:b7:80:b6:69:b9:21:
f0:77:dd:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFKkrBpOuguNZSf8ALlqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYmEyNjE4YWI0YjYwNDJlZTI1YzQ2NzllMDc3NWU0MzA2
ZDcxYzYwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ2MjdhYjU4ZWQwZjRhZGU2YTY4OTdiOGNiMTM1ZjY5MWM2OTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptxdgunMjWh/7plzxCuE/tcdTrFf
UhTP58bew0MLsAeFvKfi5zC4CMsIZkt7ckp9X8irXI6zFnJRWa1EOrhq8YlGQgsD
O0HFsccfo+FEsLq1zRhnl1MCjtpKEnGAk5FQJnanrcJZhWrEczKT5DBHk3933UpQ
AwK/JgywntvAvbEsSMOuq/J201idU7a17c91ygp31CF3Cjy6drSf7HdYjTeVenZt
D2jFZbqnH9TD3Dx3JPfa8W4fOqEZIiQFPun6VbJ6Qc59VdLH+00yNDtCQYy1wVwf
u8pfVzqp1MHlGeG9bYoukxsJus2JlVwO8XiJ29WCwET7PQJQJ/PnddJ+NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJGJ6tY7Q9K3mpol7jLE19pHGlrMB8GA1UdIwQY
MBaAFNK6JhirS2BC7iXEZ54HdeQwbXHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAt
OGUwZDUyOTNhYWM4LzEvTWtZbnExanREMHJlYW1pWHVNc1RYMmtjYVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAtOGUwZDUyOTNhYWM4
LzEvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZGwMA0G
CSqGSIb3DQEBCwUAA4IBAQBUfWEs7cjqVgSs8IGk3gn3F79LOJW8SktfT49qk19+
KBmS3eUzE3aUw8TCQPQtlUC0Be3+wN8dD46oE34kJ622FxKGxLjJ85A3KIZxLGm1
yKwr0VOEU/ZTVyH4JxnuWHg9LSQG6Aq1fXXLPG4ozGE3vn32BzNICaja0MFQBIV0
oICU2d9LyUN/4FPQpBu+0G/xVnATIU5AJd2rAECI/j/QtdhCv5eo9jsX3IMXK3rU
Fsi+C8ypeJN1yS20zvL5UN+XwVwf1q83Q3HvxxhwqpZtfseLaUA1aEBq702I2INh
nOpECCdKR6CpsRfCXJ0dMrhfBbadI0y3gLZpuSHwd90l
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:00:56 2024 by rpki-client on console.sobornost.net