Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/Uq0YbOeedWZg76YbDOWJDKntSuo.roa
File: Uq0YbOeedWZg76YbDOWJDKntSuo.roa (raw, json)
Hash identifier: QI2nr/JkrHWHxQma40EDDz1VlUeJgRbEQSLbMClMfZ8=
Subject key identifier: 52:AD:18:6C:E7:9E:75:66:60:EF:A6:1B:0C:E5:89:0C:A9:ED:4A:EA
Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Certificate serial: 018703B021DFF6051B1846DD2D162ADEE599
Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/Uq0YbOeedWZg76YbDOWJDKntSuo.roa
Signing time: Tue 21 Mar 2023 10:21:27 +0000
ROA not before: Tue 21 Mar 2023 10:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 45.66.40.0/22 maxlen: 24
2a10:9301::/36 maxlen: 42
2a10:9300::/29 maxlen: 36
2a10:9300::/36 maxlen: 42
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:b0:21:df:f6:05:1b:18:46:dd:2d:16:2a:de:e5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Validity
Not Before: Mar 21 10:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52ad186ce79e756660efa61b0ce5890ca9ed4aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0e:e3:a5:b7:91:cf:c9:49:a6:42:66:14:4f:
f6:1d:e9:e7:f0:13:a3:63:3f:46:6b:b9:70:f8:c4:
d6:31:3d:19:cf:b9:85:af:ab:d5:d4:67:cb:72:3e:
42:54:a8:d2:c4:c6:ac:49:99:4a:d2:99:6a:ad:9d:
e5:2f:86:14:9a:c2:ea:ee:fe:f4:f3:7b:1c:44:4f:
46:a3:d6:f0:9e:cb:a6:e0:6c:35:a5:dc:b9:89:8f:
f9:aa:c3:aa:f7:08:4c:3a:22:81:9c:86:35:c1:23:
53:9f:46:f8:d5:9e:bd:a4:07:6a:eb:d7:f9:36:34:
1a:8a:68:c5:13:89:cc:78:5c:47:24:8c:09:67:0c:
c3:14:c5:5e:d4:62:ce:e9:9c:f0:89:b1:08:37:98:
a5:13:5d:42:bc:d8:3b:c6:83:75:f5:f8:ea:fd:f4:
c8:a8:d9:74:4d:65:c7:79:fc:fd:67:c2:f3:d2:12:
cc:86:a4:8c:c5:6b:21:87:52:a6:b1:32:5a:85:9e:
0d:fd:6f:00:ea:62:a7:ca:70:b2:e9:d9:0d:16:dd:
23:98:12:c0:d7:e8:51:b4:db:16:71:93:34:04:ac:
ee:a5:00:02:98:40:0b:93:c4:e5:c2:fb:bc:17:34:
b2:a3:a8:36:4d:3a:b5:96:ab:71:2e:4d:dc:fa:f6:
00:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AD:18:6C:E7:9E:75:66:60:EF:A6:1B:0C:E5:89:0C:A9:ED:4A:EA
X509v3 Authority Key Identifier:
keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/Uq0YbOeedWZg76YbDOWJDKntSuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.40.0/22
IPv6:
2a10:9300::/29
Signature Algorithm: sha256WithRSAEncryption
53:59:b7:39:dd:3d:b8:f2:78:a8:d9:62:fc:79:c2:b5:9b:54:
3a:60:51:07:44:81:86:3c:6f:f3:07:2a:4d:7b:65:51:43:65:
2d:05:66:40:c3:6e:eb:e4:fd:ab:09:20:aa:58:04:be:34:f6:
97:14:96:c1:82:2d:48:41:ae:d4:9e:41:64:fa:fa:69:f1:31:
84:c2:ff:ee:4d:57:38:d6:e0:83:45:2a:02:79:62:58:08:20:
16:48:ef:d7:b2:b1:7b:33:f4:8b:9e:3c:c2:61:06:d9:c9:6a:
94:e0:31:d1:c7:8c:7f:6e:36:1d:19:b6:b9:e8:a9:12:29:37:
f3:5c:8b:68:d9:bd:ce:d3:04:84:33:02:fe:14:7b:9d:2d:9e:
c3:04:a2:c9:18:da:50:08:c6:af:51:3d:3b:66:00:4a:c1:29:
48:98:73:15:d4:06:37:5b:4d:96:39:d1:01:fa:59:43:55:84:
82:b4:73:53:63:60:8c:3a:42:07:a8:a7:7f:1d:65:af:d3:d4:
95:2f:7e:e7:bc:23:b3:86:7c:e2:b6:77:d6:a6:3e:37:a7:bf:
81:ab:74:6d:0c:c5:7a:0e:2a:21:ef:cd:ef:e5:55:41:ef:cd:
36:73:60:00:bb:af:26:fb:3b:0f:e9:6a:2d:1a:8c:b5:fc:92:
df:be:f8:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcDsCHf9gUbGEbdLRYq3uWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm
YTg3NGUwHhcNMjMwMzIxMTAyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFkMTg2Y2U3OWU3NTY2NjBlZmE2MWIwY2U1ODkwY2E5ZWQ0YWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA7jpbeRz8lJpkJmFE/2Henn8BOj
Yz9Ga7lw+MTWMT0Zz7mFr6vV1GfLcj5CVKjSxMasSZlK0plqrZ3lL4YUmsLq7v70
83scRE9Go9bwnsum4Gw1pdy5iY/5qsOq9whMOiKBnIY1wSNTn0b41Z69pAdq69f5
NjQaimjFE4nMeFxHJIwJZwzDFMVe1GLO6ZzwibEIN5ilE11CvNg7xoN19fjq/fTI
qNl0TWXHefz9Z8Lz0hLMhqSMxWshh1KmsTJahZ4N/W8A6mKnynCy6dkNFt0jmBLA
1+hRtNsWcZM0BKzupQACmEALk8Tlwvu8FzSyo6g2TTq1lqtxLk3c+vYAZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFKtGGznnnVmYO+mGwzliQyp7UrqMB8GA1UdIwQY
MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt
ZThhZGE1MWVlOGZmLzEvVXEwWWJPZWVkV1pnNzZZYkRPV0pES250U3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm
LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUIoMA0E
AgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IBAQBTWbc53T248nio2WL8ecK1
m1Q6YFEHRIGGPG/zBypNe2VRQ2UtBWZAw27r5P2rCSCqWAS+NPaXFJbBgi1IQa7U
nkFk+vpp8TGEwv/uTVc41uCDRSoCeWJYCCAWSO/XsrF7M/SLnjzCYQbZyWqU4DHR
x4x/bjYdGba56KkSKTfzXIto2b3O0wSEMwL+FHudLZ7DBKLJGNpQCMavUT07ZgBK
wSlImHMV1AY3W02WOdEB+llDVYSCtHNTY2CMOkIHqKd/HWWv09SVL37nvCOzhnzi
tnfWpj43p7+Bq3RtDMV6Dioh783v5VVB7802c2AAu68m+zsP6WotGoy1/JLfvvjl
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:53 2024 by rpki-client on console.sobornost.net