Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/slQ-MJQYLooV_CRGccDrs6Le5l4.roa
File: slQ-MJQYLooV_CRGccDrs6Le5l4.roa (raw, json)
Hash identifier: MUN42CAUH9I2g0rV5OiYbLnqSysIAOmmBzD3NRrG3Iw=
Subject key identifier: B2:54:3E:30:94:18:2E:8A:15:FC:24:46:71:C0:EB:B3:A2:DE:E6:5E
Certificate issuer: /CN=40cb59a418eadfa5dc869f56f1847fb25d987fc6
Certificate serial: 01857169B91F13A02F2236B5E1A07B487465
Authority key identifier: 40:CB:59:A4:18:EA:DF:A5:DC:86:9F:56:F1:84:7F:B2:5D:98:7F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMtZpBjq36Xchp9W8YR_sl2Yf8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/slQ-MJQYLooV_CRGccDrs6Le5l4.roa
Signing time: Mon 02 Jan 2023 07:37:12 +0000
ROA not before: Mon 02 Jan 2023 07:37:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29075
IP address blocks: 185.18.172.0/22 maxlen: 22
45.140.103.0/24 maxlen: 24
2a04:cc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:b9:1f:13:a0:2f:22:36:b5:e1:a0:7b:48:74:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cb59a418eadfa5dc869f56f1847fb25d987fc6
Validity
Not Before: Jan 2 07:37:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2543e3094182e8a15fc244671c0ebb3a2dee65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:ed:e3:0a:f5:84:97:04:29:b4:b3:0b:8d:
5b:0d:08:03:9d:52:c7:59:52:71:c6:af:4f:6d:3f:
9b:5d:c2:c1:ff:c6:3c:df:59:32:3f:fa:55:d2:82:
e1:6c:8e:cd:88:d7:45:20:ef:80:0b:64:ae:ab:d7:
96:a0:a6:5e:12:b3:5f:d8:42:38:4d:e5:93:ad:bc:
31:e5:b5:f4:ed:2a:68:3f:eb:d5:78:8f:31:f6:56:
87:ac:4e:82:42:4c:a7:10:ae:3a:cc:90:be:fe:24:
cb:fb:92:a8:02:2f:39:fe:c7:52:d7:79:83:81:43:
b9:fa:d9:6c:b9:be:a9:22:65:c4:fe:da:84:45:2f:
63:6a:ae:50:cf:9c:af:ee:44:ed:1f:90:5e:b3:f6:
9c:c5:21:b0:83:1b:cd:c9:6f:e5:b0:eb:b9:ed:54:
25:c6:7d:2e:07:b8:74:72:75:a1:d3:ef:9a:5f:68:
d8:98:fa:34:89:3b:25:eb:19:e1:7f:23:81:fd:d4:
48:94:b1:76:7d:df:4f:c2:a1:0b:f3:3a:28:99:e9:
3f:7b:76:64:2b:6d:5e:f6:fe:2a:2f:f3:3c:00:23:
f5:6d:79:b1:ba:88:34:d0:28:27:23:20:f6:fc:b1:
ad:17:a2:bc:3d:db:d8:6c:0c:45:e2:05:6b:a3:21:
35:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:54:3E:30:94:18:2E:8A:15:FC:24:46:71:C0:EB:B3:A2:DE:E6:5E
X509v3 Authority Key Identifier:
keyid:40:CB:59:A4:18:EA:DF:A5:DC:86:9F:56:F1:84:7F:B2:5D:98:7F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMtZpBjq36Xchp9W8YR_sl2Yf8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/slQ-MJQYLooV_CRGccDrs6Le5l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/924c77-b283-4a52-9094-11f1b5a4b0dc/1/QMtZpBjq36Xchp9W8YR_sl2Yf8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.103.0/24
185.18.172.0/22
IPv6:
2a04:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
33:37:30:b6:90:f1:4a:b2:d9:53:c4:d2:bf:c2:d2:74:1a:55:
d5:4f:48:a1:74:db:df:23:1f:43:1f:40:53:db:ea:28:72:7d:
3d:e2:a4:65:75:7d:27:7d:14:e7:6a:a5:29:d1:96:a1:c2:bb:
cf:a4:9d:fd:27:ea:8c:ae:a2:b4:5f:f5:34:28:1f:11:b4:fb:
ac:e7:4b:f0:fc:4f:db:99:a4:25:30:6d:db:f5:d0:0a:af:86:
27:8d:d8:f7:15:94:a7:82:02:b9:2d:eb:46:e1:93:7f:71:9c:
7c:b6:fe:88:e8:e8:fd:ee:c0:45:20:16:af:eb:e7:66:39:94:
ac:cd:58:3c:3a:23:11:a8:76:cd:88:2f:58:58:24:42:f7:09:
2b:d6:36:17:3c:0b:a5:67:86:16:60:92:43:19:ca:01:b0:de:
95:71:2a:1c:14:b0:aa:b5:67:60:12:66:84:21:5d:9f:27:a4:
b2:b1:14:3d:80:f3:52:e3:4f:93:40:39:9c:40:2d:9d:6c:fe:
ae:60:70:1c:29:b5:32:2e:01:94:c2:06:8f:9a:5e:9c:fb:08:
19:b8:b7:3a:73:7d:a7:a9:23:df:c2:12:81:f8:7d:cc:0f:52:
20:c2:a7:b0:84:4f:42:b0:96:77:50:fe:84:30:f4:f9:d8:f0:
26:09:37:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxabkfE6AvIja14aB7SHRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwY2I1OWE0MThlYWRmYTVkYzg2OWY1NmYxODQ3ZmIyNWQ5
ODdmYzYwHhcNMjMwMTAyMDczNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU0M2UzMDk0MTgyZThhMTVmYzI0NDY3MWMwZWJiM2EyZGVlNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUvt4wr1hJcEKbSzC41bDQgDnVLH
WVJxxq9PbT+bXcLB/8Y831kyP/pV0oLhbI7NiNdFIO+AC2Suq9eWoKZeErNf2EI4
TeWTrbwx5bX07SpoP+vVeI8x9laHrE6CQkynEK46zJC+/iTL+5KoAi85/sdS13mD
gUO5+tlsub6pImXE/tqERS9jaq5Qz5yv7kTtH5Bes/acxSGwgxvNyW/lsOu57VQl
xn0uB7h0cnWh0++aX2jYmPo0iTsl6xnhfyOB/dRIlLF2fd9PwqEL8zoomek/e3Zk
K21e9v4qL/M8ACP1bXmxuog00CgnIyD2/LGtF6K8PdvYbAxF4gVroyE1lwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLJUPjCUGC6KFfwkRnHA67Oi3uZeMB8GA1UdIwQY
MBaAFEDLWaQY6t+l3IafVvGEf7JdmH/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU10WnBCanEzNlhjaHA5VzhZUl9zbDJZZjhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85MjRjNzctYjI4My00YTUyLTkwOTQt
MTFmMWI1YTRiMGRjLzEvc2xRLU1KUVlMb29WX0NSR2NjRHJzNkxlNWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85MjRjNzctYjI4My00YTUyLTkwOTQtMTFmMWI1YTRiMGRj
LzEvUU10WnBCanEzNlhjaHA5VzhZUl9zbDJZZjhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYxnAwQC
uRKsMA0EAgACMAcDBQMqBAzAMA0GCSqGSIb3DQEBCwUAA4IBAQAzNzC2kPFKstlT
xNK/wtJ0GlXVT0ihdNvfIx9DH0BT2+oocn094qRldX0nfRTnaqUp0ZahwrvPpJ39
J+qMrqK0X/U0KB8RtPus50vw/E/bmaQlMG3b9dAKr4Ynjdj3FZSnggK5LetG4ZN/
cZx8tv6I6Oj97sBFIBav6+dmOZSszVg8OiMRqHbNiC9YWCRC9wkr1jYXPAulZ4YW
YJJDGcoBsN6VcSocFLCqtWdgEmaEIV2fJ6SysRQ9gPNS40+TQDmcQC2dbP6uYHAc
KbUyLgGUwgaPml6c+wgZuLc6c32nqSPfwhKB+H3MD1IgwqewhE9CsJZ3UP6EMPT5
2PAmCTen
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:55 2024 by rpki-client on console.sobornost.net