Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/qRMBvFpvENfRbkMKhBucF-bplKY.roa
File: qRMBvFpvENfRbkMKhBucF-bplKY.roa (raw, json)
Hash identifier: MlfCOWelciNPNpGnCWw0V0u/NyBHc/iPS3G+ncbmGHo=
Subject key identifier: A9:13:01:BC:5A:6F:10:D7:D1:6E:43:0A:84:1B:9C:17:E6:E9:94:A6
Certificate issuer: /CN=83eba25c4a1c86ce75a24b76e78558c92f8a0372
Certificate serial: 01870DF4E8972C56764596097415503ADEBD
Authority key identifier: 83:EB:A2:5C:4A:1C:86:CE:75:A2:4B:76:E7:85:58:C9:2F:8A:03:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-uiXEochs51okt254VYyS-KA3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/qRMBvFpvENfRbkMKhBucF-bplKY.roa
Signing time: Thu 23 Mar 2023 10:12:46 +0000
ROA not before: Thu 23 Mar 2023 10:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203165
IP address blocks: 5.145.104.0/21 maxlen: 21
5.145.104.0/22 maxlen: 22
5.145.108.0/22 maxlen: 22
2a01:8b40::/32 maxlen: 32
2a01:8b40:1000::/36 maxlen: 36
2a01:8b40::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:f4:e8:97:2c:56:76:45:96:09:74:15:50:3a:de:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83eba25c4a1c86ce75a24b76e78558c92f8a0372
Validity
Not Before: Mar 23 10:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a91301bc5a6f10d7d16e430a841b9c17e6e994a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6e:b0:ec:21:c5:a5:8f:68:ba:9b:23:2a:2b:
f8:12:5a:b5:2f:5d:d7:f5:af:44:43:05:bb:f7:01:
5b:f0:a6:a6:04:47:41:82:6c:b6:12:45:20:8a:c0:
77:58:6a:7e:46:eb:c9:a4:c6:fc:32:e3:ce:86:63:
9c:40:47:8a:d5:bd:ae:2f:ff:20:e0:75:d1:a8:98:
22:a5:db:b6:bc:22:8d:d2:6d:06:ca:6d:4b:60:21:
1e:18:37:fa:3c:3f:bb:29:d6:70:15:16:4e:f1:30:
91:51:0f:13:fe:9f:c9:dd:c2:d0:c7:39:b0:a4:cf:
2a:82:0d:6e:c7:3a:22:b1:ff:b9:d0:08:2e:ca:7b:
7d:8b:44:a5:7d:14:00:de:89:b9:63:0b:ba:27:b0:
3d:67:37:77:b1:02:b8:e7:99:5a:2d:56:b2:64:36:
91:5a:b2:f9:e6:57:86:92:f1:e6:f7:13:11:df:60:
ce:6a:e4:70:14:cc:a1:e5:97:c7:aa:f1:11:54:ff:
5c:c7:29:05:1c:1a:51:d8:98:f4:5a:40:46:0b:fe:
86:5a:de:25:6e:cc:63:fd:cd:83:e2:73:08:98:e0:
0c:4d:ab:75:7c:f5:f6:c2:d6:b5:f8:ca:1b:fc:87:
4b:ee:30:d8:32:a1:46:ca:28:69:55:1b:2e:58:b5:
e4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:13:01:BC:5A:6F:10:D7:D1:6E:43:0A:84:1B:9C:17:E6:E9:94:A6
X509v3 Authority Key Identifier:
keyid:83:EB:A2:5C:4A:1C:86:CE:75:A2:4B:76:E7:85:58:C9:2F:8A:03:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-uiXEochs51okt254VYyS-KA3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/qRMBvFpvENfRbkMKhBucF-bplKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/g-uiXEochs51okt254VYyS-KA3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.104.0/21
IPv6:
2a01:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
39:33:46:e9:2c:60:30:5f:14:10:b5:b3:cc:9c:18:3d:c2:09:
e3:67:16:54:be:ed:a1:5b:c2:e1:64:fd:3c:67:e3:13:ea:f1:
41:61:11:07:3c:4d:e0:9c:7f:7c:0c:87:68:0a:7e:2d:49:3e:
82:f6:43:9e:c4:4d:42:2b:ab:c1:15:6b:f8:0b:65:20:7b:00:
67:ca:ac:14:0a:19:19:d9:03:ee:27:71:bf:28:b6:f9:ac:1d:
2f:b6:fc:d5:ec:ce:f3:7e:2f:c2:ed:a6:77:48:af:b9:aa:29:
2c:0f:03:53:90:be:7a:55:40:0b:f8:33:71:12:be:1b:c5:97:
22:66:7c:e5:a8:f8:7a:12:80:41:ad:11:2e:a3:e9:d1:c6:a2:
a0:b4:14:94:27:dd:1a:18:9d:24:6d:99:3b:e1:70:9b:0c:15:
c2:f5:82:0a:39:95:3e:d3:ce:55:32:da:6f:b5:c0:1e:2f:08:
da:74:a3:03:ca:02:86:25:d6:c1:37:cc:ea:ad:3c:a7:0c:37:
ce:6f:f7:44:4a:09:3b:d5:7f:72:2b:6d:ee:36:a4:61:9a:64:
79:29:c1:65:8b:fd:9f:1f:b9:0c:83:dd:c4:12:db:84:8a:85:
73:ad:80:29:0e:74:da:59:47:50:d8:05:4c:7c:bb:3c:f9:69:
1f:b2:78:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcN9OiXLFZ2RZYJdBVQOt69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZWJhMjVjNGExYzg2Y2U3NWEyNGI3NmU3ODU1OGM5MmY4
YTAzNzIwHhcNMjMwMzIzMTAxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTEzMDFiYzVhNmYxMGQ3ZDE2ZTQzMGE4NDFiOWMxN2U2ZTk5NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW6w7CHFpY9oupsjKiv4Elq1L13X
9a9EQwW79wFb8KamBEdBgmy2EkUgisB3WGp+RuvJpMb8MuPOhmOcQEeK1b2uL/8g
4HXRqJgipdu2vCKN0m0Gym1LYCEeGDf6PD+7KdZwFRZO8TCRUQ8T/p/J3cLQxzmw
pM8qgg1uxzoisf+50Aguynt9i0SlfRQA3om5Ywu6J7A9Zzd3sQK455laLVayZDaR
WrL55leGkvHm9xMR32DOauRwFMyh5ZfHqvERVP9cxykFHBpR2Jj0WkBGC/6GWt4l
bsxj/c2D4nMImOAMTat1fPX2wta1+Mob/IdL7jDYMqFGyihpVRsuWLXkmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKkTAbxabxDX0W5DCoQbnBfm6ZSmMB8GA1UdIwQY
MBaAFIProlxKHIbOdaJLdueFWMkvigNyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy11aVhFb2NoczUxb2t0MjU0Vll5Uy1LQTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNTYxMmQtZTgxYi00M2JlLWFlN2Mt
NTc3ZmFmODU1Mzk5LzEvcVJNQnZGcHZFTmZSYmtNS2hCdWNGLWJwbEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNTYxMmQtZTgxYi00M2JlLWFlN2MtNTc3ZmFmODU1Mzk5
LzEvZy11aVhFb2NoczUxb2t0MjU0Vll5Uy1LQTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBZFoMA0E
AgACMAcDBQAqAYtAMA0GCSqGSIb3DQEBCwUAA4IBAQA5M0bpLGAwXxQQtbPMnBg9
wgnjZxZUvu2hW8LhZP08Z+MT6vFBYREHPE3gnH98DIdoCn4tST6C9kOexE1CK6vB
FWv4C2UgewBnyqwUChkZ2QPuJ3G/KLb5rB0vtvzV7M7zfi/C7aZ3SK+5qiksDwNT
kL56VUAL+DNxEr4bxZciZnzlqPh6EoBBrREuo+nRxqKgtBSUJ90aGJ0kbZk74XCb
DBXC9YIKOZU+085VMtpvtcAeLwjadKMDygKGJdbBN8zqrTynDDfOb/dESgk71X9y
K23uNqRhmmR5KcFli/2fH7kMg93EEtuEioVzrYApDnTaWUdQ2AVMfLs8+Wkfsnjf
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:18:20 2024 by rpki-client on console.sobornost.net