Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/L2HqZwQLhqq6-4qujkwaId9_ma4.roa
File: L2HqZwQLhqq6-4qujkwaId9_ma4.roa (raw, json)
Hash identifier: odiXXR7ur1T+zA7dz3pDsU5C3ZraFwEZEQaSpxMIdbs=
Subject key identifier: 2F:61:EA:67:04:0B:86:AA:BA:FB:8A:AE:8E:4C:1A:21:DF:7F:99:AE
Certificate issuer: /CN=5954c7b7e6df7578466d82b52715cb209f7f21c5
Certificate serial: 018772208C970DD5908D33CD5BACBD322A70
Authority key identifier: 59:54:C7:B7:E6:DF:75:78:46:6D:82:B5:27:15:CB:20:9F:7F:21:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/L2HqZwQLhqq6-4qujkwaId9_ma4.roa
Signing time: Tue 11 Apr 2023 21:02:28 +0000
ROA not before: Tue 11 Apr 2023 21:02:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35710
IP address blocks: 193.111.100.0/22 maxlen: 24
45.84.32.0/22 maxlen: 24
91.132.200.0/22 maxlen: 24
2a12:13c0::/29 maxlen: 32
2a09:d180::/29 maxlen: 32
2a0e:9580::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:72:20:8c:97:0d:d5:90:8d:33:cd:5b:ac:bd:32:2a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954c7b7e6df7578466d82b52715cb209f7f21c5
Validity
Not Before: Apr 11 21:02:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f61ea67040b86aabafb8aae8e4c1a21df7f99ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0b:4c:83:f6:97:77:3a:3c:9c:27:45:bd:9a:
40:15:14:f6:f3:5b:92:8a:d9:87:66:01:c6:1b:5b:
73:46:65:79:f8:74:e9:53:2e:c7:32:9a:3f:67:d1:
63:9f:6d:f5:d9:9d:dc:e0:b5:34:b7:ff:44:f6:46:
0e:e6:d0:27:88:4f:3a:ff:8c:dc:45:8e:f9:9c:08:
3f:6b:52:fe:69:d9:35:06:f2:67:a3:7b:e8:46:7b:
62:87:b8:60:8c:3b:e8:e4:44:d2:f9:7c:3f:e6:22:
28:f0:cc:33:56:2d:8f:3e:26:c0:ae:e2:cf:d0:20:
15:8c:da:a6:61:38:32:22:20:b7:f5:38:06:a1:f7:
0d:7e:7e:da:04:f6:69:e9:cf:45:0a:a1:c8:2a:9f:
a8:c0:e6:ca:7d:90:77:0a:5d:3a:fa:a9:fc:ee:2f:
69:f7:60:3c:18:6e:67:53:fa:86:9e:e6:ca:41:00:
47:16:60:17:fe:9e:1a:db:b7:02:1e:8e:2a:63:6d:
4c:2a:1f:80:8f:07:cc:75:26:d0:2d:ce:0e:11:f9:
05:96:b8:55:8c:8e:f0:6d:d8:4f:71:fb:b3:b5:3d:
c2:ac:00:d1:0e:33:28:54:e6:71:87:ce:ac:55:b0:
c4:8f:af:40:f3:5d:bf:30:97:1f:56:0e:55:75:22:
07:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:61:EA:67:04:0B:86:AA:BA:FB:8A:AE:8E:4C:1A:21:DF:7F:99:AE
X509v3 Authority Key Identifier:
keyid:59:54:C7:B7:E6:DF:75:78:46:6D:82:B5:27:15:CB:20:9F:7F:21:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/L2HqZwQLhqq6-4qujkwaId9_ma4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.32.0/22
91.132.200.0/22
193.111.100.0/22
IPv6:
2a09:d180::/29
2a0e:9580::/29
2a12:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:c4:eb:dd:5d:8f:5d:9e:54:fc:4a:4a:f9:32:ac:a8:61:cb:
b6:f8:16:7d:13:08:fa:50:06:0a:4e:e5:10:8c:c1:fb:c2:e4:
f1:4f:22:3c:47:67:06:7b:3a:ee:e9:c6:4d:47:ed:29:b4:cb:
fd:83:2a:42:f0:72:cc:76:37:40:3c:84:26:25:04:5c:4c:51:
12:5e:56:c1:ce:7a:a8:1f:7e:5d:55:46:e3:17:12:a6:1d:f6:
95:8f:8f:ac:e4:45:3b:03:74:91:e6:29:1a:4e:4c:0a:06:19:
cf:3b:7d:a1:ed:f9:47:93:d0:fd:56:02:e2:2b:d8:97:ab:7c:
8d:4d:3f:e6:8f:a1:1c:2f:b8:a3:c9:0e:38:1d:fc:d6:79:8b:
b2:9c:8d:c8:53:03:00:93:03:65:d0:6d:aa:ae:8a:f7:ac:20:
e3:46:e5:ab:6d:9b:59:a8:2e:2a:eb:84:94:69:cd:a2:4f:0f:
d2:c6:66:7d:68:41:85:ea:27:83:52:dc:29:8f:1d:62:2c:6e:
10:42:ab:e7:00:4e:eb:45:85:8e:b2:8a:47:c7:d6:02:a8:09:
fd:19:4d:7d:90:89:71:10:9b:e5:16:67:e6:f0:83:57:49:b2:
87:d3:a4:3e:4e:22:96:2d:95:95:4a:34:0c:eb:e9:ad:f5:a7:
4b:58:d8:df
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYdyIIyXDdWQjTPNW6y9MipwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRjN2I3ZTZkZjc1Nzg0NjZkODJiNTI3MTVjYjIwOWY3
ZjIxYzUwHhcNMjMwNDExMjEwMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjYxZWE2NzA0MGI4NmFhYmFmYjhhYWU4ZTRjMWEyMWRmN2Y5OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwtMg/aXdzo8nCdFvZpAFRT281uS
itmHZgHGG1tzRmV5+HTpUy7HMpo/Z9Fjn2312Z3c4LU0t/9E9kYO5tAniE86/4zc
RY75nAg/a1L+adk1BvJno3voRntih7hgjDvo5ETS+Xw/5iIo8MwzVi2PPibAruLP
0CAVjNqmYTgyIiC39TgGofcNfn7aBPZp6c9FCqHIKp+owObKfZB3Cl06+qn87i9p
92A8GG5nU/qGnubKQQBHFmAX/p4a27cCHo4qY21MKh+AjwfMdSbQLc4OEfkFlrhV
jI7wbdhPcfuztT3CrADRDjMoVOZxh86sVbDEj69A812/MJcfVg5VdSIHKwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFC9h6mcEC4aquvuKro5MGiHff5muMB8GA1UdIwQY
MBaAFFlUx7fm33V4Rm2CtScVyyCffyHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZUSHQtYmZkWGhHYllLMUp4WExJSjlfSWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9lNDVmZDAtZTY5Yi00ZTMyLWE0Mjct
OGIxMDUyZmZjZjZkLzEvTDJIcVp3UUxocXE2LTRxdWprd2FJZDlfbWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9lNDVmZDAtZTY5Yi00ZTMyLWE0MjctOGIxMDUyZmZjZjZk
LzEvV1ZUSHQtYmZkWGhHYllLMUp4WExJSjlfSWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLVQgAwQC
W4TIAwQCwW9kMBsEAgACMBUDBQMqCdGAAwUDKg6VgAMFAyoSE8AwDQYJKoZIhvcN
AQELBQADggEBAGjE691dj12eVPxKSvkyrKhhy7b4Fn0TCPpQBgpO5RCMwfvC5PFP
IjxHZwZ7Ou7pxk1H7Sm0y/2DKkLwcsx2N0A8hCYlBFxMURJeVsHOeqgffl1VRuMX
EqYd9pWPj6zkRTsDdJHmKRpOTAoGGc87faHt+UeT0P1WAuIr2JerfI1NP+aPoRwv
uKPJDjgd/NZ5i7KcjchTAwCTA2XQbaquivesIONG5attm1moLirrhJRpzaJPD9LG
Zn1oQYXqJ4NS3CmPHWIsbhBCq+cATutFhY6yikfH1gKoCf0ZTX2QiXEQm+UWZ+bw
g1dJsofTpD5OIpYtlZVKNAzr6a31p0tY2N8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:02 2024 by rpki-client on console.sobornost.net