Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/dRwqLtq6DWlyxUZPCTUnLto-CIA.roa
File: dRwqLtq6DWlyxUZPCTUnLto-CIA.roa (raw, json)
Hash identifier: MIZIt6vIuHT24fsfiRm6m2Rtyd5K9LfRMUfKCB/yle0=
Subject key identifier: 75:1C:2A:2E:DA:BA:0D:69:72:C5:46:4F:09:35:27:2E:DA:3E:08:80
Certificate issuer: /CN=5954c7b7e6df7578466d82b52715cb209f7f21c5
Certificate serial: 01856E81EAA7FE59AC62BDD03C586CC5F7D6
Authority key identifier: 59:54:C7:B7:E6:DF:75:78:46:6D:82:B5:27:15:CB:20:9F:7F:21:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/dRwqLtq6DWlyxUZPCTUnLto-CIA.roa
Signing time: Sun 01 Jan 2023 18:04:46 +0000
ROA not before: Sun 01 Jan 2023 18:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35710
IP address blocks: 193.111.100.0/22 maxlen: 24
45.84.34.0/24 maxlen: 24
45.84.33.0/24 maxlen: 24
45.84.32.0/24 maxlen: 24
91.132.200.0/22 maxlen: 24
2a12:13c0::/29 maxlen: 32
2a09:d180::/29 maxlen: 32
2a0e:9580::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:ea:a7:fe:59:ac:62:bd:d0:3c:58:6c:c5:f7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954c7b7e6df7578466d82b52715cb209f7f21c5
Validity
Not Before: Jan 1 18:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=751c2a2edaba0d6972c5464f0935272eda3e0880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:85:88:9a:a4:75:a7:b3:bd:e8:d3:54:01:71:
50:13:5b:55:38:cb:0e:fd:b0:88:ac:9f:bd:05:70:
77:ee:2a:14:dd:6e:06:c0:55:de:4e:48:85:03:6f:
ab:6b:e2:bc:5f:c1:eb:9b:6f:32:9e:6d:bf:f8:ed:
a8:c6:29:90:4f:fb:69:af:6f:b6:ef:c3:94:28:44:
8b:99:3a:e9:c1:28:1f:7f:16:ab:f3:52:b8:3f:47:
61:e7:e2:02:58:79:6f:92:f5:a8:55:01:e8:04:72:
2f:e4:7a:9b:cc:49:f2:64:d4:50:20:6c:ef:e9:a8:
d2:14:5d:79:a0:ae:49:f4:58:51:b1:eb:c0:5f:74:
f7:8c:61:01:a6:c2:2c:3d:06:18:87:3f:2f:e4:af:
6a:75:e4:e8:2b:5d:93:95:7b:10:3f:09:ed:2b:6a:
d0:8d:f0:99:83:68:62:92:0d:dc:e7:d0:78:1e:16:
9a:ac:ca:5d:bc:5c:61:2d:c7:50:ba:24:a1:4f:4c:
79:50:37:dd:f2:7b:84:b3:0d:06:4b:35:f4:8c:f7:
c8:44:8e:42:ce:cb:74:7e:31:b9:c3:ec:df:80:d9:
67:44:f5:bd:0d:48:14:9d:b9:dc:7a:88:f6:44:23:
2d:39:67:63:29:30:9d:61:d5:2a:1a:92:55:84:a0:
28:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1C:2A:2E:DA:BA:0D:69:72:C5:46:4F:09:35:27:2E:DA:3E:08:80
X509v3 Authority Key Identifier:
keyid:59:54:C7:B7:E6:DF:75:78:46:6D:82:B5:27:15:CB:20:9F:7F:21:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/dRwqLtq6DWlyxUZPCTUnLto-CIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/e45fd0-e69b-4e32-a427-8b1052ffcf6d/1/WVTHt-bfdXhGbYK1JxXLIJ9_IcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.32.0-45.84.34.255
91.132.200.0/22
193.111.100.0/22
IPv6:
2a09:d180::/29
2a0e:9580::/29
2a12:13c0::/29
Signature Algorithm: sha256WithRSAEncryption
11:b8:2d:ca:21:57:9c:c6:4b:f3:fe:20:d0:f0:81:51:bd:b1:
2a:65:53:09:72:99:08:33:b4:e0:1c:c6:ba:da:72:f3:a9:f1:
1d:e8:e5:f3:d6:77:fd:88:1b:13:80:06:cc:99:2a:20:5b:0e:
fc:5d:96:b5:bd:03:1f:7e:11:4f:e4:97:78:d1:f3:11:16:24:
84:e4:b8:90:86:bc:17:7c:f8:75:e3:72:eb:df:c1:d4:8d:cd:
ab:77:d6:69:dc:1e:57:43:0d:7c:1b:39:59:32:6b:77:33:1e:
07:fc:af:67:53:a0:08:3d:14:7f:cc:dd:f5:3b:13:70:3c:a4:
e1:05:e7:bd:4e:b7:cc:c9:46:5b:91:2d:ca:bd:aa:09:4b:ed:
ef:25:c7:4a:6b:2e:73:41:a2:86:b7:72:9f:76:d7:ce:8b:5c:
96:a9:b3:cf:f8:85:17:c6:b2:6d:b7:a2:ab:ab:24:a9:92:d1:
c8:27:cc:5b:50:70:0e:f6:f6:5b:c9:b8:48:16:01:e6:ea:7d:
0c:6e:be:9c:3a:18:b9:17:70:5f:e4:11:3f:c1:99:7b:6a:50:
83:7c:42:21:35:01:bf:ef:44:3b:4b:ba:46:21:65:55:0d:b8:
6a:a6:f6:8d:3e:5f:f1:93:76:5d:26:c4:aa:15:0e:f2:53:3e:
3f:89:10:fa
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYVugeqn/lmsYr3QPFhsxffWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRjN2I3ZTZkZjc1Nzg0NjZkODJiNTI3MTVjYjIwOWY3
ZjIxYzUwHhcNMjMwMTAxMTgwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFjMmEyZWRhYmEwZDY5NzJjNTQ2NGYwOTM1MjcyZWRhM2UwODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIWImqR1p7O96NNUAXFQE1tVOMsO
/bCIrJ+9BXB37ioU3W4GwFXeTkiFA2+ra+K8X8Hrm28ynm2/+O2oximQT/tpr2+2
78OUKESLmTrpwSgffxar81K4P0dh5+ICWHlvkvWoVQHoBHIv5HqbzEnyZNRQIGzv
6ajSFF15oK5J9FhRsevAX3T3jGEBpsIsPQYYhz8v5K9qdeToK12TlXsQPwntK2rQ
jfCZg2hikg3c59B4HhaarMpdvFxhLcdQuiShT0x5UDfd8nuEsw0GSzX0jPfIRI5C
zst0fjG5w+zfgNlnRPW9DUgUnbnceoj2RCMtOWdjKTCdYdUqGpJVhKAouQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFHUcKi7aug1pcsVGTwk1Jy7aPgiAMB8GA1UdIwQY
MBaAFFlUx7fm33V4Rm2CtScVyyCffyHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZUSHQtYmZkWGhHYllLMUp4WExJSjlfSWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9lNDVmZDAtZTY5Yi00ZTMyLWE0Mjct
OGIxMDUyZmZjZjZkLzEvZFJ3cUx0cTZEV2x5eFVaUENUVW5MdG8tQ0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9lNDVmZDAtZTY5Yi00ZTMyLWE0MjctOGIxMDUyZmZjZjZk
LzEvV1ZUSHQtYmZkWGhHYllLMUp4WExJSjlfSWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAgBAIAATAaMAwDBAUtVCAD
BAAtVCIDBAJbhMgDBALBb2QwGwQCAAIwFQMFAyoJ0YADBQMqDpWAAwUDKhITwDAN
BgkqhkiG9w0BAQsFAAOCAQEAEbgtyiFXnMZL8/4g0PCBUb2xKmVTCXKZCDO04BzG
utpy86nxHejl89Z3/YgbE4AGzJkqIFsO/F2Wtb0DH34RT+SXeNHzERYkhOS4kIa8
F3z4deNy69/B1I3Nq3fWadweV0MNfBs5WTJrdzMeB/yvZ1OgCD0Uf8zd9TsTcDyk
4QXnvU63zMlGW5Etyr2qCUvt7yXHSmsuc0Gihrdyn3bXzotclqmzz/iFF8aybbei
q6skqZLRyCfMW1BwDvb2W8m4SBYB5up9DG6+nDoYuRdwX+QRP8GZe2pQg3xCITUB
v+9EO0u6RiFlVQ24aqb2jT5f8ZN2XSbEqhUO8lM+P4kQ+g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:44:36 2023 by rpki-client on console.sobornost.net