Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/Oy0QcAAXGerMZ7P2Ucl66Kd1740.roa
File: Oy0QcAAXGerMZ7P2Ucl66Kd1740.roa (raw, json)
Hash identifier: PNalhHZaTTu2hqGGeSVLBX0Iv9kBTHNwuJcFbm8sw6s=
Subject key identifier: 3B:2D:10:70:00:17:19:EA:CC:67:B3:F6:51:C9:7A:E8:A7:75:EF:8D
Certificate issuer: /CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Certificate serial: 01856E38BBF2D947161D362448164D47C493
Authority key identifier: 5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/Oy0QcAAXGerMZ7P2Ucl66Kd1740.roa
Signing time: Sun 01 Jan 2023 16:44:49 +0000
ROA not before: Sun 01 Jan 2023 16:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209970
IP address blocks: 45.67.112.0/22 maxlen: 24
185.155.120.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:bb:f2:d9:47:16:1d:36:24:48:16:4d:47:c4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fdf516c95dd6eb2d1d9dd4e0e03286c1911f6e1
Validity
Not Before: Jan 1 16:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b2d1070001719eacc67b3f651c97ae8a775ef8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:22:85:21:78:31:9e:3f:38:c2:6b:db:23:a1:
8d:41:2a:62:ce:f0:33:ad:4a:73:e7:9a:18:e8:d3:
ae:62:94:50:d5:57:47:90:05:95:43:c6:98:ac:e0:
22:24:78:1a:9a:21:2b:30:c9:02:13:46:e4:bf:86:
3c:1f:be:d4:92:ea:a1:d7:4c:19:1b:e9:04:f3:09:
a6:0e:f3:0d:53:4d:7b:44:60:50:4b:b3:01:ee:4a:
09:61:9b:3b:3d:92:09:63:03:f5:3f:07:2b:a4:c3:
1f:24:64:54:94:27:52:82:3b:14:5b:22:67:31:13:
72:da:98:84:b1:a3:20:5f:5e:64:7f:24:cc:cb:1e:
c7:58:9c:17:36:c4:13:08:1b:3e:52:f5:fb:a2:7d:
51:68:25:af:3f:f9:07:91:8f:34:b4:a1:cd:06:99:
f6:07:fc:b9:bc:a0:b1:fe:e3:e0:a7:88:9f:b5:25:
6f:a6:e5:32:08:ee:9e:d5:d8:ce:90:55:27:84:64:
fc:c8:ff:4a:46:8c:90:5a:a4:9a:5f:40:40:59:53:
6a:2f:29:ea:5e:77:eb:61:8e:95:fa:fc:4d:c0:02:
6b:0c:25:a2:56:63:f8:58:77:68:66:0d:6f:15:1b:
ab:ad:1d:3f:a1:7d:9a:e9:d2:1d:1f:87:2e:0d:d3:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:2D:10:70:00:17:19:EA:CC:67:B3:F6:51:C9:7A:E8:A7:75:EF:8D
X509v3 Authority Key Identifier:
keyid:5F:DF:51:6C:95:DD:6E:B2:D1:D9:DD:4E:0E:03:28:6C:19:11:F6:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X99RbJXdbrLR2d1ODgMobBkR9uE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/Oy0QcAAXGerMZ7P2Ucl66Kd1740.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/665d7d-d170-4df7-acc7-bf3f7951c5ea/1/X99RbJXdbrLR2d1ODgMobBkR9uE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.112.0/22
185.155.120.0/22
Signature Algorithm: sha256WithRSAEncryption
93:9d:c8:6e:3d:7f:84:72:fe:9c:b6:7b:9b:80:8b:7c:9a:bd:
fb:9a:03:3a:6b:5f:4c:85:8b:16:c1:b3:65:ca:2e:50:ee:1d:
97:59:f8:b3:8f:e1:cb:ed:c5:31:50:23:b5:78:1d:cf:ad:fa:
6c:de:24:71:6e:0d:8d:e7:dd:5d:8a:d4:a9:6f:9f:86:0a:57:
18:e3:5c:97:8d:67:78:e3:55:0f:d4:2e:06:53:a2:a4:53:6f:
12:d7:d8:fd:7b:65:07:fe:78:74:9c:32:7a:93:a7:a7:0f:e8:
ac:0f:83:c7:1a:dc:13:8b:74:e0:aa:78:34:87:1c:6b:d2:1e:
25:6c:73:46:7c:b1:7a:38:1e:fd:26:e2:35:b4:b3:6f:93:fe:
fe:91:8d:f3:6d:f8:39:32:32:d0:f2:44:70:65:13:64:5d:0b:
e7:ba:50:21:13:b1:d3:75:cf:4e:74:fa:1c:8b:87:46:3b:74:
85:5c:52:5e:c5:3a:fe:80:12:32:18:ed:b6:71:79:71:49:9a:
b2:2e:52:9d:e0:30:91:b0:0e:a3:6f:67:96:2f:95:56:4b:8d:
02:4c:4a:34:83:20:ae:e3:fd:d6:88:11:9b:d4:d3:4b:bc:b5:
bf:03:b9:48:95:dc:e3:75:3d:ff:cb:02:3d:8b:d9:cb:54:49:
0f:31:63:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuOLvy2UcWHTYkSBZNR8STMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZGY1MTZjOTVkZDZlYjJkMWQ5ZGQ0ZTBlMDMyODZjMTkx
MWY2ZTEwHhcNMjMwMTAxMTY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjJkMTA3MDAwMTcxOWVhY2M2N2IzZjY1MWM5N2FlOGE3NzVlZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSKFIXgxnj84wmvbI6GNQSpizvAz
rUpz55oY6NOuYpRQ1VdHkAWVQ8aYrOAiJHgamiErMMkCE0bkv4Y8H77Ukuqh10wZ
G+kE8wmmDvMNU017RGBQS7MB7koJYZs7PZIJYwP1PwcrpMMfJGRUlCdSgjsUWyJn
MRNy2piEsaMgX15kfyTMyx7HWJwXNsQTCBs+UvX7on1RaCWvP/kHkY80tKHNBpn2
B/y5vKCx/uPgp4iftSVvpuUyCO6e1djOkFUnhGT8yP9KRoyQWqSaX0BAWVNqLynq
XnfrYY6V+vxNwAJrDCWiVmP4WHdoZg1vFRurrR0/oX2a6dIdH4cuDdPEeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDstEHAAFxnqzGez9lHJeuinde+NMB8GA1UdIwQY
MBaAFF/fUWyV3W6y0dndTg4DKGwZEfbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzct
YmYzZjc5NTFjNWVhLzEvT3kwUWNBQVhHZXJNWjdQMlVjbDY2S2QxNzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NjVkN2QtZDE3MC00ZGY3LWFjYzctYmYzZjc5NTFjNWVh
LzEvWDk5UmJKWGRickxSMmQxT0RnTW9iQmtSOXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLUNwAwQC
uZt4MA0GCSqGSIb3DQEBCwUAA4IBAQCTnchuPX+Ecv6ctnubgIt8mr37mgM6a19M
hYsWwbNlyi5Q7h2XWfizj+HL7cUxUCO1eB3Prfps3iRxbg2N591ditSpb5+GClcY
41yXjWd441UP1C4GU6KkU28S19j9e2UH/nh0nDJ6k6enD+isD4PHGtwTi3Tgqng0
hxxr0h4lbHNGfLF6OB79JuI1tLNvk/7+kY3zbfg5MjLQ8kRwZRNkXQvnulAhE7HT
dc9OdPoci4dGO3SFXFJexTr+gBIyGO22cXlxSZqyLlKd4DCRsA6jb2eWL5VWS40C
TEo0gyCu4/3WiBGb1NNLvLW/A7lIldzjdT3/ywI9i9nLVEkPMWM4
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:34 2024 by rpki-client on console.sobornost.net