Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/Z5m9YwK1J_Vqm5O9Vk5DhpudLhk.roa
File: Z5m9YwK1J_Vqm5O9Vk5DhpudLhk.roa (raw, json)
Hash identifier: th1ku38qhU6h59+UXiCIEsmJhYqJZ/ut/CAt4GpEqFQ=
Subject key identifier: 67:99:BD:63:02:B5:27:F5:6A:9B:93:BD:56:4E:43:86:9B:9D:2E:19
Certificate issuer: /CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Certificate serial: 01879822F9228AB2D27D8309DB6919DEFFE5
Authority key identifier: 33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/Z5m9YwK1J_Vqm5O9Vk5DhpudLhk.roa
Signing time: Wed 19 Apr 2023 06:10:41 +0000
ROA not before: Wed 19 Apr 2023 06:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64425
IP address blocks: 45.148.121.0/24 maxlen: 24
45.148.122.0/24 maxlen: 24
2a0f:5e05::/32 maxlen: 32
2a0f:5e03::/32 maxlen: 32
2a0f:5e07::/32 maxlen: 32
2a0f:5e01::/32 maxlen: 32
2a0f:5e04::/32 maxlen: 32
2a0f:5e02::/32 maxlen: 32
2a0f:5e00::/32 maxlen: 32
2a0f:5e06::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:22:f9:22:8a:b2:d2:7d:83:09:db:69:19:de:ff:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33358b451ee0fe85b004a0564f8310fb211c95fa
Validity
Not Before: Apr 19 06:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6799bd6302b527f56a9b93bd564e43869b9d2e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:49:4f:9b:6a:61:21:48:93:97:2d:07:df:ad:
d8:a5:03:bd:5c:eb:c0:64:95:e3:6b:4a:e4:5e:a2:
ad:62:97:b0:e2:c2:8e:67:17:5e:f5:9b:0e:62:4d:
54:08:6b:f6:7d:29:29:c9:44:1d:59:03:28:cd:07:
3b:77:94:93:4b:6f:07:8f:28:85:ea:82:a6:48:01:
08:09:4a:a5:49:01:0a:2b:db:cf:96:af:4a:3d:c8:
eb:f5:a5:23:5b:32:b5:90:19:57:55:97:ff:ee:c6:
f6:16:ef:7e:9b:42:97:6b:0a:41:b5:c4:46:60:e2:
5b:a9:ee:7f:e3:bc:d5:69:de:1e:b9:14:6f:ef:5f:
23:1f:d9:fc:f4:52:36:89:23:dc:25:6f:cb:c1:09:
e6:8c:8c:17:21:7a:35:b8:7b:40:0d:6a:35:01:33:
6a:ae:6f:2e:63:89:1f:cb:7e:03:13:e2:af:82:0d:
4a:0e:84:72:3f:1c:7e:97:c8:35:a0:bd:77:f4:ae:
cd:21:70:f7:80:3f:df:df:ce:d3:f1:a4:bd:9d:96:
46:d4:ca:04:67:5e:5d:44:6c:d3:d7:46:8f:f1:88:
56:05:c5:03:c8:ee:e7:40:c7:41:da:c6:68:6f:d3:
b2:bc:16:10:7f:0c:65:58:56:86:cc:43:8c:17:a3:
2d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:99:BD:63:02:B5:27:F5:6A:9B:93:BD:56:4E:43:86:9B:9D:2E:19
X509v3 Authority Key Identifier:
keyid:33:35:8B:45:1E:E0:FE:85:B0:04:A0:56:4F:83:10:FB:21:1C:95:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzWLRR7g_oWwBKBWT4MQ-yEclfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/Z5m9YwK1J_Vqm5O9Vk5DhpudLhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/9f18f8-96c4-4b23-931f-d5f047c29190/1/MzWLRR7g_oWwBKBWT4MQ-yEclfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.121.0-45.148.122.255
IPv6:
2a0f:5e00::/29
Signature Algorithm: sha256WithRSAEncryption
07:46:60:d2:00:0c:11:d3:d4:bc:f0:49:32:a6:31:3d:17:2c:
78:81:da:fe:cd:a1:c3:55:91:9d:e3:fe:48:96:57:a0:ae:a8:
8e:ec:e7:96:10:31:c3:44:c9:44:4a:64:af:64:2e:03:5e:ed:
3f:d7:ac:c6:10:3c:13:b3:79:9d:59:8d:42:e4:dc:7f:ec:aa:
29:e4:f8:16:87:03:d0:10:a2:74:5d:87:3a:13:e6:8d:89:00:
f8:ae:84:da:53:a8:c2:47:9f:23:85:66:ff:14:d4:94:4c:cd:
7c:7a:e3:b6:6a:75:47:8d:ec:6e:3d:90:2e:0a:07:71:a8:05:
7b:1a:c1:9b:25:3a:42:6b:61:48:ce:93:71:14:85:6a:b3:5a:
8f:4b:53:31:a3:e1:f8:b8:4f:71:86:23:b3:92:e7:98:68:71:
44:e1:2d:0c:8a:8e:ae:ea:7d:69:58:64:fd:6c:fb:65:94:fb:
19:6e:b3:86:12:29:38:b5:73:4a:08:28:4d:af:5f:87:99:98:
5d:23:0a:fa:13:7d:c3:c7:83:06:9f:a3:9c:18:38:07:9f:cd:
5f:da:bc:26:93:a6:ef:e6:ef:36:f0:39:be:ea:a3:6d:a8:b1:
52:c1:26:3f:de:55:e0:b6:f2:6b:19:32:3b:4b:37:d9:3a:66:
84:1c:86:af
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYeYIvkiirLSfYMJ22kZ3v/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzU4YjQ1MWVlMGZlODViMDA0YTA1NjRmODMxMGZiMjEx
Yzk1ZmEwHhcNMjMwNDE5MDYxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Nzk5YmQ2MzAyYjUyN2Y1NmE5YjkzYmQ1NjRlNDM4NjliOWQyZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ElPm2phIUiTly0H363YpQO9XOvA
ZJXja0rkXqKtYpew4sKOZxde9ZsOYk1UCGv2fSkpyUQdWQMozQc7d5STS28HjyiF
6oKmSAEICUqlSQEKK9vPlq9KPcjr9aUjWzK1kBlXVZf/7sb2Fu9+m0KXawpBtcRG
YOJbqe5/47zVad4euRRv718jH9n89FI2iSPcJW/LwQnmjIwXIXo1uHtADWo1ATNq
rm8uY4kfy34DE+Kvgg1KDoRyPxx+l8g1oL139K7NIXD3gD/f387T8aS9nZZG1MoE
Z15dRGzT10aP8YhWBcUDyO7nQMdB2sZob9OyvBYQfwxlWFaGzEOMF6MtMQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGeZvWMCtSf1apuTvVZOQ4abnS4ZMB8GA1UdIwQY
MBaAFDM1i0Ue4P6FsASgVk+DEPshHJX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpXTFJSN2dfb1d3QktCV1Q0TVEteUVjbGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85ZjE4ZjgtOTZjNC00YjIzLTkzMWYt
ZDVmMDQ3YzI5MTkwLzEvWjVtOVl3SzFKX1ZxbTVPOVZrNURocHVkTGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85ZjE4ZjgtOTZjNC00YjIzLTkzMWYtZDVmMDQ3YzI5MTkw
LzEvTXpXTFJSN2dfb1d3QktCV1Q0TVEteUVjbGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAtlHkD
BAAtlHowDQQCAAIwBwMFAyoPXgAwDQYJKoZIhvcNAQELBQADggEBAAdGYNIADBHT
1LzwSTKmMT0XLHiB2v7NocNVkZ3j/kiWV6CuqI7s55YQMcNEyURKZK9kLgNe7T/X
rMYQPBOzeZ1ZjULk3H/sqink+BaHA9AQonRdhzoT5o2JAPiuhNpTqMJHnyOFZv8U
1JRMzXx647ZqdUeN7G49kC4KB3GoBXsawZslOkJrYUjOk3EUhWqzWo9LUzGj4fi4
T3GGI7OS55hocUThLQyKjq7qfWlYZP1s+2WU+xlus4YSKTi1c0oIKE2vX4eZmF0j
CvoTfcPHgwafo5wYOAefzV/avCaTpu/m7zbwOb7qo22osVLBJj/eVeC28msZMjtL
N9k6ZoQchq8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:31:02 2024 by rpki-client on console.sobornost.net