Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/5YPDSOAl_W6p2u02kwngsLrwqgk.roa
File: 5YPDSOAl_W6p2u02kwngsLrwqgk.roa (raw, json)
Hash identifier: qORNWVryjqfFZ2k4f//DP2Fo/tNKH30GO/sAcw6AWU0=
Subject key identifier: E5:83:C3:48:E0:25:FD:6E:A9:DA:ED:36:93:09:E0:B0:BA:F0:AA:09
Certificate issuer: /CN=8f8685dbadffb01ddcce6c4d82a97f33c040ed2d
Certificate serial: 01857315F3CF00995A186AD1B686648B7395
Authority key identifier: 8F:86:85:DB:AD:FF:B0:1D:DC:CE:6C:4D:82:A9:7F:33:C0:40:ED:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j4aF263_sB3czmxNgql_M8BA7S0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/5YPDSOAl_W6p2u02kwngsLrwqgk.roa
Signing time: Mon 02 Jan 2023 15:24:56 +0000
ROA not before: Mon 02 Jan 2023 15:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208262
IP address blocks: 45.150.136.0/22 maxlen: 22
2a0f:c600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f3:cf:00:99:5a:18:6a:d1:b6:86:64:8b:73:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8685dbadffb01ddcce6c4d82a97f33c040ed2d
Validity
Not Before: Jan 2 15:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e583c348e025fd6ea9daed369309e0b0baf0aa09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8f:4b:90:ca:29:3f:69:d7:3d:3e:fb:50:44:
17:91:6c:ec:07:4f:f1:ce:92:c6:e7:16:9e:3c:a1:
e0:cc:a4:6f:e1:f7:e0:b6:64:dc:fa:c8:a3:24:46:
02:1a:55:58:f2:0e:a6:e1:01:7d:ed:a0:77:98:de:
4b:d6:55:5c:dd:f6:d2:52:33:5e:b9:93:de:9d:88:
3a:32:b0:76:4d:e0:e7:27:83:e9:19:0f:9e:c3:66:
5b:e1:14:6f:4b:8b:5a:be:8c:89:83:dd:82:23:f6:
9e:8f:22:d9:2f:0c:e2:87:21:1a:a9:fe:04:c6:30:
e7:f0:05:61:80:28:0d:a6:a2:d3:d3:07:70:8a:42:
5f:ff:8a:d3:b6:2e:8e:2a:20:a0:9f:8b:2d:5c:d2:
3a:9b:bd:82:82:cd:80:48:9d:46:ec:43:4a:a7:e9:
12:d6:ba:83:99:f7:85:74:f7:22:04:09:70:18:99:
d3:84:12:18:35:14:f8:76:fc:19:bc:62:b0:d4:fe:
e1:2c:6e:7b:23:98:01:60:4a:0a:33:71:79:6a:fd:
62:e4:3e:8d:fd:78:69:12:9e:fe:7a:1e:27:1e:46:
07:b0:81:27:37:22:c3:bb:e0:dc:4d:3a:29:69:b0:
d3:38:d0:d5:7a:f9:0f:08:8e:cd:a9:76:e1:69:63:
8a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:83:C3:48:E0:25:FD:6E:A9:DA:ED:36:93:09:E0:B0:BA:F0:AA:09
X509v3 Authority Key Identifier:
keyid:8F:86:85:DB:AD:FF:B0:1D:DC:CE:6C:4D:82:A9:7F:33:C0:40:ED:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j4aF263_sB3czmxNgql_M8BA7S0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/5YPDSOAl_W6p2u02kwngsLrwqgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/712f03-afe9-4f65-acec-67cfe3067b2a/1/j4aF263_sB3czmxNgql_M8BA7S0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.136.0/22
IPv6:
2a0f:c600::/29
Signature Algorithm: sha256WithRSAEncryption
43:bf:a4:8f:63:5b:e6:4c:5a:d0:f1:ba:80:9c:37:3d:1c:d4:
8e:5d:2a:8d:b9:cc:e3:ba:26:2d:4c:34:7c:bd:ce:4a:ce:3a:
b9:ef:74:3c:db:76:ec:7b:5e:24:05:0f:76:80:61:e6:28:78:
fc:dc:0b:25:a7:d5:25:56:9c:c8:be:73:c7:8f:83:6f:67:b6:
f7:69:33:b3:02:df:67:de:85:ea:f3:91:8d:c9:34:3f:1b:9d:
3d:c5:7c:b9:fa:04:b1:25:5b:3a:23:63:d9:e0:29:19:23:ea:
ec:e2:eb:06:7b:63:a8:27:ac:64:a3:18:00:b4:0b:89:33:52:
2e:ee:db:92:91:f1:ba:f3:7a:c4:5b:ff:57:3d:ae:87:04:11:
ae:e8:ac:e4:c6:c6:7c:0b:08:b5:08:f0:e7:5e:40:81:9d:84:
27:51:35:66:55:bd:6c:78:ed:8f:ef:23:f6:cd:d1:cf:73:43:
b4:13:5d:aa:59:7d:a8:a2:0d:52:0a:bb:6f:53:e9:ce:27:96:
98:6e:6b:57:8c:98:24:cb:74:1b:0e:bf:24:6f:9d:97:d2:a8:
76:a3:78:b4:a4:06:7b:dd:be:8d:b0:2f:b5:ba:6b:c1:21:6c:
fc:83:26:d9:cc:47:f6:f8:e9:27:a2:40:3c:69:9f:eb:20:d0:
4e:19:1f:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzFfPPAJlaGGrRtoZki3OVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmODY4NWRiYWRmZmIwMWRkY2NlNmM0ZDgyYTk3ZjMzYzA0
MGVkMmQwHhcNMjMwMTAyMTUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTgzYzM0OGUwMjVmZDZlYTlkYWVkMzY5MzA5ZTBiMGJhZjBhYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn49LkMopP2nXPT77UEQXkWzsB0/x
zpLG5xaePKHgzKRv4ffgtmTc+sijJEYCGlVY8g6m4QF97aB3mN5L1lVc3fbSUjNe
uZPenYg6MrB2TeDnJ4PpGQ+ew2Zb4RRvS4tavoyJg92CI/aejyLZLwzihyEaqf4E
xjDn8AVhgCgNpqLT0wdwikJf/4rTti6OKiCgn4stXNI6m72Cgs2ASJ1G7ENKp+kS
1rqDmfeFdPciBAlwGJnThBIYNRT4dvwZvGKw1P7hLG57I5gBYEoKM3F5av1i5D6N
/XhpEp7+eh4nHkYHsIEnNyLDu+DcTTopabDTONDVevkPCI7NqXbhaWOKWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOWDw0jgJf1uqdrtNpMJ4LC68KoJMB8GA1UdIwQY
MBaAFI+Ghdut/7Ad3M5sTYKpfzPAQO0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajRhRjI2M19zQjNjem14TmdxbF9NOEJBN1MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83MTJmMDMtYWZlOS00ZjY1LWFjZWMt
NjdjZmUzMDY3YjJhLzEvNVlQRFNPQWxfVzZwMnUwMmt3bmdzTHJ3cWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83MTJmMDMtYWZlOS00ZjY1LWFjZWMtNjdjZmUzMDY3YjJh
LzEvajRhRjI2M19zQjNjem14TmdxbF9NOEJBN1MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZaIMA0E
AgACMAcDBQMqD8YAMA0GCSqGSIb3DQEBCwUAA4IBAQBDv6SPY1vmTFrQ8bqAnDc9
HNSOXSqNuczjuiYtTDR8vc5Kzjq573Q823bse14kBQ92gGHmKHj83Aslp9UlVpzI
vnPHj4NvZ7b3aTOzAt9n3oXq85GNyTQ/G509xXy5+gSxJVs6I2PZ4CkZI+rs4usG
e2OoJ6xkoxgAtAuJM1Iu7tuSkfG683rEW/9XPa6HBBGu6KzkxsZ8Cwi1CPDnXkCB
nYQnUTVmVb1seO2P7yP2zdHPc0O0E12qWX2oog1SCrtvU+nOJ5aYbmtXjJgky3Qb
Dr8kb52X0qh2o3i0pAZ73b6NsC+1umvBIWz8gybZzEf2+OknokA8aZ/rINBOGR9G
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:04 2024 by rpki-client on console.sobornost.net