Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/2kqM9kPugeVHFNicwXTASE6WCyE.roa
File: 2kqM9kPugeVHFNicwXTASE6WCyE.roa (raw, json)
Hash identifier: ysjY+CjrMKdhL9h6G0YWudv5GuQMzxD/DQfVj97Tf9w=
Subject key identifier: DA:4A:8C:F6:43:EE:81:E5:47:14:D8:9C:C1:74:C0:48:4E:96:0B:21
Certificate issuer: /CN=a566d8337776c98746bd231e69e185db2a9a5be2
Certificate serial: 0185EAF7E7B9295DF5FAE02ABB63C72777CA
Authority key identifier: A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/2kqM9kPugeVHFNicwXTASE6WCyE.roa
Signing time: Wed 25 Jan 2023 22:06:33 +0000
ROA not before: Wed 25 Jan 2023 22:06:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208608
IP address blocks: 45.91.204.0/22 maxlen: 24
45.128.17.0/24 maxlen: 24
45.128.16.0/22 maxlen: 24
2a0e:1540::/29 maxlen: 48
2a0e:3bc0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ea:f7:e7:b9:29:5d:f5:fa:e0:2a:bb:63:c7:27:77:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a566d8337776c98746bd231e69e185db2a9a5be2
Validity
Not Before: Jan 25 22:06:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da4a8cf643ee81e54714d89cc174c0484e960b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6d:fb:16:84:38:8d:7e:16:07:fa:fb:fc:a7:
6a:71:7e:23:e7:f4:e2:78:e6:f8:13:3f:30:18:4b:
9b:6f:b3:26:c9:ca:84:42:39:27:e9:69:f8:09:27:
3d:af:f6:8a:ed:10:19:64:33:02:12:b5:0f:a2:04:
47:de:11:63:88:6c:fd:28:4b:9e:4b:79:fd:8e:9a:
9c:f3:9a:07:bd:cf:32:fb:f3:7f:b8:53:b7:9a:ff:
f6:d5:b3:e1:69:94:88:37:2d:c8:0b:10:fe:8c:ca:
5e:5e:a8:8f:a6:85:66:e6:de:9a:60:3b:24:6f:aa:
ab:bc:3e:b5:94:bf:13:c7:4a:39:8b:7a:d3:fc:31:
d5:41:47:b8:f3:d8:59:59:98:f2:ca:4d:91:64:c5:
7e:48:86:15:5e:92:59:6f:92:00:a5:5d:67:84:db:
dc:f3:2a:87:af:4a:f2:45:e6:e9:81:49:bd:50:cf:
8c:ac:4c:e1:f6:f3:17:d5:53:42:0c:f4:d4:cd:88:
dd:19:0f:ef:95:5d:2a:22:c6:2b:f7:ea:b9:46:76:
65:85:c5:52:4e:ba:90:8d:4c:c7:62:4a:6f:b5:38:
b2:a1:f3:68:98:56:9d:64:3d:b2:d7:a4:9b:18:63:
d5:c0:56:d2:19:c9:e8:31:e5:60:43:e5:2c:09:1e:
75:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4A:8C:F6:43:EE:81:E5:47:14:D8:9C:C1:74:C0:48:4E:96:0B:21
X509v3 Authority Key Identifier:
keyid:A5:66:D8:33:77:76:C9:87:46:BD:23:1E:69:E1:85:DB:2A:9A:5B:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWbYM3d2yYdGvSMeaeGF2yqaW-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/2kqM9kPugeVHFNicwXTASE6WCyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/0168ac-342c-4dd0-91a8-1b75867e8dff/1/pWbYM3d2yYdGvSMeaeGF2yqaW-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.204.0/22
45.128.16.0/22
IPv6:
2a0e:1540::/29
2a0e:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
3d:59:8f:1b:a2:7d:b7:43:26:5e:16:6f:41:62:02:3f:11:bb:
3e:d0:5f:98:5a:97:c7:d6:85:59:18:d9:1e:98:78:9a:c8:85:
51:80:87:e2:d5:77:d5:24:87:fe:80:5a:23:2d:b1:f7:61:50:
0f:63:bb:1f:99:c3:7d:54:2e:87:13:73:d6:37:1a:67:0a:42:
89:8b:38:df:32:c4:80:61:ea:ca:b1:03:85:6c:43:de:5a:ce:
48:c2:1d:27:26:c6:15:c9:d1:5b:18:6b:f3:7e:66:1a:b0:bc:
30:ad:8c:89:68:e5:06:0d:5a:3a:8d:ec:fd:f2:88:19:e1:5a:
79:11:97:e1:21:24:48:d7:67:99:4e:a9:fe:f7:75:f6:81:a7:
b3:b3:f0:c0:e2:d6:e0:c8:96:49:12:36:bd:36:3e:98:17:5a:
c3:0d:34:47:8b:56:b6:8d:03:a1:e5:48:1f:41:43:d5:4a:ce:
22:55:3d:f2:35:7c:55:98:e2:bd:92:0a:09:42:f9:a8:0f:2e:
29:e8:05:97:f9:61:9d:53:49:18:ac:43:f0:ce:09:4d:72:6b:
3a:00:e4:50:05:ee:41:1a:13:e4:0f:0d:90:91:1c:04:7e:e7:
7a:44:0e:db:08:31:92:6a:96:17:13:f6:d4:17:00:88:d7:27:
a5:44:92:63
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYXq9+e5KV31+uAqu2PHJ3fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjZkODMzNzc3NmM5ODc0NmJkMjMxZTY5ZTE4NWRiMmE5
YTViZTIwHhcNMjMwMTI1MjIwNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRhOGNmNjQzZWU4MWU1NDcxNGQ4OWNjMTc0YzA0ODRlOTYwYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv237FoQ4jX4WB/r7/KdqcX4j5/Ti
eOb4Ez8wGEubb7MmycqEQjkn6Wn4CSc9r/aK7RAZZDMCErUPogRH3hFjiGz9KEue
S3n9jpqc85oHvc8y+/N/uFO3mv/21bPhaZSINy3ICxD+jMpeXqiPpoVm5t6aYDsk
b6qrvD61lL8Tx0o5i3rT/DHVQUe489hZWZjyyk2RZMV+SIYVXpJZb5IApV1nhNvc
8yqHr0ryRebpgUm9UM+MrEzh9vMX1VNCDPTUzYjdGQ/vlV0qIsYr9+q5RnZlhcVS
TrqQjUzHYkpvtTiyofNomFadZD2y16SbGGPVwFbSGcnoMeVgQ+UsCR51GwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNpKjPZD7oHlRxTYnMF0wEhOlgshMB8GA1UdIwQY
MBaAFKVm2DN3dsmHRr0jHmnhhdsqmlviMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgt
MWI3NTg2N2U4ZGZmLzEvMmtxTTlrUHVnZVZIRk5pY3dYVEFTRTZXQ3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8wMTY4YWMtMzQyYy00ZGQwLTkxYTgtMWI3NTg2N2U4ZGZm
LzEvcFdiWU0zZDJ5WWRHdlNNZWFlR0YyeXFhVy1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVvMAwQC
LYAQMBQEAgACMA4DBQMqDhVAAwUDKg47wDANBgkqhkiG9w0BAQsFAAOCAQEAPVmP
G6J9t0MmXhZvQWICPxG7PtBfmFqXx9aFWRjZHph4msiFUYCH4tV31SSH/oBaIy2x
92FQD2O7H5nDfVQuhxNz1jcaZwpCiYs43zLEgGHqyrEDhWxD3lrOSMIdJybGFcnR
Wxhr835mGrC8MK2MiWjlBg1aOo3s/fKIGeFaeRGX4SEkSNdnmU6p/vd19oGns7Pw
wOLW4MiWSRI2vTY+mBdaww00R4tWto0DoeVIH0FD1UrOIlU98jV8VZjivZIKCUL5
qA8uKegFl/lhnVNJGKxD8M4JTXJrOgDkUAXuQRoT5A8NkJEcBH7nekQO2wgxkmqW
FxP21BcAiNcnpUSSYw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:08 2024 by rpki-client on console.sobornost.net