Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/1FXPDX69_sDr0xVp3bRehyr3UAc.roa
File: 1FXPDX69_sDr0xVp3bRehyr3UAc.roa (raw, json)
Hash identifier: ZrgSlLz7KawjZ7Ph7mKrjdEq+FJ2ofihehChhjLo6+c=
Subject key identifier: D4:55:CF:0D:7E:BD:FE:C0:EB:D3:15:69:DD:B4:5E:87:2A:F7:50:07
Certificate issuer: /CN=8f7d90abcdde0bc6f0bcaaf21cec3a4f2acfae4f
Certificate serial: 0189203CE985C6E8DBC17679B0D8533BB6BC
Authority key identifier: 8F:7D:90:AB:CD:DE:0B:C6:F0:BC:AA:F2:1C:EC:3A:4F:2A:CF:AE:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/1FXPDX69_sDr0xVp3bRehyr3UAc.roa
Signing time: Tue 04 Jul 2023 09:30:10 +0000
ROA not before: Tue 04 Jul 2023 09:30:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62229
IP address blocks: 178.22.72.0/21 maxlen: 24
45.157.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:20:3c:e9:85:c6:e8:db:c1:76:79:b0:d8:53:3b:b6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f7d90abcdde0bc6f0bcaaf21cec3a4f2acfae4f
Validity
Not Before: Jul 4 09:30:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d455cf0d7ebdfec0ebd31569ddb45e872af75007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ca:a6:85:2f:33:e3:43:7d:08:15:07:4e:c0:
4e:0a:92:55:ea:b2:87:e9:f1:0d:e0:0f:0c:73:3c:
c4:a4:56:da:5e:c8:b4:55:8b:a9:42:8e:1f:a0:27:
4e:46:84:a4:62:0c:da:84:84:4a:52:20:bb:00:52:
ee:d8:14:73:2c:14:22:ae:e7:4a:91:9a:8f:95:4c:
e6:3f:d5:4f:20:92:3e:ad:9d:48:41:4d:62:a8:f9:
0b:f2:6f:35:e5:5f:9c:ca:eb:2c:cc:7e:6c:8c:74:
57:d0:f3:2d:1a:1d:e4:1a:8a:1f:c2:f3:c3:bf:c1:
8f:df:b5:b6:64:96:71:39:53:e6:67:86:fd:c5:c0:
87:84:aa:a1:5c:4f:91:ee:c2:64:03:79:a6:30:a2:
50:75:6e:ed:be:22:06:b3:30:83:fb:8c:f2:5d:68:
a0:93:8e:ad:8c:a8:b9:fa:43:29:42:72:dd:c1:93:
e4:b9:d4:50:a0:7f:13:9b:ea:f6:d2:28:ad:a9:d0:
c4:33:85:e5:95:04:4b:bf:97:3b:7a:bb:fd:bf:06:
c1:d9:1d:38:45:cc:26:5d:ca:fb:bd:25:da:68:e5:
90:99:18:68:1e:3b:6a:f7:68:45:24:46:b8:22:52:
3c:09:c0:20:a2:cf:5d:76:2b:55:36:9d:2d:24:05:
a7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:55:CF:0D:7E:BD:FE:C0:EB:D3:15:69:DD:B4:5E:87:2A:F7:50:07
X509v3 Authority Key Identifier:
keyid:8F:7D:90:AB:CD:DE:0B:C6:F0:BC:AA:F2:1C:EC:3A:4F:2A:CF:AE:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j32Qq83eC8bwvKryHOw6TyrPrk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/1FXPDX69_sDr0xVp3bRehyr3UAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/30b0bb-898c-4289-9124-37e32eaa7667/1/j32Qq83eC8bwvKryHOw6TyrPrk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.244.0/22
178.22.72.0/21
Signature Algorithm: sha256WithRSAEncryption
52:6d:a6:d9:44:f7:0d:46:5b:e0:f0:65:c4:4d:d1:58:61:a5:
4c:4d:a3:d3:b6:15:98:b9:ad:ce:73:88:2e:c0:8e:5f:d6:e2:
0b:8d:62:2b:71:9d:46:7b:71:2e:05:92:cf:3b:40:da:22:85:
ee:da:dd:88:cb:2c:7b:8b:a6:d1:49:38:bf:3b:79:47:b2:4f:
74:ca:a0:1d:a2:b6:71:86:6c:75:ed:f8:84:d8:65:4f:ee:49:
01:82:61:f2:f1:0f:f1:ee:dd:6f:af:db:25:51:22:81:da:04:
52:91:de:4e:a9:8e:c1:ac:cf:a1:56:57:61:55:65:31:69:67:
10:ed:ea:bc:9f:bd:2a:3e:9c:d9:36:d3:f2:66:02:9c:ee:12:
e8:45:a9:5d:08:57:ff:e4:d2:87:f3:a7:aa:d6:85:50:17:b4:
7d:19:e6:78:21:4e:9b:37:b0:0a:e7:34:db:92:e2:ab:25:4b:
80:ec:26:af:b8:d1:ec:8d:32:4f:c0:89:56:db:09:2d:98:a7:
fb:5b:03:89:e4:a7:44:08:87:0a:9c:ca:21:e7:6f:be:d4:8e:
21:c0:29:89:30:47:46:d8:40:33:68:30:16:66:e2:83:65:78:
da:1e:77:cb:d3:62:4d:33:6c:0f:28:86:59:a0:9e:80:50:14:
15:43:fa:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkgPOmFxujbwXZ5sNhTO7a8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmN2Q5MGFiY2RkZTBiYzZmMGJjYWFmMjFjZWMzYTRmMmFj
ZmFlNGYwHhcNMjMwNzA0MDkzMDEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDU1Y2YwZDdlYmRmZWMwZWJkMzE1NjlkZGI0NWU4NzJhZjc1MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8qmhS8z40N9CBUHTsBOCpJV6rKH
6fEN4A8MczzEpFbaXsi0VYupQo4foCdORoSkYgzahIRKUiC7AFLu2BRzLBQirudK
kZqPlUzmP9VPIJI+rZ1IQU1iqPkL8m815V+cyusszH5sjHRX0PMtGh3kGoofwvPD
v8GP37W2ZJZxOVPmZ4b9xcCHhKqhXE+R7sJkA3mmMKJQdW7tviIGszCD+4zyXWig
k46tjKi5+kMpQnLdwZPkudRQoH8Tm+r20iitqdDEM4XllQRLv5c7erv9vwbB2R04
RcwmXcr7vSXaaOWQmRhoHjtq92hFJEa4IlI8CcAgos9dditVNp0tJAWn5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRVzw1+vf7A69MVad20Xocq91AHMB8GA1UdIwQY
MBaAFI99kKvN3gvG8Lyq8hzsOk8qz65PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zMGIwYmItODk4Yy00Mjg5LTkxMjQt
MzdlMzJlYWE3NjY3LzEvMUZYUERYNjlfc0RyMHhWcDNiUmVoeXIzVUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zMGIwYmItODk4Yy00Mjg5LTkxMjQtMzdlMzJlYWE3NjY3
LzEvajMyUXE4M2VDOGJ3dktyeUhPdzZUeXJQcms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZ30AwQD
shZIMA0GCSqGSIb3DQEBCwUAA4IBAQBSbabZRPcNRlvg8GXETdFYYaVMTaPTthWY
ua3Oc4guwI5f1uILjWIrcZ1Ge3EuBZLPO0DaIoXu2t2Iyyx7i6bRSTi/O3lHsk90
yqAdorZxhmx17fiE2GVP7kkBgmHy8Q/x7t1vr9slUSKB2gRSkd5OqY7BrM+hVldh
VWUxaWcQ7eq8n70qPpzZNtPyZgKc7hLoRaldCFf/5NKH86eq1oVQF7R9GeZ4IU6b
N7AK5zTbkuKrJUuA7CavuNHsjTJPwIlW2wktmKf7WwOJ5KdECIcKnMoh52++1I4h
wCmJMEdG2EAzaDAWZuKDZXjaHnfL02JNM2wPKIZZoJ6AUBQVQ/rf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:00 2024 by rpki-client on console-fra.rpki-client.org