Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/pmr4q4YLFN5yTMijdNCSSgv3lrI.roa
File: pmr4q4YLFN5yTMijdNCSSgv3lrI.roa (raw, json)
Hash identifier: go4VSglaGUNE9O1BTSSq0r9YVThIKamMUWe6Ohz/KX0=
Subject key identifier: A6:6A:F8:AB:86:0B:14:DE:72:4C:C8:A3:74:D0:92:4A:0B:F7:96:B2
Certificate issuer: /CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Certificate serial: 0185730C9F206E4A6654F38212F9B8C90B99
Authority key identifier: 6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/pmr4q4YLFN5yTMijdNCSSgv3lrI.roa
Signing time: Mon 02 Jan 2023 15:14:44 +0000
ROA not before: Mon 02 Jan 2023 15:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211858
IP address blocks: 45.67.82.0/24 maxlen: 24
2a10:c704::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:9f:20:6e:4a:66:54:f3:82:12:f9:b8:c9:0b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfecfa0e6692595cfbea5266076e8e53efd9461
Validity
Not Before: Jan 2 15:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a66af8ab860b14de724cc8a374d0924a0bf796b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:39:8a:3a:83:d5:a8:93:fb:0a:c1:e6:3a:3a:
f5:17:8c:3a:b9:32:6a:1e:fd:46:92:fe:dd:e2:a6:
3c:ed:db:03:73:78:cb:3a:2d:bb:11:63:61:1a:23:
9d:d5:23:b8:8f:a9:19:9e:0d:aa:31:cd:92:25:1d:
4b:31:42:a7:1a:44:0e:4a:44:8b:69:65:01:a2:21:
55:32:61:5d:6b:87:aa:93:32:b9:3b:e5:89:3a:eb:
a3:41:7e:4c:42:6e:4b:97:7a:7c:a8:70:75:d6:b4:
57:e4:9e:b8:3b:04:1f:eb:67:96:f0:a5:22:f6:11:
6f:6e:c3:0e:c4:dc:29:5c:7c:01:ef:8f:c6:c2:ca:
0e:50:83:a0:30:73:59:0f:b3:c5:5b:9a:10:49:e5:
bc:02:e7:b4:03:76:41:f1:45:ec:3a:98:53:23:29:
ec:9e:e1:45:b6:62:dd:17:f3:d6:a4:f7:ad:e8:c3:
71:9a:00:3f:42:6a:b2:cf:9e:d2:e3:ad:3a:f2:17:
17:f4:25:a4:1f:73:af:d3:1c:62:10:ae:52:4a:46:
29:86:2e:43:bf:c8:98:40:bb:1e:68:b9:cf:b2:22:
67:34:5e:46:d7:30:af:e9:c1:8c:08:12:0b:3f:f2:
a2:5a:78:ec:2f:35:8d:fd:19:53:38:94:9c:4b:58:
b1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6A:F8:AB:86:0B:14:DE:72:4C:C8:A3:74:D0:92:4A:0B:F7:96:B2
X509v3 Authority Key Identifier:
keyid:6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/pmr4q4YLFN5yTMijdNCSSgv3lrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.82.0/24
IPv6:
2a10:c704::/32
Signature Algorithm: sha256WithRSAEncryption
34:fe:8e:3d:b7:f5:20:67:75:0f:e0:d0:03:22:7c:a1:88:f2:
c8:2e:c5:a2:81:5a:da:6f:de:40:f9:61:df:86:17:f0:a6:89:
86:a8:74:93:fc:23:ad:12:91:a2:2c:6a:82:ba:65:00:22:df:
7a:72:4b:7f:e8:9e:6f:0e:ce:94:bc:67:33:ec:bf:e8:19:8c:
8f:15:21:7e:fa:2e:c8:25:ca:25:5c:5a:5d:5e:07:16:7a:c6:
73:7f:9f:4f:3e:e0:ca:ff:c5:93:53:66:8b:42:ae:e6:a9:95:
89:98:6a:92:e1:34:da:a2:f5:8e:50:e8:8c:6b:db:7e:5a:79:
f9:58:33:84:88:88:c9:c2:86:04:c1:67:2f:dc:5b:65:90:ba:
96:c3:57:d3:b9:59:51:9a:37:ae:2a:fb:75:3d:77:40:5b:b3:
06:d0:64:85:e4:d0:f2:ee:b4:a3:9c:39:93:2e:e3:f2:ad:fd:
33:06:63:64:5c:9a:3f:82:ba:3a:e0:9d:13:2d:aa:26:e8:59:
5b:23:6c:36:e3:94:92:de:02:81:a2:d8:69:1d:6d:6b:c2:ee:
ed:e9:e7:3e:50:2c:7b:af:61:1d:29:6f:7e:01:66:16:a2:f4:
25:87:65:31:19:9b:e9:c2:87:46:47:9e:8e:6c:ce:0f:b7:61:
c4:81:48:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzDJ8gbkpmVPOCEvm4yQuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmVjZmEwZTY2OTI1OTVjZmJlYTUyNjYwNzZlOGU1M2Vm
ZDk0NjEwHhcNMjMwMTAyMTUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZhZjhhYjg2MGIxNGRlNzI0Y2M4YTM3NGQwOTI0YTBiZjc5NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojmKOoPVqJP7CsHmOjr1F4w6uTJq
Hv1Gkv7d4qY87dsDc3jLOi27EWNhGiOd1SO4j6kZng2qMc2SJR1LMUKnGkQOSkSL
aWUBoiFVMmFda4eqkzK5O+WJOuujQX5MQm5Ll3p8qHB11rRX5J64OwQf62eW8KUi
9hFvbsMOxNwpXHwB74/GwsoOUIOgMHNZD7PFW5oQSeW8Aue0A3ZB8UXsOphTIyns
nuFFtmLdF/PWpPet6MNxmgA/Qmqyz57S46068hcX9CWkH3Ov0xxiEK5SSkYphi5D
v8iYQLseaLnPsiJnNF5G1zCv6cGMCBILP/KiWnjsLzWN/RlTOJScS1ixUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKZq+KuGCxTeckzIo3TQkkoL95ayMB8GA1UdIwQY
MBaAFG3+z6DmaSWVz76lJmB26OU+/ZRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMt
Zjk4OGQ0OGU1MWU4LzEvcG1yNHE0WUxGTjV5VE1pamROQ1NTZ3YzbHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMtZjk4OGQ0OGU1MWU4
LzEvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALUNSMA0E
AgACMAcDBQAqEMcEMA0GCSqGSIb3DQEBCwUAA4IBAQA0/o49t/UgZ3UP4NADInyh
iPLILsWigVrab95A+WHfhhfwpomGqHST/COtEpGiLGqCumUAIt96ckt/6J5vDs6U
vGcz7L/oGYyPFSF++i7IJcolXFpdXgcWesZzf59PPuDK/8WTU2aLQq7mqZWJmGqS
4TTaovWOUOiMa9t+Wnn5WDOEiIjJwoYEwWcv3FtlkLqWw1fTuVlRmjeuKvt1PXdA
W7MG0GSF5NDy7rSjnDmTLuPyrf0zBmNkXJo/gro64J0TLaom6FlbI2w245SS3gKB
othpHW1rwu7t6ec+UCx7r2EdKW9+AWYWovQlh2UxGZvpwodGR56ObM4Pt2HEgUg4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:09 2024 by rpki-client on console-ams.rpki-client.org