Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0fdf9e-f53f-467d-bc8c-3a563c210a55/1/HrqCkfPLOB0uIxdlWs2WdIRfpxo.roa
File: HrqCkfPLOB0uIxdlWs2WdIRfpxo.roa (raw, json)
Hash identifier: yvsJRr/m8zN8380H6Nv8X5Wv5M34mKjsPf3EO3qHYIE=
Subject key identifier: 1E:BA:82:91:F3:CB:38:1D:2E:23:17:65:5A:CD:96:74:84:5F:A7:1A
Certificate issuer: /CN=a3a985c39e3e911b980e93a06640157e9e052d23
Certificate serial: 01876F2AF84714ED59ECEB97D2F7245CB3E9
Authority key identifier: A3:A9:85:C3:9E:3E:91:1B:98:0E:93:A0:66:40:15:7E:9E:05:2D:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6mFw54-kRuYDpOgZkAVfp4FLSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0fdf9e-f53f-467d-bc8c-3a563c210a55/1/HrqCkfPLOB0uIxdlWs2WdIRfpxo.roa
Signing time: Tue 11 Apr 2023 07:14:59 +0000
ROA not before: Tue 11 Apr 2023 07:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42864
IP address blocks: 45.66.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:2a:f8:47:14:ed:59:ec:eb:97:d2:f7:24:5c:b3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3a985c39e3e911b980e93a06640157e9e052d23
Validity
Not Before: Apr 11 07:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eba8291f3cb381d2e2317655acd9674845fa71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f4:92:45:c1:5d:43:ba:85:08:50:a3:0c:4e:
fe:7c:f3:ac:22:59:07:fa:a5:73:34:01:24:96:f4:
68:2d:a5:07:5d:72:4d:cb:de:44:62:06:4d:13:38:
7b:e4:85:75:09:03:f4:34:86:d2:ba:a9:9c:e5:bb:
e8:51:91:c7:bd:83:ed:fd:11:75:4f:c5:f5:77:98:
38:4b:5e:61:29:3a:45:02:3d:25:bd:a5:0c:98:da:
48:d7:e2:d4:66:6e:27:c6:e7:12:a6:0e:f3:af:90:
48:56:9b:48:0d:4f:7a:e0:03:eb:b6:08:1e:f1:a2:
ad:16:7d:fd:be:49:e9:11:4b:87:67:75:ab:e4:58:
50:47:2a:51:5b:90:07:14:ce:d8:3e:46:23:66:b3:
62:bf:96:af:51:ec:9a:aa:89:db:fa:ca:f7:9d:08:
2a:3a:b2:3a:95:ea:d9:99:bb:1f:07:8d:3e:7b:0f:
24:ca:ff:2b:51:79:1e:75:3f:2d:db:39:82:e7:a0:
bc:ac:56:a5:a7:57:ae:16:29:0f:9f:4a:bc:e5:da:
8c:a9:a4:2d:7f:85:60:d1:61:2f:10:4d:fe:dd:7b:
9e:bf:73:0d:54:6f:d9:11:6c:16:9d:73:d0:52:4c:
b2:7c:ab:d3:f3:b2:e3:e0:da:80:0b:09:17:23:86:
84:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BA:82:91:F3:CB:38:1D:2E:23:17:65:5A:CD:96:74:84:5F:A7:1A
X509v3 Authority Key Identifier:
keyid:A3:A9:85:C3:9E:3E:91:1B:98:0E:93:A0:66:40:15:7E:9E:05:2D:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6mFw54-kRuYDpOgZkAVfp4FLSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0fdf9e-f53f-467d-bc8c-3a563c210a55/1/HrqCkfPLOB0uIxdlWs2WdIRfpxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0fdf9e-f53f-467d-bc8c-3a563c210a55/1/o6mFw54-kRuYDpOgZkAVfp4FLSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.104.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:f9:80:cc:ac:fd:dd:99:4b:e5:8c:04:c2:89:12:20:2a:e9:
a9:e8:40:ef:a0:ad:3a:43:f3:5b:2c:d2:cc:86:0f:fd:71:d2:
90:f3:22:e8:02:7e:c6:d6:55:7c:26:b2:53:b1:d5:33:17:be:
f6:ac:69:68:27:fe:c8:24:87:0b:a8:af:8d:8b:ff:53:17:a0:
51:22:1d:bc:10:b0:62:2a:9e:f5:06:0e:95:bd:20:cc:01:4b:
b4:77:e0:37:da:12:71:41:c7:22:52:2f:9b:46:d1:a9:0d:07:
eb:df:d3:6b:9e:b2:01:ed:23:82:03:e1:96:7f:52:d1:b6:34:
f9:89:ff:f6:b1:36:5e:c8:a3:18:66:05:93:2d:9b:e2:cc:cd:
ac:3c:c7:1d:5b:f6:52:00:3f:e4:66:a2:55:eb:d0:46:61:53:
5c:2e:a5:bd:96:72:7b:63:62:e6:12:fd:9f:0c:73:87:e3:f2:
a1:d3:5c:2d:3e:bb:c6:99:c0:e5:e6:88:bd:ec:14:22:e0:01:
0b:29:da:9b:8d:8f:96:09:72:f6:56:00:16:17:b2:b0:53:85:
52:1a:14:6f:3d:95:33:6c:eb:e8:0f:6c:f8:7e:a6:f8:63:91:
b6:12:9c:42:ab:66:ce:8a:2e:aa:57:74:d1:71:3b:c0:61:f0:
bd:1f:3c:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdvKvhHFO1Z7OuX0vckXLPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYTk4NWMzOWUzZTkxMWI5ODBlOTNhMDY2NDAxNTdlOWUw
NTJkMjMwHhcNMjMwNDExMDcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWJhODI5MWYzY2IzODFkMmUyMzE3NjU1YWNkOTY3NDg0NWZhNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPSSRcFdQ7qFCFCjDE7+fPOsIlkH
+qVzNAEklvRoLaUHXXJNy95EYgZNEzh75IV1CQP0NIbSuqmc5bvoUZHHvYPt/RF1
T8X1d5g4S15hKTpFAj0lvaUMmNpI1+LUZm4nxucSpg7zr5BIVptIDU964APrtgge
8aKtFn39vknpEUuHZ3Wr5FhQRypRW5AHFM7YPkYjZrNiv5avUeyaqonb+sr3nQgq
OrI6lerZmbsfB40+ew8kyv8rUXkedT8t2zmC56C8rFalp1euFikPn0q85dqMqaQt
f4Vg0WEvEE3+3Xuev3MNVG/ZEWwWnXPQUkyyfKvT87Lj4NqACwkXI4aE3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB66gpHzyzgdLiMXZVrNlnSEX6caMB8GA1UdIwQY
MBaAFKOphcOePpEbmA6ToGZAFX6eBS0jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZtRnc1NC1rUnVZRHBPZ1prQVZmcDRGTFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wZmRmOWUtZjUzZi00NjdkLWJjOGMt
M2E1NjNjMjEwYTU1LzEvSHJxQ2tmUExPQjB1SXhkbFdzMldkSVJmcHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wZmRmOWUtZjUzZi00NjdkLWJjOGMtM2E1NjNjMjEwYTU1
LzEvbzZtRnc1NC1rUnVZRHBPZ1prQVZmcDRGTFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUJoMA0G
CSqGSIb3DQEBCwUAA4IBAQC8+YDMrP3dmUvljATCiRIgKump6EDvoK06Q/NbLNLM
hg/9cdKQ8yLoAn7G1lV8JrJTsdUzF772rGloJ/7IJIcLqK+Ni/9TF6BRIh28ELBi
Kp71Bg6VvSDMAUu0d+A32hJxQcciUi+bRtGpDQfr39NrnrIB7SOCA+GWf1LRtjT5
if/2sTZeyKMYZgWTLZvizM2sPMcdW/ZSAD/kZqJV69BGYVNcLqW9lnJ7Y2LmEv2f
DHOH4/Kh01wtPrvGmcDl5oi97BQi4AELKdqbjY+WCXL2VgAWF7KwU4VSGhRvPZUz
bOvoD2z4fqb4Y5G2EpxCq2bOii6qV3TRcTvAYfC9Hzwm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:37 2024 by rpki-client on console-fra.rpki-client.org