Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/qYfk89cQ_V8jzabDgDCaROF-YSw.roa
File: qYfk89cQ_V8jzabDgDCaROF-YSw.roa (raw, json)
Hash identifier: l7m6OkE6RHA3krawPX4sLCOVW+kUUraLJcG0ZmmSZdY=
Subject key identifier: A9:87:E4:F3:D7:10:FD:5F:23:CD:A6:C3:80:30:9A:44:E1:7E:61:2C
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018877298F4F165FB78C48DA2ED6E76CBE4F
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/qYfk89cQ_V8jzabDgDCaROF-YSw.roa
Signing time: Thu 01 Jun 2023 13:33:12 +0000
ROA not before: Thu 01 Jun 2023 13:33:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20853
IP address blocks: 45.83.180.0/22 maxlen: 22
2.58.124.0/22 maxlen: 22
45.150.110.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 19 Jul 2023 21:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:29:8f:4f:16:5f:b7:8c:48:da:2e:d6:e7:6c:be:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jun 1 13:33:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a987e4f3d710fd5f23cda6c380309a44e17e612c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:30:27:cb:76:17:97:02:f1:14:ac:b2:ef:6b:
59:c0:fc:40:44:b2:27:3f:7a:f4:dd:46:cb:3d:43:
b4:ac:68:6b:04:a9:10:61:c8:9b:98:4a:f1:c5:05:
f7:45:33:aa:fc:fe:5b:c6:c0:91:88:2a:47:17:a3:
23:0d:67:6a:68:fe:69:e3:e5:23:5a:4d:2d:09:dd:
8a:bb:5d:37:0f:8b:41:02:55:b3:68:f9:7d:ed:02:
fc:13:e4:09:27:26:be:4b:56:7d:59:61:1e:5f:2e:
ce:f5:48:5d:c5:3c:a8:9c:db:f7:ed:0d:67:11:7a:
ff:74:5f:36:a6:69:9d:50:b1:f5:ab:81:c9:bc:36:
ed:0a:d9:dc:a7:4e:ba:28:47:15:7f:e6:78:f9:cf:
16:e1:40:38:c5:2c:7b:f2:25:a9:2d:08:c5:12:72:
3c:a0:2d:04:b4:ee:46:d0:1d:01:80:0f:4a:f3:7f:
92:dc:33:b2:49:2a:8e:28:a5:a5:68:e9:c4:80:9c:
b7:1b:3e:91:64:41:24:5b:c6:d3:c3:49:99:18:64:
56:82:44:8c:b9:18:62:29:c1:89:86:f2:39:79:1d:
d2:33:63:21:11:a7:74:bf:ff:a9:31:33:a9:84:f8:
99:4a:a3:53:4c:21:c6:07:fe:36:5f:1e:c2:dc:6c:
86:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:87:E4:F3:D7:10:FD:5F:23:CD:A6:C3:80:30:9A:44:E1:7E:61:2C
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/qYfk89cQ_V8jzabDgDCaROF-YSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.124.0/22
45.83.180.0/22
45.150.110.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:e9:9f:4f:43:ad:47:36:11:2d:62:35:be:c0:99:ff:8b:53:
49:46:8e:46:ea:2e:08:51:b5:72:ca:55:83:31:46:ed:05:3a:
09:28:eb:62:d7:bc:c1:73:95:64:22:8f:51:61:93:47:ec:9c:
cc:e0:7d:a4:b9:ef:03:fa:9b:a3:37:96:c0:54:c3:58:f5:c9:
b4:25:0e:3c:62:81:03:ab:f0:2a:bb:24:79:f5:57:e2:46:59:
da:3c:f8:84:47:5d:87:f4:83:c6:64:88:73:21:79:a3:99:d6:
74:d5:b7:1a:a6:3c:7b:35:a6:fe:62:39:44:64:ca:90:ea:a0:
ed:cf:24:7d:b1:3a:c6:b8:96:80:50:94:5f:6b:25:21:9b:e9:
89:2a:a2:0b:3b:6f:e6:9e:c8:05:50:37:bb:d1:dd:04:21:55:
d1:87:c0:17:8b:17:63:fb:f8:46:7f:0f:ae:21:fd:22:24:85:
85:9d:59:c9:8b:35:8f:1d:c6:bd:5a:54:c6:30:29:40:8b:d6:
f1:06:90:67:7d:17:b3:f0:a6:11:28:83:73:3f:9c:f5:10:8d:
89:8a:f3:a7:75:5a:e3:46:df:37:a6:67:2e:b9:8d:33:70:14:
6c:c5:e0:80:66:cc:a2:ce:df:92:d8:78:9a:90:dd:58:1d:06:
d5:b5:96:e0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh3KY9PFl+3jEjaLtbnbL5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjMwNjAxMTMzMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTg3ZTRmM2Q3MTBmZDVmMjNjZGE2YzM4MDMwOWE0NGUxN2U2MTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTAny3YXlwLxFKyy72tZwPxARLIn
P3r03UbLPUO0rGhrBKkQYcibmErxxQX3RTOq/P5bxsCRiCpHF6MjDWdqaP5p4+Uj
Wk0tCd2Ku103D4tBAlWzaPl97QL8E+QJJya+S1Z9WWEeXy7O9UhdxTyonNv37Q1n
EXr/dF82pmmdULH1q4HJvDbtCtncp066KEcVf+Z4+c8W4UA4xSx78iWpLQjFEnI8
oC0EtO5G0B0BgA9K83+S3DOySSqOKKWlaOnEgJy3Gz6RZEEkW8bTw0mZGGRWgkSM
uRhiKcGJhvI5eR3SM2MhEad0v/+pMTOphPiZSqNTTCHGB/42Xx7C3GyG4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKmH5PPXEP1fI82mw4AwmkThfmEsMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvcVlmazg5Y1FfVjhqemFiRGdEQ2FST0YtWVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjp8AwQC
LVO0AwQBLZZuMA0GCSqGSIb3DQEBCwUAA4IBAQBP6Z9PQ61HNhEtYjW+wJn/i1NJ
Ro5G6i4IUbVyylWDMUbtBToJKOti17zBc5VkIo9RYZNH7JzM4H2kue8D+pujN5bA
VMNY9cm0JQ48YoEDq/AquyR59VfiRlnaPPiER12H9IPGZIhzIXmjmdZ01bcapjx7
Nab+YjlEZMqQ6qDtzyR9sTrGuJaAUJRfayUhm+mJKqILO2/mnsgFUDe70d0EIVXR
h8AXixdj+/hGfw+uIf0iJIWFnVnJizWPHca9WlTGMClAi9bxBpBnfRez8KYRKINz
P5z1EI2JivOndVrjRt83pmcuuY0zcBRsxeCAZsyizt+S2HiakN1YHQbVtZbg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org