Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-2YD8Lb-2yJBRhAznaNLGY57np0.roa
File: 1-2YD8Lb-2yJBRhAznaNLGY57np0.roa (raw, json)
Hash identifier: VQPw8n3w0ZPYO4JLmk3b0TQO47XJszcsdrZcmA8bk84=
Subject key identifier: FB:66:03:F0:B6:FE:DB:22:41:46:10:33:9D:A3:4B:19:8E:7B:9E:9D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCFE9329E9D2AE51A2615CEAD67F2E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-2YD8Lb-2yJBRhAznaNLGY57np0.roa
Signing time: Tue 02 Jan 2024 06:29:35 +0000
ROA not before: Tue 02 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200636
IP address blocks: 45.12.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 10:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:fe:93:29:e9:d2:ae:51:a2:61:5c:ea:d6:7f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb6603f0b6fedb22414610339da34b198e7b9e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b7:c1:81:e9:85:92:dc:43:d9:ed:26:c3:7b:
0a:dc:67:76:2d:59:29:40:f0:2b:1c:16:e4:6b:57:
50:9f:a4:68:40:5b:44:fb:50:9b:11:51:af:2b:27:
b3:a6:98:ea:7d:b5:03:3f:d2:e3:1f:11:f9:1c:c5:
37:87:9d:93:1d:ab:fd:6a:24:32:da:0f:17:2f:c0:
5b:8e:e5:d5:b7:72:25:a9:49:c3:2a:2b:7a:ef:28:
f3:3e:f9:87:9b:ed:8b:b0:44:e0:6c:a6:e6:96:f2:
ae:a4:87:1c:fa:38:70:51:86:04:d9:52:21:95:4e:
63:80:c7:d8:2b:48:ba:8d:f5:ca:5a:fa:09:61:50:
08:ec:5a:0c:83:29:ab:f4:d6:70:c5:e3:e3:54:a7:
6a:1c:87:15:b8:7b:a1:aa:2f:7e:de:bd:90:b0:3b:
36:fb:57:43:ed:40:64:c7:36:5f:53:e8:50:25:d8:
cc:3c:c6:99:d2:a5:18:45:df:f8:ae:8a:f9:50:75:
75:09:8b:5f:37:47:6d:c9:7d:b5:d8:f9:a7:71:9d:
34:4f:92:f8:b8:92:8d:65:be:34:33:2b:ad:6e:a4:
c6:c3:bf:68:9d:7c:ab:d1:db:53:f0:20:d8:ae:9d:
3b:6f:ad:ce:be:52:0d:54:de:76:15:02:4a:e5:77:
4e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:66:03:F0:B6:FE:DB:22:41:46:10:33:9D:A3:4B:19:8E:7B:9E:9D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-2YD8Lb-2yJBRhAznaNLGY57np0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.253.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:16:aa:dd:08:37:e6:55:da:b9:b4:35:37:7e:28:f5:f6:2b:
7c:cc:e7:db:5b:e3:3c:df:85:31:96:ec:5c:0d:13:68:13:59:
6e:e4:45:58:7f:51:af:cf:0e:da:a6:37:32:78:dd:58:1a:3d:
a7:5c:c7:1d:2b:0a:05:0f:9a:2b:65:eb:0d:84:16:50:fa:9d:
a1:e8:31:7e:d2:46:8d:8a:22:d1:8a:f7:71:b8:2b:c9:1b:78:
71:99:37:5c:39:56:a8:29:43:71:a3:08:91:fd:ab:7c:6d:80:
2f:f3:73:19:05:a6:dc:e9:83:a2:ce:7e:75:f1:04:d6:c9:af:
84:cb:39:ff:80:69:0e:37:01:4e:54:1f:15:25:30:63:c3:b6:
6a:0c:71:b2:05:03:e4:71:ac:94:76:65:ae:1d:bd:53:84:ae:
92:52:db:6c:36:5d:6c:4f:7c:5f:a4:f8:0e:05:8e:a3:74:b7:
b5:e1:90:19:ad:1f:4c:d0:97:3d:7a:4f:cc:26:1f:97:25:c6:
53:13:de:3f:6a:50:4b:a0:85:84:eb:8c:6d:23:12:d7:a1:5c:
e0:35:8a:ba:2e:52:35:5a:10:28:40:6e:00:9c:e8:17:5b:b8:
33:ec:d1:73:9b:53:05:07:4e:2a:49:b9:50:1a:43:3a:e6:0b:
12:7f:ac:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzI3P6TKenSrlGiYVzq1n8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjY2MDNmMGI2ZmVkYjIyNDE0NjEwMzM5ZGEzNGIxOThlN2I5ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7fBgemFktxD2e0mw3sK3Gd2LVkp
QPArHBbka1dQn6RoQFtE+1CbEVGvKyezppjqfbUDP9LjHxH5HMU3h52THav9aiQy
2g8XL8BbjuXVt3IlqUnDKit67yjzPvmHm+2LsETgbKbmlvKupIcc+jhwUYYE2VIh
lU5jgMfYK0i6jfXKWvoJYVAI7FoMgymr9NZwxePjVKdqHIcVuHuhqi9+3r2QsDs2
+1dD7UBkxzZfU+hQJdjMPMaZ0qUYRd/4ror5UHV1CYtfN0dtyX212PmncZ00T5L4
uJKNZb40MyutbqTGw79onXyr0dtT8CDYrp07b63OvlINVN52FQJK5XdOvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtmA/C2/tsiQUYQM52jSxmOe56dMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS0yWUQ4TGItMnlKQlJoQXpuYU5MR1k1N25wMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M/TAN
BgkqhkiG9w0BAQsFAAOCAQEAahaq3Qg35lXaubQ1N34o9fYrfMzn21vjPN+FMZbs
XA0TaBNZbuRFWH9Rr88O2qY3MnjdWBo9p1zHHSsKBQ+aK2XrDYQWUPqdoegxftJG
jYoi0Yr3cbgryRt4cZk3XDlWqClDcaMIkf2rfG2AL/NzGQWm3OmDos5+dfEE1smv
hMs5/4BpDjcBTlQfFSUwY8O2agxxsgUD5HGslHZlrh29U4SuklLbbDZdbE98X6T4
DgWOo3S3teGQGa0fTNCXPXpPzCYflyXGUxPeP2pQS6CFhOuMbSMS16Fc4DWKui5S
NVoQKEBuAJzoF1u4M+zRc5tTBQdOKkm5UBpDOuYLEn+smA==
-----END CERTIFICATE-----
Generated at Tue Feb 27 13:19:35 2024 by rpki-client on console-ams.rpki-client.org