Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pY9xuRYP_NeVT-vl07nMFeWv1Z8.roa
File: pY9xuRYP_NeVT-vl07nMFeWv1Z8.roa (raw, json)
Hash identifier: d4dvjqcGgc0uB6ct/k04uGwi8WtrBfnm122OaK5LWZ4=
Subject key identifier: A5:8F:71:B9:16:0F:FC:D7:95:4F:EB:E5:D3:B9:CC:15:E5:AF:D5:9F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C86A913B9AC1CB303C232FB808B9F4615
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pY9xuRYP_NeVT-vl07nMFeWv1Z8.roa
Signing time: Wed 20 Dec 2023 09:57:56 +0000
ROA not before: Wed 20 Dec 2023 09:57:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60404
IP address blocks: 45.81.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:a9:13:b9:ac:1c:b3:03:c2:32:fb:80:8b:9f:46:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 09:57:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a58f71b9160ffcd7954febe5d3b9cc15e5afd59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:f0:84:5c:ed:d3:dd:a3:54:a0:74:b2:c0:
79:a2:ee:7a:4a:07:37:f0:55:d0:4a:e0:77:22:0f:
01:cc:ca:62:99:6f:c3:37:e6:fe:ae:bf:e2:95:e2:
53:c1:17:62:46:39:db:cc:ce:86:e5:52:54:b7:b5:
27:86:73:bd:a2:28:a2:2e:ea:69:bd:19:e0:e2:28:
91:b4:9d:c4:d9:22:93:4b:32:cd:54:f0:0e:1d:00:
ec:ed:46:77:55:16:94:3b:bc:9c:9e:8a:5e:01:c3:
d6:66:a9:a8:8a:29:7f:f9:65:d2:d4:89:54:29:23:
6a:32:13:d3:a8:9f:57:3e:85:69:ce:8e:e8:f4:51:
36:0f:18:bb:d6:99:23:00:25:32:37:b7:4c:01:6a:
cd:5c:61:c7:07:3a:bb:e9:8b:4e:9c:20:d2:43:a9:
d8:ba:f8:7d:fd:35:50:98:c3:8d:3c:f3:2f:2f:65:
24:13:2e:94:57:f9:fd:ca:ee:8f:9d:be:98:1a:64:
cf:04:14:82:35:7f:45:d9:70:1c:ca:46:2d:46:60:
55:65:a6:79:5a:3d:e3:98:07:b1:c8:0a:e9:03:ce:
0e:d6:1c:40:00:19:29:56:1a:09:32:2a:d7:42:a9:
1d:50:df:a1:76:8c:73:b5:0a:0c:bc:e0:de:e5:e5:
ab:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8F:71:B9:16:0F:FC:D7:95:4F:EB:E5:D3:B9:CC:15:E5:AF:D5:9F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pY9xuRYP_NeVT-vl07nMFeWv1Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.39.0/24
Signature Algorithm: sha256WithRSAEncryption
01:82:a3:9a:8c:a9:84:6b:df:f3:5f:82:43:22:76:27:0c:a9:
0e:9f:dd:02:01:08:77:33:bf:23:21:34:f9:2e:ab:28:09:58:
79:f9:e8:dc:d9:67:16:32:c7:b1:72:62:05:21:4e:a0:f3:ee:
5e:70:ba:6e:23:69:c3:7c:81:3c:d4:6d:c2:0f:37:9d:89:30:
61:14:df:90:0d:be:31:2f:1b:0f:fb:26:21:ef:04:7e:95:1d:
22:89:c9:2c:11:10:9c:54:9c:ec:c4:42:b1:26:04:dc:5c:21:
cd:05:d1:c8:cd:ab:96:74:a1:f4:88:3e:82:ce:2f:f7:f9:fc:
3d:b9:05:c3:69:f8:52:46:58:c7:26:bc:a4:6e:20:fa:65:11:
d4:0a:e5:a6:8e:2f:09:e9:93:f3:06:1c:0f:fd:3c:ba:64:90:
d9:b0:b0:29:87:b4:71:52:35:4c:f4:2e:34:d3:18:93:60:28:
c4:65:97:0f:33:85:23:7b:cc:a0:bc:99:c1:2b:7f:63:ea:ea:
5f:d3:59:d9:d8:33:cc:bf:02:b3:4b:ed:53:fd:e3:16:86:20:
f6:4a:47:a9:32:b0:79:19:e3:4a:be:e3:cb:8b:fc:4c:e2:79:
97:75:c9:00:63:6c:f3:54:23:62:55:2f:62:5f:5b:35:c3:1a:
31:42:73:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyGqRO5rByzA8Iy+4CLn0YVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIwMDk1NzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThmNzFiOTE2MGZmY2Q3OTU0ZmViZTVkM2I5Y2MxNWU1YWZkNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvHwhFzt092jVKB0ssB5ou56Sgc3
8FXQSuB3Ig8BzMpimW/DN+b+rr/ileJTwRdiRjnbzM6G5VJUt7UnhnO9oiiiLupp
vRng4iiRtJ3E2SKTSzLNVPAOHQDs7UZ3VRaUO7ycnopeAcPWZqmoiil/+WXS1IlU
KSNqMhPTqJ9XPoVpzo7o9FE2Dxi71pkjACUyN7dMAWrNXGHHBzq76YtOnCDSQ6nY
uvh9/TVQmMONPPMvL2UkEy6UV/n9yu6Pnb6YGmTPBBSCNX9F2XAcykYtRmBVZaZ5
Wj3jmAexyArpA84O1hxAABkpVhoJMirXQqkdUN+hdoxztQoMvODe5eWrFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWPcbkWD/zXlU/r5dO5zBXlr9WfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFk5eHVSWVBfTmVWVC12bDA3bk1GZVd2MVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVEnMA0G
CSqGSIb3DQEBCwUAA4IBAQABgqOajKmEa9/zX4JDInYnDKkOn90CAQh3M78jITT5
LqsoCVh5+ejc2WcWMsexcmIFIU6g8+5ecLpuI2nDfIE81G3CDzediTBhFN+QDb4x
LxsP+yYh7wR+lR0iicksERCcVJzsxEKxJgTcXCHNBdHIzauWdKH0iD6Czi/3+fw9
uQXDafhSRljHJrykbiD6ZRHUCuWmji8J6ZPzBhwP/Ty6ZJDZsLAph7RxUjVM9C40
0xiTYCjEZZcPM4Uje8ygvJnBK39j6upf01nZ2DPMvwKzS+1T/eMWhiD2SkepMrB5
GeNKvuPLi/xM4nmXdckAY2zzVCNiVS9iX1s1wxoxQnPh
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:13 2024 by rpki-client on console-ams.rpki-client.org