Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/2zuYVfsc55C_ZadkYyk9EtaB38o.roa
File: 2zuYVfsc55C_ZadkYyk9EtaB38o.roa (raw, json)
Hash identifier: v9sI4XgVgHoBJiJWs2If9EELqbWzVaXK80+RVhgoSKY=
Subject key identifier: DB:3B:98:55:FB:1C:E7:90:BF:65:A7:64:63:29:3D:12:D6:81:DF:CA
Certificate issuer: /CN=b7c40a747e3ac1acc611a4c403b6007398e7d79f
Certificate serial: 01856F66D4BBCF7CAFBD16E218F4BD6C41DF
Authority key identifier: B7:C4:0A:74:7E:3A:C1:AC:C6:11:A4:C4:03:B6:00:73:98:E7:D7:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t8QKdH46wazGEaTEA7YAc5jn158.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/2zuYVfsc55C_ZadkYyk9EtaB38o.roa
Signing time: Sun 01 Jan 2023 22:14:48 +0000
ROA not before: Sun 01 Jan 2023 22:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207616
IP address blocks: 45.67.14.0/24 maxlen: 24
45.67.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Sep 2023 09:55:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:d4:bb:cf:7c:af:bd:16:e2:18:f4:bd:6c:41:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7c40a747e3ac1acc611a4c403b6007398e7d79f
Validity
Not Before: Jan 1 22:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db3b9855fb1ce790bf65a76463293d12d681dfca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2b:9f:79:fd:f5:3d:b2:a9:80:94:8a:cb:ac:
39:ed:a5:4b:63:36:2f:42:c1:79:d9:ef:85:03:42:
38:95:f8:47:0e:36:53:78:06:1f:43:2b:9c:2f:9e:
41:02:58:50:c4:56:13:17:ba:d2:3c:11:30:f0:f2:
b7:19:ee:a1:85:b3:dd:37:14:f8:54:6b:f3:97:2b:
d4:47:84:d9:9e:05:30:c5:f6:7b:fc:81:91:18:57:
6b:2b:46:c1:b8:63:72:16:64:50:10:ba:9f:fa:d7:
b4:05:1e:a6:3f:f5:ca:af:98:2e:b1:c4:b7:86:a8:
bd:39:f4:47:ed:3e:34:e0:a1:63:37:2b:de:1b:49:
b9:22:08:1e:f4:d5:c5:f4:fb:d2:7b:cc:2d:f9:2d:
d6:64:1e:32:f4:58:07:ec:83:11:16:5a:cc:6a:96:
7f:cf:37:1d:23:52:b9:54:b4:2d:36:bf:bb:b8:8b:
84:3f:9c:1c:5f:15:66:7a:ae:97:54:24:c6:22:a8:
ad:32:07:ec:8c:af:77:f4:48:82:88:85:24:38:61:
72:c2:1a:d4:1f:25:9c:d9:4a:93:4a:60:be:f8:fd:
6b:8a:0b:4d:94:c0:c8:49:a3:94:a6:27:0c:ff:8c:
c0:47:41:be:74:3e:28:a2:a3:26:6a:f0:1e:2c:a5:
35:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3B:98:55:FB:1C:E7:90:BF:65:A7:64:63:29:3D:12:D6:81:DF:CA
X509v3 Authority Key Identifier:
keyid:B7:C4:0A:74:7E:3A:C1:AC:C6:11:A4:C4:03:B6:00:73:98:E7:D7:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8QKdH46wazGEaTEA7YAc5jn158.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/2zuYVfsc55C_ZadkYyk9EtaB38o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/375ebc-bafb-4e0b-b549-77635a22eb96/1/t8QKdH46wazGEaTEA7YAc5jn158.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.14.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:ad:1b:e6:4f:73:3a:f7:85:f7:8a:bc:74:9a:51:b4:b6:4b:
d5:06:1a:01:94:0c:dd:32:a2:44:63:a0:23:82:2a:65:24:04:
c2:d0:65:fc:6b:4d:1d:d0:d9:b7:a9:45:cd:ea:bc:c7:fc:5f:
44:5b:2c:21:6d:cc:1b:bb:4c:90:d7:48:84:04:dc:7b:79:6c:
0d:d1:69:bd:cc:f1:85:97:db:4b:02:65:9a:d9:a1:c7:99:17:
09:0a:03:76:62:18:b0:f0:70:aa:de:63:78:dc:f4:26:66:e1:
7b:51:1e:e2:c4:92:a8:fc:38:cc:3b:7b:8e:0d:03:cb:dc:0e:
7b:ee:13:fe:f0:1b:6f:7d:ee:17:2d:1a:df:1c:a5:66:6a:b4:
a8:7b:78:9b:ec:b9:9c:26:0b:de:40:d7:51:bd:2d:5b:cf:fe:
f4:55:c5:45:5c:64:4f:b1:13:54:fd:9c:e3:d6:03:c2:f6:75:
7e:83:04:75:eb:ee:3b:20:d8:c3:47:f5:0d:20:1e:87:1b:c6:
c4:af:9f:9d:36:33:73:39:31:d3:09:b0:27:fa:3f:12:0b:5c:
f2:8f:a8:9c:d4:29:ac:22:c5:dd:97:46:e2:e6:6f:51:2a:9b:
f5:df:8e:44:7d:1e:48:e2:92:c4:20:e6:c3:04:68:62:fa:02:
46:2b:cf:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZtS7z3yvvRbiGPS9bEHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YzQwYTc0N2UzYWMxYWNjNjExYTRjNDAzYjYwMDczOThl
N2Q3OWYwHhcNMjMwMTAxMjIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNiOTg1NWZiMWNlNzkwYmY2NWE3NjQ2MzI5M2QxMmQ2ODFkZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Sufef31PbKpgJSKy6w57aVLYzYv
QsF52e+FA0I4lfhHDjZTeAYfQyucL55BAlhQxFYTF7rSPBEw8PK3Ge6hhbPdNxT4
VGvzlyvUR4TZngUwxfZ7/IGRGFdrK0bBuGNyFmRQELqf+te0BR6mP/XKr5guscS3
hqi9OfRH7T404KFjNyveG0m5Igge9NXF9PvSe8wt+S3WZB4y9FgH7IMRFlrMapZ/
zzcdI1K5VLQtNr+7uIuEP5wcXxVmeq6XVCTGIqitMgfsjK939EiCiIUkOGFywhrU
HyWc2UqTSmC++P1rigtNlMDISaOUpicM/4zAR0G+dD4ooqMmavAeLKU1/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNs7mFX7HOeQv2WnZGMpPRLWgd/KMB8GA1UdIwQY
MBaAFLfECnR+OsGsxhGkxAO2AHOY59efMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDhRS2RINDZ3YXpHRWFURUE3WUFjNWpuMTU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zNzVlYmMtYmFmYi00ZTBiLWI1NDkt
Nzc2MzVhMjJlYjk2LzEvMnp1WVZmc2M1NUNfWmFka1l5azlFdGFCMzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zNzVlYmMtYmFmYi00ZTBiLWI1NDktNzc2MzVhMjJlYjk2
LzEvdDhRS2RINDZ3YXpHRWFURUE3WUFjNWpuMTU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUMOMA0G
CSqGSIb3DQEBCwUAA4IBAQBsrRvmT3M694X3irx0mlG0tkvVBhoBlAzdMqJEY6Aj
giplJATC0GX8a00d0Nm3qUXN6rzH/F9EWywhbcwbu0yQ10iEBNx7eWwN0Wm9zPGF
l9tLAmWa2aHHmRcJCgN2Yhiw8HCq3mN43PQmZuF7UR7ixJKo/DjMO3uODQPL3A57
7hP+8Btvfe4XLRrfHKVmarSoe3ib7LmcJgveQNdRvS1bz/70VcVFXGRPsRNU/Zzj
1gPC9nV+gwR16+47INjDR/UNIB6HG8bEr5+dNjNzOTHTCbAn+j8SC1zyj6ic1Cms
IsXdl0bi5m9RKpv1345EfR5I4pLEIObDBGhi+gJGK884
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:55 2024 by rpki-client on console-fra.rpki-client.org