Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/aKmGydspb_en3ARzcbFTsFvhhXw.roa
File: aKmGydspb_en3ARzcbFTsFvhhXw.roa (raw, json)
Hash identifier: BSeX5uAVb6/g1AgxIMpbTsLyAVvjhHkxDzEonOZE0HU=
Subject key identifier: 68:A9:86:C9:DB:29:6F:F7:A7:DC:04:73:71:B1:53:B0:5B:E1:85:7C
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018C25AD45BB7CAF69B98F6D45E2CA1EDA0B
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/aKmGydspb_en3ARzcbFTsFvhhXw.roa
Signing time: Fri 01 Dec 2023 13:59:21 +0000
ROA not before: Fri 01 Dec 2023 13:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198789
IP address blocks: 45.8.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:ad:45:bb:7c:af:69:b9:8f:6d:45:e2:ca:1e:da:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Dec 1 13:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68a986c9db296ff7a7dc047371b153b05be1857c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ed:4a:27:f7:9d:db:a3:f0:34:49:fb:ba:d1:
63:89:fa:c0:42:f1:c6:76:58:85:48:7c:52:95:40:
8e:46:35:2b:28:8e:1e:e8:76:d9:68:3b:51:4b:84:
65:6c:b0:dd:14:01:af:21:86:89:f4:c1:10:5b:35:
e4:7c:16:f4:fd:10:d8:7c:b1:cf:55:75:54:4d:ba:
1d:e5:23:74:fb:40:7b:96:4a:7c:a4:18:05:98:09:
b5:ee:14:66:70:9b:f4:30:21:3b:34:4a:f7:e2:02:
2d:84:14:c6:9a:33:09:1c:47:05:ce:5a:42:43:4c:
78:e6:39:43:18:be:79:6c:66:8b:e1:5d:49:ce:3a:
59:e0:39:be:56:52:59:ac:ea:c4:2f:3b:74:43:18:
80:e8:83:58:07:59:ac:c4:ec:66:fd:d0:ea:db:d4:
af:47:29:15:1b:0d:e3:7b:12:af:d7:25:fd:36:3c:
85:65:58:39:e1:a1:de:1c:1f:41:8d:ac:4d:69:29:
4c:09:9c:85:fa:87:9d:65:e0:72:3b:24:6e:e8:3b:
3c:e9:ae:bb:a0:c2:34:46:da:10:a8:57:f6:4c:92:
d3:c4:fb:9d:55:52:98:44:e0:1d:01:33:63:b7:95:
b4:8d:50:da:02:50:ef:b6:83:0c:fb:e0:da:c0:33:
24:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A9:86:C9:DB:29:6F:F7:A7:DC:04:73:71:B1:53:B0:5B:E1:85:7C
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/aKmGydspb_en3ARzcbFTsFvhhXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.177.0/24
Signature Algorithm: sha256WithRSAEncryption
89:87:0b:f6:55:6b:8c:0f:f9:2d:d2:e7:0d:1a:1f:77:d3:b8:
f0:e8:83:96:61:f1:7a:f1:40:6b:aa:14:97:55:2e:8d:58:a9:
83:44:b3:48:05:6e:32:e3:f3:58:74:06:e4:31:ab:ec:88:3a:
0a:f9:af:2b:2c:80:b8:96:92:fb:cd:40:eb:7e:d8:9b:90:06:
bf:02:91:42:b3:5e:13:50:ef:24:29:7e:12:2a:05:b5:5d:47:
68:ee:0e:d2:5a:33:26:d2:20:f1:f9:68:e9:73:a0:ea:20:d0:
ce:7d:cc:cd:cb:3f:93:33:3f:27:a6:e1:1a:71:18:82:bc:cb:
0e:9c:04:00:fe:2c:c7:f9:2b:03:37:f1:a4:1f:26:42:48:6b:
29:b2:6d:02:c4:91:d3:4a:a3:c6:3c:d1:d2:42:4a:94:3b:e6:
c6:28:c7:46:87:25:47:47:01:2e:9e:70:fc:e2:10:ee:43:fb:
fb:56:fd:65:4f:9d:eb:ac:00:de:a3:4b:0d:00:17:8a:85:2a:
d9:b0:0e:b7:43:de:f8:fb:95:48:84:f6:fa:36:47:08:df:62:
16:3b:91:95:31:6f:60:25:2e:18:54:5c:63:0f:da:a8:67:e1:
75:9f:33:2e:1e:2c:0e:92:f5:7a:0b:53:b9:8e:2a:60:ef:f0:
30:4b:dc:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwlrUW7fK9puY9tReLKHtoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMxMjAxMTM1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGE5ODZjOWRiMjk2ZmY3YTdkYzA0NzM3MWIxNTNiMDViZTE4NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+1KJ/ed26PwNEn7utFjifrAQvHG
dliFSHxSlUCORjUrKI4e6HbZaDtRS4RlbLDdFAGvIYaJ9MEQWzXkfBb0/RDYfLHP
VXVUTbod5SN0+0B7lkp8pBgFmAm17hRmcJv0MCE7NEr34gIthBTGmjMJHEcFzlpC
Q0x45jlDGL55bGaL4V1JzjpZ4Dm+VlJZrOrELzt0QxiA6INYB1msxOxm/dDq29Sv
RykVGw3jexKv1yX9NjyFZVg54aHeHB9BjaxNaSlMCZyF+oedZeByOyRu6Ds86a67
oMI0RtoQqFf2TJLTxPudVVKYROAdATNjt5W0jVDaAlDvtoMM++DawDMkAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiphsnbKW/3p9wEc3GxU7Bb4YV8MB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvYUttR3lkc3BiX2VuM0FSemNiRlRzRnZoaFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQixMA0G
CSqGSIb3DQEBCwUAA4IBAQCJhwv2VWuMD/kt0ucNGh9307jw6IOWYfF68UBrqhSX
VS6NWKmDRLNIBW4y4/NYdAbkMavsiDoK+a8rLIC4lpL7zUDrftibkAa/ApFCs14T
UO8kKX4SKgW1XUdo7g7SWjMm0iDx+Wjpc6DqINDOfczNyz+TMz8npuEacRiCvMsO
nAQA/izH+SsDN/GkHyZCSGspsm0CxJHTSqPGPNHSQkqUO+bGKMdGhyVHRwEunnD8
4hDuQ/v7Vv1lT53rrADeo0sNABeKhSrZsA63Q974+5VIhPb6NkcI32IWO5GVMW9g
JS4YVFxjD9qoZ+F1nzMuHiwOkvV6C1O5jipg7/AwS9xo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org