Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/aGU8NRjaB-x2yoDUXiZO6nP9ux8.roa
File: aGU8NRjaB-x2yoDUXiZO6nP9ux8.roa (raw, json)
Hash identifier: wThxIj28UNII/jULvOI3q6iBA2yDglnYagyiBXJUfL0=
Subject key identifier: 68:65:3C:35:18:DA:07:EC:76:CA:80:D4:5E:26:4E:EA:73:FD:BB:1F
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 018DA7F9CAE377074F9991575B1854EE26D6
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/aGU8NRjaB-x2yoDUXiZO6nP9ux8.roa
Signing time: Wed 14 Feb 2024 14:16:21 +0000
ROA not before: Wed 14 Feb 2024 14:16:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25098
IP address blocks: 45.94.52.0/22 maxlen: 22
212.30.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 20 Mar 2024 19:57:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:f9:ca:e3:77:07:4f:99:91:57:5b:18:54:ee:26:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Feb 14 14:16:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68653c3518da07ec76ca80d45e264eea73fdbb1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:60:f0:b7:c7:2e:a2:07:06:e5:dc:b8:ff:4c:
b8:f0:51:73:75:ab:4b:30:53:be:70:fb:c6:54:e1:
5f:82:0b:fd:73:a1:f9:aa:f3:29:e2:4b:5c:94:90:
a3:b9:89:be:7b:1d:e9:80:0f:d2:a0:4e:32:61:98:
d6:d5:31:8d:f9:01:5b:0e:7d:e9:ad:e0:75:80:cd:
13:7b:98:11:a0:3e:03:b2:16:99:63:51:37:02:33:
bd:8e:dd:be:16:ac:7d:84:c4:dc:90:87:c9:4f:14:
ca:4e:df:37:5d:38:e3:33:f2:c4:ff:aa:27:64:00:
71:43:55:24:6e:c2:35:80:7e:43:6a:61:9a:b8:30:
06:d8:c7:8b:69:74:b7:b3:db:10:54:39:23:87:d8:
b0:63:1a:3b:e5:a5:44:c9:f0:65:83:0a:da:b8:45:
e3:98:67:da:2f:30:6e:7c:3c:d4:69:04:9c:35:4a:
be:31:75:37:24:15:68:25:eb:69:c0:5f:69:94:41:
ff:58:84:a3:45:32:98:91:07:27:16:dc:47:98:6f:
75:2e:02:22:2e:57:b4:02:3d:7a:10:2c:b3:e4:e0:
4e:c7:01:86:a6:0f:93:4b:93:ab:df:28:59:01:55:
d5:a9:df:07:fa:a0:90:6e:b3:c1:12:54:ca:31:96:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:65:3C:35:18:DA:07:EC:76:CA:80:D4:5E:26:4E:EA:73:FD:BB:1F
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/aGU8NRjaB-x2yoDUXiZO6nP9ux8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.52.0/22
212.30.48.0/22
Signature Algorithm: sha256WithRSAEncryption
32:b7:73:b4:f7:d4:e9:6a:a4:e5:a8:48:f1:6b:bf:63:25:42:
ad:f1:3b:db:c7:8a:d3:2c:56:2b:68:80:b8:43:a6:ed:92:73:
c0:5e:92:ae:bf:83:f4:23:18:c1:ea:83:fe:6d:20:e1:d9:3f:
4b:dc:27:e8:93:b4:f4:1b:f5:f8:2f:67:b7:c7:35:15:d2:bb:
5a:62:5f:ed:50:9b:87:6b:38:35:33:5b:b3:6c:13:d4:63:22:
bb:2e:18:9a:9f:0b:99:b8:8d:f2:26:4f:e1:0b:72:77:1a:bb:
12:4c:22:53:cf:36:56:da:8f:58:49:51:bb:bc:4b:7c:ac:79:
50:fd:c1:2e:9a:6f:6d:73:af:1a:93:ed:37:ea:4c:0a:fd:10:
93:ea:7e:57:b1:a2:af:60:f7:64:3c:2a:d0:d2:34:c8:32:c6:
e3:dd:d0:4c:de:b2:0a:9c:0d:5d:0c:0e:9d:25:3a:1c:bc:d7:
cc:66:77:ff:62:d4:82:97:df:f6:8a:9c:d6:29:c8:c9:42:c2:
9d:37:27:db:f1:12:94:59:c7:f6:13:5b:5e:66:30:b6:d6:f1:
6e:6a:d4:d0:a8:a3:25:7a:a9:f6:2a:ae:43:a2:f7:8b:c0:f4:
00:91:fa:e7:ee:0f:74:fa:a4:38:18:9a:9d:05:58:05:a2:55:
96:76:35:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2n+crjdwdPmZFXWxhU7ibWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTVkN2ZlZTRhNDk5ZWNhZjExZDJkM2RhOGUzODlkZTMy
MzQxMmYwHhcNMjQwMjE0MTQxNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY1M2MzNTE4ZGEwN2VjNzZjYTgwZDQ1ZTI2NGVlYTczZmRiYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGDwt8cuogcG5dy4/0y48FFzdatL
MFO+cPvGVOFfggv9c6H5qvMp4ktclJCjuYm+ex3pgA/SoE4yYZjW1TGN+QFbDn3p
reB1gM0Te5gRoD4DshaZY1E3AjO9jt2+Fqx9hMTckIfJTxTKTt83XTjjM/LE/6on
ZABxQ1UkbsI1gH5DamGauDAG2MeLaXS3s9sQVDkjh9iwYxo75aVEyfBlgwrauEXj
mGfaLzBufDzUaQScNUq+MXU3JBVoJetpwF9plEH/WISjRTKYkQcnFtxHmG91LgIi
Lle0Aj16ECyz5OBOxwGGpg+TS5Or3yhZAVXVqd8H+qCQbrPBElTKMZYSoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGhlPDUY2gfsdsqA1F4mTupz/bsfMB8GA1UdIwQY
MBaAFCRV1/7kpJnsrxHS09qOOJ3jI0EvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEt
MWUwNDY1NTEzYjYzLzEvYUdVOE5SamFCLXgyeW9EVVhpWk82blA5dXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8zZmZiNzYtOTkzMS00OTQyLTlkYTEtMWUwNDY1NTEzYjYz
LzEvSkZYWF91U2ttZXl2RWRMVDJvNDRuZU1qUVM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV40AwQC
1B4wMA0GCSqGSIb3DQEBCwUAA4IBAQAyt3O099TpaqTlqEjxa79jJUKt8Tvbx4rT
LFYraIC4Q6btknPAXpKuv4P0IxjB6oP+bSDh2T9L3Cfok7T0G/X4L2e3xzUV0rta
Yl/tUJuHazg1M1uzbBPUYyK7LhianwuZuI3yJk/hC3J3GrsSTCJTzzZW2o9YSVG7
vEt8rHlQ/cEumm9tc68ak+036kwK/RCT6n5XsaKvYPdkPCrQ0jTIMsbj3dBM3rIK
nA1dDA6dJTocvNfMZnf/YtSCl9/2ipzWKcjJQsKdNyfb8RKUWcf2E1teZjC21vFu
atTQqKMleqn2Kq5DoveLwPQAkfrn7g90+qQ4GJqdBVgFolWWdjW8
-----END CERTIFICATE-----
Generated at Wed Mar 20 23:02:14 2024 by rpki-client on console-fra.rpki-client.org