Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/Z6FL2U6b9YkEkHCj2aeISapCGmk.roa
File: Z6FL2U6b9YkEkHCj2aeISapCGmk.roa (raw, json)
Hash identifier: kdcmnMutNqX9tAf/DNqcbR3vHxV0ZcWQg1eXd/l+AEo=
Subject key identifier: 67:A1:4B:D9:4E:9B:F5:89:04:90:70:A3:D9:A7:88:49:AA:42:1A:69
Certificate issuer: /CN=38bd6d8ebb82404d5709351bc2329a0ee43a9a43
Certificate serial: 01856CC175795D5CC5E700ABA39B91B3EB49
Authority key identifier: 38:BD:6D:8E:BB:82:40:4D:57:09:35:1B:C2:32:9A:0E:E4:3A:9A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/Z6FL2U6b9YkEkHCj2aeISapCGmk.roa
Signing time: Sun 01 Jan 2023 09:54:55 +0000
ROA not before: Sun 01 Jan 2023 09:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54574
IP address blocks: 45.88.192.0/22 maxlen: 24
2a07:aec0::/29 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:75:79:5d:5c:c5:e7:00:ab:a3:9b:91:b3:eb:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38bd6d8ebb82404d5709351bc2329a0ee43a9a43
Validity
Not Before: Jan 1 09:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67a14bd94e9bf589049070a3d9a78849aa421a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:8f:62:22:f3:f4:bf:b3:fd:a1:a6:d6:c6:
d7:70:87:51:39:8f:f7:6d:f3:de:94:79:8d:7b:db:
74:f5:37:2b:36:1b:33:3a:76:aa:26:dd:2e:c2:fc:
f3:53:29:2b:97:2f:32:90:0d:ed:8a:be:50:29:8a:
ff:8a:85:6f:48:99:ad:c2:19:b6:9a:77:64:ff:57:
e6:64:40:2b:ba:e6:5a:12:9b:06:a7:04:7a:72:39:
81:8f:14:87:71:72:56:ad:02:23:78:41:4b:53:b2:
a8:b2:5b:c3:6f:b1:8b:1e:aa:62:79:bd:a2:9d:2c:
6a:5e:d4:d4:1b:74:c6:62:65:c5:04:f6:a8:fb:1b:
9f:c7:63:e7:69:f4:a7:ad:dc:c2:af:9d:2a:c7:12:
b9:0f:64:ca:7a:1b:eb:81:ab:1e:6d:26:8e:b0:f5:
4f:b4:24:c5:e6:e3:69:74:95:ad:41:76:51:8b:80:
b4:89:4a:f6:26:dd:c9:fc:3d:8b:e9:18:b1:ad:88:
0e:b4:3a:a6:de:d9:ab:72:b7:82:55:af:12:33:02:
d1:ef:9c:11:41:bf:74:88:f0:f8:0e:a5:7e:18:4f:
2c:45:d3:ad:c2:47:ea:0a:34:d6:d3:1a:fd:06:6c:
ec:28:a9:56:2d:f2:bc:8e:1c:4f:94:f1:85:57:4f:
a6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A1:4B:D9:4E:9B:F5:89:04:90:70:A3:D9:A7:88:49:AA:42:1A:69
X509v3 Authority Key Identifier:
keyid:38:BD:6D:8E:BB:82:40:4D:57:09:35:1B:C2:32:9A:0E:E4:3A:9A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/Z6FL2U6b9YkEkHCj2aeISapCGmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/OL1tjruCQE1XCTUbwjKaDuQ6mkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.192.0/22
IPv6:
2a07:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
62:ed:f6:0e:29:36:36:b8:1c:69:91:6b:f4:d5:db:c8:d7:37:
02:e2:8f:79:2e:c7:e2:68:e2:23:c9:a3:64:ea:36:91:aa:7e:
1f:54:46:0b:de:d8:ee:c1:10:75:56:e3:bf:a9:ee:c9:d9:5d:
e3:43:33:8b:36:74:28:08:7c:0d:ac:a7:d9:34:49:e9:3e:c7:
e5:b5:66:83:1e:bd:8d:e1:92:03:63:23:57:6b:12:5b:eb:16:
85:a7:8b:ad:27:b2:bd:ae:30:a5:86:b3:d7:75:50:38:77:19:
81:e9:ed:08:49:cf:b5:d3:b0:7d:fd:a9:87:e5:b0:c2:34:0c:
9c:8e:c6:ea:53:a0:b2:10:a5:e6:88:af:aa:e8:28:4b:d9:b7:
09:11:e4:f8:c5:6a:d7:df:4b:53:1c:33:9d:ea:16:fa:b2:fb:
76:81:47:e1:c2:59:3d:6d:ea:49:43:b0:27:42:69:b1:c5:ff:
1e:a6:bb:cc:97:1e:82:b5:15:86:92:f2:b5:4b:65:15:52:db:
06:f2:76:9b:25:68:23:dc:c1:5a:d4:d6:d0:6b:38:4b:19:6c:
d2:98:49:f1:62:23:06:21:0b:84:58:fc:70:65:3a:21:5c:19:
f4:c8:09:7a:e6:a4:8a:f0:80:74:76:28:82:eb:1f:7c:60:9a:
dc:3d:54:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswXV5XVzF5wCro5uRs+tJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmQ2ZDhlYmI4MjQwNGQ1NzA5MzUxYmMyMzI5YTBlZTQz
YTlhNDMwHhcNMjMwMTAxMDk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ExNGJkOTRlOWJmNTg5MDQ5MDcwYTNkOWE3ODg0OWFhNDIxYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryuPYiLz9L+z/aGm1sbXcIdROY/3
bfPelHmNe9t09TcrNhszOnaqJt0uwvzzUykrly8ykA3tir5QKYr/ioVvSJmtwhm2
mndk/1fmZEAruuZaEpsGpwR6cjmBjxSHcXJWrQIjeEFLU7KoslvDb7GLHqpieb2i
nSxqXtTUG3TGYmXFBPao+xufx2PnafSnrdzCr50qxxK5D2TKehvrgasebSaOsPVP
tCTF5uNpdJWtQXZRi4C0iUr2Jt3J/D2L6RixrYgOtDqm3tmrcreCVa8SMwLR75wR
Qb90iPD4DqV+GE8sRdOtwkfqCjTW0xr9BmzsKKlWLfK8jhxPlPGFV0+mQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGehS9lOm/WJBJBwo9mniEmqQhppMB8GA1UdIwQY
MBaAFDi9bY67gkBNVwk1G8Iymg7kOppDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0wxdGpydUNRRTFYQ1RVYndqS2FEdVE2bWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iYjNiNDktNjJkMC00OTdjLWJkMWUt
OGM5NTM5ZjQ0NGM2LzEvWjZGTDJVNmI5WWtFa0hDajJhZUlTYXBDR21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iYjNiNDktNjJkMC00OTdjLWJkMWUtOGM5NTM5ZjQ0NGM2
LzEvT0wxdGpydUNRRTFYQ1RVYndqS2FEdVE2bWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVjAMA0E
AgACMAcDBQMqB67AMA0GCSqGSIb3DQEBCwUAA4IBAQBi7fYOKTY2uBxpkWv01dvI
1zcC4o95LsfiaOIjyaNk6jaRqn4fVEYL3tjuwRB1VuO/qe7J2V3jQzOLNnQoCHwN
rKfZNEnpPsfltWaDHr2N4ZIDYyNXaxJb6xaFp4utJ7K9rjClhrPXdVA4dxmB6e0I
Sc+107B9/amH5bDCNAycjsbqU6CyEKXmiK+q6ChL2bcJEeT4xWrX30tTHDOd6hb6
svt2gUfhwlk9bepJQ7AnQmmxxf8eprvMlx6CtRWGkvK1S2UVUtsG8nabJWgj3MFa
1NbQazhLGWzSmEnxYiMGIQuEWPxwZTohXBn0yAl65qSK8IB0diiC6x98YJrcPVRe
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:56 2024 by rpki-client on console-ams.rpki-client.org