Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/g8XFCdAZG-TZxcXvg3SNttSQv2o.roa
File: g8XFCdAZG-TZxcXvg3SNttSQv2o.roa (raw, json)
Hash identifier: SZNYJYON6F6xRz3mxrl+sdpUpkQulaB2znQDCROfgag=
Subject key identifier: 83:C5:C5:09:D0:19:1B:E4:D9:C5:C5:EF:83:74:8D:B6:D4:90:BF:6A
Certificate issuer: /CN=38bd6d8ebb82404d5709351bc2329a0ee43a9a43
Certificate serial: 01856CC17495DF8A65FB01F367B61EC245B2
Authority key identifier: 38:BD:6D:8E:BB:82:40:4D:57:09:35:1B:C2:32:9A:0E:E4:3A:9A:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/g8XFCdAZG-TZxcXvg3SNttSQv2o.roa
Signing time: Sun 01 Jan 2023 09:54:55 +0000
ROA not before: Sun 01 Jan 2023 09:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 906
IP address blocks: 45.88.192.0/22 maxlen: 24
2a07:aec0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:74:95:df:8a:65:fb:01:f3:67:b6:1e:c2:45:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38bd6d8ebb82404d5709351bc2329a0ee43a9a43
Validity
Not Before: Jan 1 09:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83c5c509d0191be4d9c5c5ef83748db6d490bf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c6:7f:32:b9:c7:29:97:12:b8:66:c7:f0:59:
bc:7d:c6:a1:48:2d:25:aa:84:22:d1:1d:b6:16:29:
77:62:3b:7a:08:3a:b7:44:e4:02:39:cc:51:71:55:
0a:17:95:e4:c8:26:f1:8d:28:fe:b6:f6:1b:63:34:
ec:e7:4b:c1:f3:33:02:f5:0a:9a:1a:83:f3:2d:9a:
98:94:8a:83:e1:2e:c4:f4:13:d4:ed:af:be:72:1a:
63:7b:35:18:7e:76:59:26:7a:bd:a6:e5:03:12:f4:
09:df:96:da:1d:7a:d0:51:a3:85:5f:06:19:58:b2:
96:5a:81:7c:47:0c:9b:5d:56:48:a3:40:83:be:8a:
b4:a9:4d:38:49:83:9d:3a:7a:70:32:7d:af:ea:db:
41:aa:d2:e3:d3:fa:01:9f:0f:9c:cc:0d:7a:b0:ec:
ff:6e:51:a9:3c:bf:f1:db:15:70:f6:f9:2e:a6:68:
c8:9a:a4:a1:2a:f1:2c:a2:21:db:75:18:91:ae:39:
b2:3e:2c:f1:84:96:4b:16:65:50:4e:8a:b3:d1:29:
47:71:a7:2d:92:93:45:4a:c2:3a:a3:61:de:a4:11:
fa:6f:6f:75:a7:76:53:2c:60:cc:ce:05:5a:64:53:
a8:53:05:70:5b:79:2b:ca:1c:57:42:b7:1a:d3:55:
6a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C5:C5:09:D0:19:1B:E4:D9:C5:C5:EF:83:74:8D:B6:D4:90:BF:6A
X509v3 Authority Key Identifier:
keyid:38:BD:6D:8E:BB:82:40:4D:57:09:35:1B:C2:32:9A:0E:E4:3A:9A:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OL1tjruCQE1XCTUbwjKaDuQ6mkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/g8XFCdAZG-TZxcXvg3SNttSQv2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/bb3b49-62d0-497c-bd1e-8c9539f444c6/1/OL1tjruCQE1XCTUbwjKaDuQ6mkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.192.0/22
IPv6:
2a07:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:4b:f0:d3:0d:cd:4c:97:ff:61:2c:f2:c3:d5:17:0b:d7:dc:
f7:05:14:5a:de:a3:13:c1:90:a9:18:11:9c:79:da:39:7b:9c:
53:67:bb:b8:8d:51:d8:83:6a:58:4a:3b:03:34:5e:25:7a:bb:
08:de:80:9b:33:4e:3f:13:e4:de:2f:b4:d9:99:af:25:9a:d9:
3b:32:f9:d8:8f:a3:b1:52:96:4a:32:62:7a:35:c8:be:00:da:
f5:c6:56:6e:64:1f:bc:8d:ca:57:bb:c5:0a:c0:c6:21:1f:d4:
14:88:f5:53:89:f3:e3:d8:62:2c:77:e3:a7:17:f1:88:f9:59:
79:b9:2b:77:cf:23:1b:0c:1b:cd:b5:90:ed:c2:6f:6f:15:8f:
2a:94:9b:b1:48:c8:01:89:4c:9a:b3:ea:c0:65:d9:8e:0d:55:
18:58:36:94:a1:86:37:ac:73:cb:ac:cd:f5:88:c9:e6:1b:b6:
f5:ee:a7:b0:9f:ce:5e:0b:f0:39:93:01:4f:7c:60:eb:c6:fe:
5e:15:96:fd:58:b8:ed:af:ff:70:fb:1d:34:62:39:72:a4:a6:
ba:9f:7a:01:af:5c:aa:c9:09:78:8a:a7:87:23:9f:d8:3c:e5:
b2:d9:c4:39:7c:36:0d:98:db:fd:56:a5:c2:79:6d:51:25:1e:
4b:a1:eb:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVswXSV34pl+wHzZ7YewkWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YmQ2ZDhlYmI4MjQwNGQ1NzA5MzUxYmMyMzI5YTBlZTQz
YTlhNDMwHhcNMjMwMTAxMDk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M1YzUwOWQwMTkxYmU0ZDljNWM1ZWY4Mzc0OGRiNmQ0OTBiZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncZ/MrnHKZcSuGbH8Fm8fcahSC0l
qoQi0R22Fil3Yjt6CDq3ROQCOcxRcVUKF5XkyCbxjSj+tvYbYzTs50vB8zMC9Qqa
GoPzLZqYlIqD4S7E9BPU7a++chpjezUYfnZZJnq9puUDEvQJ35baHXrQUaOFXwYZ
WLKWWoF8RwybXVZIo0CDvoq0qU04SYOdOnpwMn2v6ttBqtLj0/oBnw+czA16sOz/
blGpPL/x2xVw9vkupmjImqShKvEsoiHbdRiRrjmyPizxhJZLFmVQToqz0SlHcact
kpNFSsI6o2HepBH6b291p3ZTLGDMzgVaZFOoUwVwW3kryhxXQrca01VqPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIPFxQnQGRvk2cXF74N0jbbUkL9qMB8GA1UdIwQY
MBaAFDi9bY67gkBNVwk1G8Iymg7kOppDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0wxdGpydUNRRTFYQ1RVYndqS2FEdVE2bWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iYjNiNDktNjJkMC00OTdjLWJkMWUt
OGM5NTM5ZjQ0NGM2LzEvZzhYRkNkQVpHLVRaeGNYdmczU050dFNRdjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iYjNiNDktNjJkMC00OTdjLWJkMWUtOGM5NTM5ZjQ0NGM2
LzEvT0wxdGpydUNRRTFYQ1RVYndqS2FEdVE2bWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVjAMA0E
AgACMAcDBQMqB67AMA0GCSqGSIb3DQEBCwUAA4IBAQCLS/DTDc1Ml/9hLPLD1RcL
19z3BRRa3qMTwZCpGBGcedo5e5xTZ7u4jVHYg2pYSjsDNF4lersI3oCbM04/E+Te
L7TZma8lmtk7MvnYj6OxUpZKMmJ6Nci+ANr1xlZuZB+8jcpXu8UKwMYhH9QUiPVT
ifPj2GIsd+OnF/GI+Vl5uSt3zyMbDBvNtZDtwm9vFY8qlJuxSMgBiUyas+rAZdmO
DVUYWDaUoYY3rHPLrM31iMnmG7b17qewn85eC/A5kwFPfGDrxv5eFZb9WLjtr/9w
+x00YjlypKa6n3oBr1yqyQl4iqeHI5/YPOWy2cQ5fDYNmNv9VqXCeW1RJR5LoesN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org