Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/DzOXESeTFGoFj6VkYbZJQYFUYbk.roa
File: DzOXESeTFGoFj6VkYbZJQYFUYbk.roa (raw, json)
Hash identifier: +mBt/MjVVGnoYe4uC9qLn+AxXrDtHa6/+tLRLFSk+wo=
Subject key identifier: 0F:33:97:11:27:93:14:6A:05:8F:A5:64:61:B6:49:41:81:54:61:B9
Certificate issuer: /CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Certificate serial: 01856EC23C4A7E0AD58BF9FF23C14BCEC294
Authority key identifier: C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/DzOXESeTFGoFj6VkYbZJQYFUYbk.roa
Signing time: Sun 01 Jan 2023 19:15:01 +0000
ROA not before: Sun 01 Jan 2023 19:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209007
IP address blocks: 45.11.43.0/24 maxlen: 24
45.11.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:3c:4a:7e:0a:d5:8b:f9:ff:23:c1:4b:ce:c2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b21c89bc7e2b214067f30707a4a03dc346ee05
Validity
Not Before: Jan 1 19:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f3397112793146a058fa56461b64941815461b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9b:11:0c:fe:1b:4b:39:09:f9:c0:99:48:77:
2d:ec:ae:52:71:5d:bb:80:ae:ce:2a:a2:8d:57:ba:
bd:5c:ed:34:e0:95:0c:f4:25:22:9d:45:6f:22:b9:
e3:e2:51:a0:60:b9:71:d4:27:f5:32:23:55:d8:19:
89:0e:04:b0:3f:c8:06:9f:c2:ec:bb:da:59:90:6b:
cb:d1:5a:65:41:bd:e5:9c:c9:8d:5e:27:8a:e6:2e:
54:6d:8f:de:aa:5a:2c:bd:b4:a8:91:72:82:d8:a6:
32:e5:13:15:12:36:9a:ae:5a:43:dd:25:17:f8:6e:
02:72:7f:34:0e:6c:61:14:26:ce:e3:e1:c2:d4:20:
70:fa:61:65:ea:e3:2b:09:64:d7:64:d0:a0:48:9d:
5c:87:23:ad:4d:3b:f4:14:fa:b2:51:8d:dc:f8:c4:
29:52:d4:f4:bd:49:8f:c0:b9:47:cb:1a:95:fe:ae:
f3:c3:e6:1d:33:7c:bf:dd:56:1b:b1:ba:59:6a:5f:
2b:63:44:c5:ea:b4:af:31:f2:63:52:1a:03:9b:da:
82:ef:58:bd:3f:6f:a7:7f:a2:fb:de:8b:c4:e9:8d:
cc:d6:41:e4:52:05:e6:d2:63:64:c7:05:aa:9d:a8:
d2:4f:fd:da:e9:8d:c2:91:37:02:02:1a:93:d0:53:
70:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:33:97:11:27:93:14:6A:05:8F:A5:64:61:B6:49:41:81:54:61:B9
X509v3 Authority Key Identifier:
keyid:C4:B2:1C:89:BC:7E:2B:21:40:67:F3:07:07:A4:A0:3D:C3:46:EE:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLIcibx-KyFAZ_MHB6SgPcNG7gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/DzOXESeTFGoFj6VkYbZJQYFUYbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/6137b8-1383-4b71-a189-063b40174597/1/xLIcibx-KyFAZ_MHB6SgPcNG7gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.42.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:7a:3b:8c:5f:0d:b2:54:d3:05:a3:c6:68:be:c7:24:24:d6:
22:91:7b:38:7e:8b:4f:33:b4:8c:c7:92:84:57:48:c6:42:52:
2d:8a:3c:69:60:94:f7:0b:4e:61:7e:80:9e:7d:46:6f:79:c8:
50:92:0b:45:c9:97:74:e6:da:f5:4a:e3:73:68:c5:ba:ca:66:
73:1a:05:9b:a1:f6:14:1b:d7:b9:57:8c:23:f3:03:b5:7e:bd:
1e:c8:f8:9c:da:21:62:61:b8:8e:6f:cd:77:09:53:8f:72:35:
8d:bb:2a:5c:6b:86:97:d8:bb:43:17:b1:46:00:bc:c5:c4:47:
41:07:32:e8:87:fd:2b:c2:33:ce:66:d5:c9:10:d9:13:03:82:
eb:c7:e1:e2:24:88:55:d0:ba:0a:c1:41:6e:62:eb:6e:09:a6:
a3:84:38:46:6f:74:9a:36:b1:5c:a2:93:42:fb:bb:f4:f4:1a:
4b:8f:76:83:23:4a:01:b7:0d:98:d5:24:2c:00:d7:a0:26:6b:
70:f1:05:54:21:cb:85:34:5e:02:d6:de:91:35:e9:9b:de:ff:
bf:7c:9a:de:b2:49:6d:e9:e3:76:49:93:02:e6:83:eb:36:a6:
3e:bc:98:62:d8:ef:3a:95:f2:e1:24:a9:83:d7:d7:6c:8c:5c:
f8:ec:6f:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwjxKfgrVi/n/I8FLzsKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjIxYzg5YmM3ZTJiMjE0MDY3ZjMwNzA3YTRhMDNkYzM0
NmVlMDUwHhcNMjMwMTAxMTkxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjMzOTcxMTI3OTMxNDZhMDU4ZmE1NjQ2MWI2NDk0MTgxNTQ2MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5sRDP4bSzkJ+cCZSHct7K5ScV27
gK7OKqKNV7q9XO004JUM9CUinUVvIrnj4lGgYLlx1Cf1MiNV2BmJDgSwP8gGn8Ls
u9pZkGvL0VplQb3lnMmNXieK5i5UbY/eqlosvbSokXKC2KYy5RMVEjaarlpD3SUX
+G4Ccn80DmxhFCbO4+HC1CBw+mFl6uMrCWTXZNCgSJ1chyOtTTv0FPqyUY3c+MQp
UtT0vUmPwLlHyxqV/q7zw+YdM3y/3VYbsbpZal8rY0TF6rSvMfJjUhoDm9qC71i9
P2+nf6L73ovE6Y3M1kHkUgXm0mNkxwWqnajST/3a6Y3CkTcCAhqT0FNwSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8zlxEnkxRqBY+lZGG2SUGBVGG5MB8GA1UdIwQY
MBaAFMSyHIm8fishQGfzBwekoD3DRu4FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODkt
MDYzYjQwMTc0NTk3LzEvRHpPWEVTZVRGR29GajZWa1liWkpRWUZVWWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTM3YjgtMTM4My00YjcxLWExODktMDYzYjQwMTc0NTk3
LzEveExJY2lieC1LeUZBWl9NSEI2U2dQY05HN2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLQsqMA0G
CSqGSIb3DQEBCwUAA4IBAQAcejuMXw2yVNMFo8ZovsckJNYikXs4fotPM7SMx5KE
V0jGQlItijxpYJT3C05hfoCefUZvechQkgtFyZd05tr1SuNzaMW6ymZzGgWbofYU
G9e5V4wj8wO1fr0eyPic2iFiYbiOb813CVOPcjWNuypca4aX2LtDF7FGALzFxEdB
BzLoh/0rwjPOZtXJENkTA4Lrx+HiJIhV0LoKwUFuYutuCaajhDhGb3SaNrFcopNC
+7v09BpLj3aDI0oBtw2Y1SQsANegJmtw8QVUIcuFNF4C1t6RNemb3v+/fJresklt
6eN2SZMC5oPrNqY+vJhi2O86lfLhJKmD19dsjFz47G/G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:49 2024 by rpki-client on console-fra.rpki-client.org