Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/ZIzSn85Uy7aZ_DIy6jsqtfOg2aQ.roa
File: ZIzSn85Uy7aZ_DIy6jsqtfOg2aQ.roa (raw, json)
Hash identifier: dj9wlMia7N6cTxan3KhRJdnRdfrpkn9FjCFLvo00WcQ=
Subject key identifier: 64:8C:D2:9F:CE:54:CB:B6:99:FC:32:32:EA:3B:2A:B5:F3:A0:D9:A4
Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Certificate serial: 018C0E6C83977A4D9AE1D322C83AA9141ACA
Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/ZIzSn85Uy7aZ_DIy6jsqtfOg2aQ.roa
Signing time: Mon 27 Nov 2023 01:37:21 +0000
ROA not before: Mon 27 Nov 2023 01:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44841
IP address blocks: 45.153.248.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0e:6c:83:97:7a:4d:9a:e1:d3:22:c8:3a:a9:14:1a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0
Validity
Not Before: Nov 27 01:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=648cd29fce54cbb699fc3232ea3b2ab5f3a0d9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:07:d4:f9:c5:ad:d7:14:06:d3:f0:f5:90:
03:d8:3d:30:cf:81:e8:07:00:15:d4:bf:2c:b2:6a:
1d:ba:f1:25:76:c5:d5:a3:d4:6b:83:a8:d6:ab:65:
06:12:c5:d9:4d:92:97:c2:bd:13:19:3f:3f:cc:4a:
f5:b6:2c:80:c3:91:df:18:59:6a:80:61:52:56:dd:
7f:f5:51:0c:4a:1d:91:d3:99:71:1e:76:cc:9e:32:
f7:d2:22:9c:93:fa:67:ef:e0:ab:53:af:70:92:a4:
59:9e:89:1b:dd:83:c9:4b:af:05:4d:9d:2f:cb:86:
b2:9f:a1:47:18:89:f3:c7:44:7a:b1:54:61:e3:ad:
42:3c:35:11:6b:5a:1b:49:b9:8c:18:82:2d:f1:f9:
bc:86:63:47:7b:c4:1a:a3:f1:67:d9:08:c4:d3:19:
0a:78:c5:45:16:6b:b3:ae:76:70:f6:19:e3:61:cd:
53:c8:0e:ae:a0:69:a6:2f:06:36:c1:4f:ef:f6:82:
47:6a:79:fa:40:e2:60:95:2e:95:24:40:51:c0:20:
7a:0e:4e:16:96:0e:2e:b3:0e:fb:f4:1b:66:6b:17:
7b:cd:cb:c0:8b:90:cc:f4:ca:02:50:3e:9e:90:0a:
96:b0:55:b9:43:b9:d6:14:00:c0:e1:06:f6:96:ae:
7c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:8C:D2:9F:CE:54:CB:B6:99:FC:32:32:EA:3B:2A:B5:F3:A0:D9:A4
X509v3 Authority Key Identifier:
keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/ZIzSn85Uy7aZ_DIy6jsqtfOg2aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.248.0/22
Signature Algorithm: sha256WithRSAEncryption
95:16:40:2f:2b:80:f6:3f:ea:54:a6:5a:ce:0d:07:cb:8a:5c:
e6:74:83:a3:ab:9e:35:6a:d9:db:6d:b5:ad:4b:aa:69:93:af:
da:e7:be:ae:07:c0:8e:f3:4c:2a:dc:c4:70:f0:09:9a:44:85:
5f:be:95:c1:2d:50:1d:e9:fd:ba:24:19:71:8a:a0:94:27:3d:
e7:b0:bf:bc:03:08:6f:b9:ff:52:4c:61:d2:fb:8b:ba:29:d7:
57:da:ac:13:04:ce:fe:fe:db:3e:55:b6:f9:33:c7:5e:5e:91:
44:2c:2b:99:8e:7c:27:eb:4b:26:01:51:7b:07:f2:49:6e:77:
fb:14:a2:4a:79:ac:f2:85:c0:d7:de:c6:dc:42:b6:fc:80:9d:
18:b3:53:54:0c:ae:68:e5:a0:f2:a4:69:a5:25:d3:7a:9a:ca:
62:d8:bb:ba:62:43:c6:f2:1d:71:4b:05:49:4f:2f:de:36:c9:
75:6f:c7:87:64:d1:a7:9e:9d:c4:6a:14:7c:8d:e6:e6:db:59:
0f:14:45:12:e0:91:17:a2:58:26:dc:c7:41:27:7c:11:8f:98:
81:e8:7d:92:ae:5d:de:87:fd:d8:fd:e2:f6:b9:ec:cb:c3:79:
75:24:df:74:1c:26:84:b6:81:9e:74:44:9e:d3:74:4a:50:f8:
9b:95:24:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwObIOXek2a4dMiyDqpFBrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjBhMjA0ZjRlMDljYzgzYTYyNThkN2FhNDRmN2QyZjBm
YTQ0YTAwHhcNMjMxMTI3MDEzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDhjZDI5ZmNlNTRjYmI2OTlmYzMyMzJlYTNiMmFiNWYzYTBkOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPAH1PnFrdcUBtPw9ZAD2D0wz4Ho
BwAV1L8ssmoduvEldsXVo9Rrg6jWq2UGEsXZTZKXwr0TGT8/zEr1tiyAw5HfGFlq
gGFSVt1/9VEMSh2R05lxHnbMnjL30iKck/pn7+CrU69wkqRZnokb3YPJS68FTZ0v
y4ayn6FHGInzx0R6sVRh461CPDURa1obSbmMGIIt8fm8hmNHe8Qao/Fn2QjE0xkK
eMVFFmuzrnZw9hnjYc1TyA6uoGmmLwY2wU/v9oJHann6QOJglS6VJEBRwCB6Dk4W
lg4usw779Btmaxd7zcvAi5DM9MoCUD6ekAqWsFW5Q7nWFADA4Qb2lq58NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSM0p/OVMu2mfwyMuo7KrXzoNmkMB8GA1UdIwQY
MBaAFLUgogT04JzIOmJY16pE99Lw+kSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAt
YjhiMWU0YjRlY2I5LzEvWkl6U244NVV5N2FaX0RJeTZqc3F0Zk9nMmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAtYjhiMWU0YjRlY2I5
LzEvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZn4MA0G
CSqGSIb3DQEBCwUAA4IBAQCVFkAvK4D2P+pUplrODQfLilzmdIOjq541atnbbbWt
S6ppk6/a576uB8CO80wq3MRw8AmaRIVfvpXBLVAd6f26JBlxiqCUJz3nsL+8Awhv
uf9STGHS+4u6KddX2qwTBM7+/ts+Vbb5M8deXpFELCuZjnwn60smAVF7B/JJbnf7
FKJKeazyhcDX3sbcQrb8gJ0Ys1NUDK5o5aDypGmlJdN6mspi2Lu6YkPG8h1xSwVJ
Ty/eNsl1b8eHZNGnnp3EahR8jebm21kPFEUS4JEXolgm3MdBJ3wRj5iB6H2Srl3e
h/3Y/eL2uezLw3l1JN90HCaEtoGedESe03RKUPiblSTy
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:33 2024 by rpki-client on console-ams.rpki-client.org