Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/WdsMVw1sgaRZH9UnUJZD-4McjbI.roa
File: WdsMVw1sgaRZH9UnUJZD-4McjbI.roa (raw, json)
Hash identifier: 2LQVTu38qHPiMP3FO4lOdyiJoxQ7kCNQ17lLEGHtaf8=
Subject key identifier: 59:DB:0C:57:0D:6C:81:A4:59:1F:D5:27:50:96:43:FB:83:1C:8D:B2
Certificate issuer: /CN=a4aa9bcd06ea6c565dd907ca04e5077d68c0664f
Certificate serial: 018572CC9988E729C22B930E1C6E5F441C6F
Authority key identifier: A4:AA:9B:CD:06:EA:6C:56:5D:D9:07:CA:04:E5:07:7D:68:C0:66:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/WdsMVw1sgaRZH9UnUJZD-4McjbI.roa
Signing time: Mon 02 Jan 2023 14:04:49 +0000
ROA not before: Mon 02 Jan 2023 14:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208246
IP address blocks: 45.150.88.0/22 maxlen: 22
45.150.88.0/23 maxlen: 23
45.150.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:99:88:e7:29:c2:2b:93:0e:1c:6e:5f:44:1c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4aa9bcd06ea6c565dd907ca04e5077d68c0664f
Validity
Not Before: Jan 2 14:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59db0c570d6c81a4591fd527509643fb831c8db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:4e:d5:e9:af:6c:16:5a:65:f5:43:47:c0:
8c:16:09:e5:0d:d7:1b:a5:f7:38:d2:2c:9f:26:6f:
80:4c:19:63:d1:8a:ee:1f:e0:5a:c6:0b:f9:3b:62:
5b:72:ea:a3:24:08:1e:ef:80:13:58:8f:7b:e6:30:
8e:9c:6d:e2:a0:48:05:0f:52:64:5a:db:cf:73:90:
1a:ab:9e:c5:64:76:6e:b1:ae:c6:10:27:4b:f1:f8:
13:7d:a0:70:7b:ce:ac:4f:24:13:2d:ae:9e:40:fc:
c0:7f:93:c2:0d:2b:cc:62:99:12:c5:d0:09:7d:c3:
ac:1d:64:ee:fc:6a:18:71:c7:8a:ce:a0:d4:b6:ce:
09:07:d9:e6:c4:66:08:d8:b7:8e:5a:e7:94:e4:d5:
c7:5b:4b:f8:82:6e:8f:d2:e5:aa:79:ba:b1:21:1b:
35:e3:c5:0c:90:64:55:55:bb:b8:78:e8:18:3e:8f:
bd:28:6c:e6:83:19:cc:de:e0:78:9e:95:36:ef:6a:
6d:47:b5:e7:4f:27:78:3b:80:13:d1:20:e5:12:b6:
b7:ac:a5:b4:63:31:ed:dc:21:09:b8:b5:fd:6f:1e:
dc:81:27:3e:fe:b5:3e:e2:43:c5:27:d1:30:b6:f3:
da:05:2a:33:44:9b:49:a8:64:fc:51:1e:7f:8d:cf:
1e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:DB:0C:57:0D:6C:81:A4:59:1F:D5:27:50:96:43:FB:83:1C:8D:B2
X509v3 Authority Key Identifier:
keyid:A4:AA:9B:CD:06:EA:6C:56:5D:D9:07:CA:04:E5:07:7D:68:C0:66:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKqbzQbqbFZd2QfKBOUHfWjAZk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/WdsMVw1sgaRZH9UnUJZD-4McjbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/052f4c-be3c-4d19-aa04-0ab8dd9ebab1/1/pKqbzQbqbFZd2QfKBOUHfWjAZk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.88.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:88:c9:31:2f:10:64:d5:a3:e3:6c:2d:d3:c7:28:0c:50:e4:
d3:85:62:bb:99:ac:77:da:b4:5a:ba:fc:a2:6d:04:97:f0:7c:
c4:e5:43:c7:07:9e:15:bf:12:11:a2:1c:9c:d7:fd:95:a4:7a:
a6:8e:e5:0f:69:9a:ac:af:33:63:c9:1f:44:6f:af:47:ac:f7:
a6:a9:c7:d0:2b:13:ed:d4:b5:04:25:01:73:8d:4e:75:23:58:
84:bf:81:ac:6f:fa:b2:b5:02:25:90:ee:27:3e:d5:22:5d:fe:
79:50:00:f8:28:e0:f9:38:b8:73:f3:bb:fb:8f:38:98:e0:65:
0d:8c:63:0a:39:06:8d:bb:d2:1b:35:ca:b8:2a:60:da:db:90:
ad:51:df:9d:c1:9d:45:10:2c:38:bb:8d:74:68:b3:ad:08:d3:
e6:28:0c:55:20:ce:9c:91:3d:92:84:14:0e:a3:40:8a:e8:23:
83:e1:f3:4a:b3:33:80:de:54:43:90:82:be:d2:d4:a7:38:68:
c2:15:46:1f:cd:00:05:84:83:68:94:84:88:3d:88:e6:87:9a:
da:d1:92:85:99:33:99:85:fa:85:64:4f:1a:2b:e4:d8:8f:9a:
03:6c:3a:27:0c:b8:31:16:d8:7c:64:a0:73:12:4b:d5:a7:88:
df:af:99:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzJmI5ynCK5MOHG5fRBxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YWE5YmNkMDZlYTZjNTY1ZGQ5MDdjYTA0ZTUwNzdkNjhj
MDY2NGYwHhcNMjMwMTAyMTQwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWRiMGM1NzBkNmM4MWE0NTkxZmQ1Mjc1MDk2NDNmYjgzMWM4ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslpO1emvbBZaZfVDR8CMFgnlDdcb
pfc40iyfJm+ATBlj0YruH+Baxgv5O2JbcuqjJAge74ATWI975jCOnG3ioEgFD1Jk
WtvPc5Aaq57FZHZusa7GECdL8fgTfaBwe86sTyQTLa6eQPzAf5PCDSvMYpkSxdAJ
fcOsHWTu/GoYcceKzqDUts4JB9nmxGYI2LeOWueU5NXHW0v4gm6P0uWqebqxIRs1
48UMkGRVVbu4eOgYPo+9KGzmgxnM3uB4npU272ptR7XnTyd4O4AT0SDlEra3rKW0
YzHt3CEJuLX9bx7cgSc+/rU+4kPFJ9EwtvPaBSozRJtJqGT8UR5/jc8eUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFnbDFcNbIGkWR/VJ1CWQ/uDHI2yMB8GA1UdIwQY
MBaAFKSqm80G6mxWXdkHygTlB31owGZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wNTJmNGMtYmUzYy00ZDE5LWFhMDQt
MGFiOGRkOWViYWIxLzEvV2RzTVZ3MXNnYVJaSDlVblVKWkQtNE1jamJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wNTJmNGMtYmUzYy00ZDE5LWFhMDQtMGFiOGRkOWViYWIx
LzEvcEtxYnpRYnFiRlpkMlFmS0JPVUhmV2pBWms4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZZYMA0G
CSqGSIb3DQEBCwUAA4IBAQA8iMkxLxBk1aPjbC3TxygMUOTThWK7max32rRauvyi
bQSX8HzE5UPHB54VvxIRohyc1/2VpHqmjuUPaZqsrzNjyR9Eb69HrPemqcfQKxPt
1LUEJQFzjU51I1iEv4Gsb/qytQIlkO4nPtUiXf55UAD4KOD5OLhz87v7jziY4GUN
jGMKOQaNu9IbNcq4KmDa25CtUd+dwZ1FECw4u410aLOtCNPmKAxVIM6ckT2ShBQO
o0CK6COD4fNKszOA3lRDkIK+0tSnOGjCFUYfzQAFhINolISIPYjmh5ra0ZKFmTOZ
hfqFZE8aK+TYj5oDbDonDLgxFth8ZKBzEkvVp4jfr5kE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:59 2024 by rpki-client on console-ams.rpki-client.org