Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9505HU7iv9AisCAC_kroqwy37gw.roa
File: 9505HU7iv9AisCAC_kroqwy37gw.roa (raw, json)
Hash identifier: I00SZkw8Vj6UETo1nlyQ9Yxl6mLzLzKsknyrpG9Gcqc=
Subject key identifier: F7:9D:39:1D:4E:E2:BF:D0:22:B0:20:02:FE:4A:E8:AB:0C:B7:EE:0C
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F40BF79DFD1D9DE4278F3EF3EBEF4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9505HU7iv9AisCAC_kroqwy37gw.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 45.9.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 May 2024 10:08:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:40:bf:79:df:d1:d9:de:42:78:f3:ef:3e:be:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f79d391d4ee2bfd022b02002fe4ae8ab0cb7ee0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:85:05:a8:92:2e:d3:38:b3:5d:f9:dc:e0:00:
3c:29:61:2c:a8:b5:4d:16:c5:9c:13:1a:8e:55:b6:
68:71:8f:88:51:38:c2:17:f6:45:17:d1:ac:c7:45:
79:ae:49:00:38:36:2b:76:9b:ba:65:0e:61:66:c7:
b1:69:2d:5b:b5:60:56:93:d3:c5:4b:75:2b:5f:47:
95:3c:96:0d:8c:a1:e4:53:48:a7:6b:20:49:7a:71:
32:eb:8f:f6:57:f1:3d:32:dd:4c:3a:41:d6:32:2f:
df:9e:1c:76:10:ec:59:cc:af:6e:ef:97:d1:88:f3:
4a:dd:e2:c8:62:bf:f2:8e:85:c5:c5:f6:56:92:31:
cc:ea:ca:4e:f4:08:19:e2:02:63:68:6a:f9:c2:ec:
17:57:b3:a9:f9:d5:65:cd:82:5f:69:14:1b:5b:af:
01:e6:6c:4d:fa:d8:f8:fa:46:be:ca:10:7c:5b:e2:
f2:b1:6d:f0:a1:2f:fb:cb:47:33:23:2c:4a:2d:f8:
df:8b:d4:b2:16:a5:6b:22:ee:fb:59:47:9c:ea:30:
b9:d2:da:38:3c:8e:f6:ab:dd:f8:4d:a5:26:37:16:
8e:20:f2:1b:ca:57:38:6b:24:0c:80:6a:86:3c:24:
3c:77:c1:cb:eb:06:58:f2:5f:ae:19:a3:56:b7:e3:
73:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9D:39:1D:4E:E2:BF:D0:22:B0:20:02:FE:4A:E8:AB:0C:B7:EE:0C
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/9505HU7iv9AisCAC_kroqwy37gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:ea:35:e3:27:2c:be:fd:80:10:0b:61:49:81:91:59:de:5b:
e8:ed:5b:75:1a:fb:c9:bd:9c:04:85:c3:12:9a:5f:07:cc:13:
22:b4:84:85:75:d5:85:67:c0:5d:ae:b3:b3:8c:a1:4e:0d:62:
c3:98:8f:84:ff:b1:60:4a:58:a3:8d:3e:8b:ec:7d:a6:25:92:
89:38:7a:cd:b8:83:4b:2a:43:60:0d:a4:af:31:f9:79:ff:f4:
d0:ed:3f:32:d0:71:20:c0:3a:d9:9b:e8:0f:ed:e0:25:cb:d8:
7a:c9:30:f3:8b:f1:97:87:59:f1:4e:0c:32:73:32:ed:7e:5f:
0f:12:5a:cb:ae:79:20:ef:97:5e:fb:a1:69:88:d0:57:78:be:
41:4f:e9:23:59:6a:94:30:ed:91:10:a5:9e:82:19:a1:5a:4e:
94:7e:6d:71:44:e8:ef:93:a1:15:49:89:d1:7c:a5:fb:e7:2a:
7c:4e:62:b0:b7:ec:9d:0b:40:38:bf:6e:bf:8c:41:5d:0c:db:
82:32:03:87:ae:52:90:57:fd:3d:b9:ac:5b:62:e7:ec:d8:6f:
a6:5b:79:eb:2d:4e:68:cd:bf:9b:39:7f:3d:8a:1c:d0:cf:e1:
99:cc:8a:f1:64:bc:2c:25:88:4e:a3:3c:48:64:5f:bd:e6:59:
ce:6a:df:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0C/ed/R2d5CePPvPr70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzlkMzkxZDRlZTJiZmQwMjJiMDIwMDJmZTRhZThhYjBjYjdlZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4UFqJIu0zizXfnc4AA8KWEsqLVN
FsWcExqOVbZocY+IUTjCF/ZFF9Gsx0V5rkkAODYrdpu6ZQ5hZsexaS1btWBWk9PF
S3UrX0eVPJYNjKHkU0inayBJenEy64/2V/E9Mt1MOkHWMi/fnhx2EOxZzK9u75fR
iPNK3eLIYr/yjoXFxfZWkjHM6spO9AgZ4gJjaGr5wuwXV7Op+dVlzYJfaRQbW68B
5mxN+tj4+ka+yhB8W+LysW3woS/7y0czIyxKLfjfi9SyFqVrIu77WUec6jC50to4
PI72q934TaUmNxaOIPIbylc4ayQMgGqGPCQ8d8HL6wZY8l+uGaNWt+NzTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPedOR1O4r/QIrAgAv5K6KsMt+4MMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvOTUwNUhVN2l2OUFpc0NBQ19rcm9xd3kzN2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkeMA0G
CSqGSIb3DQEBCwUAA4IBAQC06jXjJyy+/YAQC2FJgZFZ3lvo7Vt1GvvJvZwEhcMS
ml8HzBMitISFddWFZ8BdrrOzjKFODWLDmI+E/7FgSlijjT6L7H2mJZKJOHrNuINL
KkNgDaSvMfl5//TQ7T8y0HEgwDrZm+gP7eAly9h6yTDzi/GXh1nxTgwyczLtfl8P
ElrLrnkg75de+6FpiNBXeL5BT+kjWWqUMO2REKWeghmhWk6Ufm1xROjvk6EVSYnR
fKX75yp8TmKwt+ydC0A4v26/jEFdDNuCMgOHrlKQV/09uaxbYufs2G+mW3nrLU5o
zb+bOX89ihzQz+GZzIrxZLwsJYhOozxIZF+95lnOat/6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org