Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CquSX9RR8kbHm6LMpRiRXuhGlYE.roa
File: CquSX9RR8kbHm6LMpRiRXuhGlYE.roa (raw, json)
Hash identifier: c0SM/IMVW5AVIETBlNgFFJ8ZZis32ePZg4zjN51TZe0=
Subject key identifier: 0A:AB:92:5F:D4:51:F2:46:C7:9B:A2:CC:A5:18:91:5E:E8:46:95:81
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E886CBD12DBFA4DEDD719DF93AB4FC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CquSX9RR8kbHm6LMpRiRXuhGlYE.roa
Signing time: Mon 02 Jan 2023 09:55:42 +0000
ROA not before: Mon 02 Jan 2023 09:55:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 45.94.168.0/22 maxlen: 24
2.56.108.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:86:cb:d1:2d:bf:a4:de:dd:71:9d:f9:3a:b4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aab925fd451f246c79ba2cca518915ee8469581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fa:1d:22:30:88:0e:e3:04:d6:31:f6:ee:e8:
60:ea:4a:43:b2:6f:3e:8f:29:8b:fd:76:b7:e2:2c:
10:b2:5c:c1:3e:ea:02:68:ed:20:91:59:f1:4d:a7:
16:e7:70:e1:04:9c:a8:99:cd:c7:a8:c2:33:75:be:
52:20:04:05:c9:08:e4:61:cf:f7:6b:a1:49:8a:e0:
92:55:d5:be:fd:e2:61:e4:da:09:25:7d:a0:6e:ba:
80:2e:d6:6f:7d:bd:ac:78:b1:b5:a1:75:2d:52:20:
20:ae:a5:ae:e0:2d:c3:42:e6:79:02:e0:7a:dc:6e:
ea:6f:b4:0c:db:25:5f:48:4d:48:b8:5d:54:54:b8:
0a:34:37:71:97:e0:65:b0:19:32:48:a9:30:e4:9a:
d7:d4:9e:19:20:fd:f7:93:fd:b5:9b:c6:70:b1:3f:
2e:b5:b2:83:32:18:ce:da:e8:d8:91:89:d2:6f:d6:
4d:04:20:40:d6:6f:78:38:ca:a1:44:cf:23:8d:2f:
c1:c4:9f:ff:95:50:a6:30:d8:80:2f:60:1b:72:44:
27:6c:c8:21:bb:bc:00:4d:76:c4:af:f2:ea:2a:04:
78:3f:7d:9a:94:63:36:ad:90:17:e7:0e:56:97:3c:
ce:d4:56:ee:a9:71:b9:23:f3:92:5d:0b:43:4e:d2:
d6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AB:92:5F:D4:51:F2:46:C7:9B:A2:CC:A5:18:91:5E:E8:46:95:81
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/CquSX9RR8kbHm6LMpRiRXuhGlYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.94.168.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:47:0a:b3:40:d6:7d:67:3a:61:1b:4f:2b:b4:ac:e8:91:97:
f4:28:da:18:87:f4:3c:71:70:40:8f:22:40:56:1d:17:8e:64:
5f:46:dd:28:bf:86:e4:62:3d:f2:99:0a:16:4d:9b:c6:cd:4b:
11:1f:66:be:e1:b4:95:56:65:fb:c6:cf:54:46:66:55:65:83:
4b:5c:79:b1:ab:13:96:78:1f:fb:83:f3:36:f5:f8:1c:b6:a2:
19:d8:4e:33:c7:0b:e7:c1:5e:c2:1c:31:33:07:1a:3c:6b:1f:
9a:05:ac:b8:21:dd:ba:89:dd:1e:7e:9a:f4:5e:b3:55:52:fd:
c2:91:c7:a6:9d:e7:ee:af:47:e5:4f:6e:c1:88:ac:5c:91:fb:
d5:62:38:d8:38:83:22:40:12:81:23:e2:f4:b6:a1:f2:5b:6f:
c2:96:58:89:ea:1e:d7:bd:03:9d:d4:55:64:b2:76:a8:f8:df:
77:3e:03:61:2c:57:a7:04:4c:12:1a:5f:c9:fc:ad:2f:33:5d:
f1:74:d6:aa:11:9b:87:54:ed:c5:ab:eb:de:bc:d7:4d:8c:93:
93:22:94:07:1d:6d:2b:86:79:a7:6e:5f:4b:23:d6:5d:74:ea:
ea:4d:5b:40:95:07:44:21:fd:2a:9a:5e:0e:61:50:97:22:41:
6c:e0:7e:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx6IbL0S2/pN7dcZ35OrT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFiOTI1ZmQ0NTFmMjQ2Yzc5YmEyY2NhNTE4OTE1ZWU4NDY5NTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPodIjCIDuME1jH27uhg6kpDsm8+
jymL/Xa34iwQslzBPuoCaO0gkVnxTacW53DhBJyomc3HqMIzdb5SIAQFyQjkYc/3
a6FJiuCSVdW+/eJh5NoJJX2gbrqALtZvfb2seLG1oXUtUiAgrqWu4C3DQuZ5AuB6
3G7qb7QM2yVfSE1IuF1UVLgKNDdxl+BlsBkySKkw5JrX1J4ZIP33k/21m8ZwsT8u
tbKDMhjO2ujYkYnSb9ZNBCBA1m94OMqhRM8jjS/BxJ//lVCmMNiAL2AbckQnbMgh
u7wATXbEr/LqKgR4P32alGM2rZAX5w5WlzzO1FbuqXG5I/OSXQtDTtLWTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAqrkl/UUfJGx5uizKUYkV7oRpWBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQ3F1U1g5UlI4a2JIbTZMTXBSaVJYdWhHbFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjhsAwQC
LV6oMA0GCSqGSIb3DQEBCwUAA4IBAQCmRwqzQNZ9ZzphG08rtKzokZf0KNoYh/Q8
cXBAjyJAVh0XjmRfRt0ov4bkYj3ymQoWTZvGzUsRH2a+4bSVVmX7xs9URmZVZYNL
XHmxqxOWeB/7g/M29fgctqIZ2E4zxwvnwV7CHDEzBxo8ax+aBay4Id26id0efpr0
XrNVUv3Ckcemnefur0flT27BiKxckfvVYjjYOIMiQBKBI+L0tqHyW2/ClliJ6h7X
vQOd1FVksnao+N93PgNhLFenBEwSGl/J/K0vM13xdNaqEZuHVO3Fq+vevNdNjJOT
IpQHHW0rhnmnbl9LI9ZddOrqTVtAlQdEIf0qml4OYVCXIkFs4H5J
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org