Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9PWtWqhbG0n5y8Qbm3-vjj72I7s.roa
File: 9PWtWqhbG0n5y8Qbm3-vjj72I7s.roa (raw, json)
Hash identifier: A/AgF0nQjlM+UqCQo3bQfTXBAe7h8R0N1r4pk0N82VQ=
Subject key identifier: F4:F5:AD:5A:A8:5B:1B:49:F9:CB:C4:1B:9B:7F:AF:8E:3E:F6:23:BB
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC42557A4B1904418810F39AB5932ADA2
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9PWtWqhbG0n5y8Qbm3-vjj72I7s.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 45.81.20.0/24 maxlen: 24
2a0b:7080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 04 Mar 2024 15:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:57:a4:b1:90:44:18:81:0f:39:ab:59:32:ad:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4f5ad5aa85b1b49f9cbc41b9b7faf8e3ef623bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a1:61:ac:1e:a1:d7:ef:a7:55:11:25:d2:ae:
8a:63:0b:53:e1:e9:5d:c1:e4:b4:79:6e:15:4b:ec:
fe:26:f3:7f:cc:6f:54:64:83:1d:25:4d:d5:78:0e:
50:5f:9d:f1:a9:b1:04:c6:a8:64:ba:bb:c7:18:38:
91:20:51:76:c4:ee:1d:4c:07:d7:a6:3e:1a:30:11:
05:4d:e6:75:e3:17:72:21:da:3d:d8:b5:c7:31:64:
95:96:a4:40:ce:3b:f4:c4:07:b6:85:ad:7f:74:d1:
46:30:9d:be:63:26:95:8f:c2:42:90:cc:1e:ed:f2:
b2:e2:6d:0e:08:b1:0e:bb:af:b1:d7:c6:a6:6e:04:
5d:68:94:a7:19:45:5a:80:d4:56:26:dc:af:be:c6:
6b:42:21:66:c3:cb:a0:6c:b9:65:ce:40:9c:03:0b:
18:9a:a8:ed:54:a6:28:74:b7:db:5d:a6:54:d5:35:
c8:6b:4e:2e:74:90:bf:b2:57:81:e9:1c:7f:bd:37:
d6:43:c8:29:9c:5f:c1:4d:30:81:13:18:c2:63:0c:
e9:c7:46:68:03:0a:27:4c:4b:f6:77:c9:eb:67:52:
e5:24:51:2e:1b:9d:da:aa:68:d1:bd:06:64:ce:c5:
bd:56:a7:fd:0b:c7:0a:09:42:2d:07:dd:a4:3e:11:
6a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F5:AD:5A:A8:5B:1B:49:F9:CB:C4:1B:9B:7F:AF:8E:3E:F6:23:BB
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/9PWtWqhbG0n5y8Qbm3-vjj72I7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.20.0/24
IPv6:
2a0b:7080::/29
Signature Algorithm: sha256WithRSAEncryption
5f:d1:ab:15:e5:03:32:58:1e:8b:5f:0b:b9:8b:33:a5:49:9a:
60:b8:f5:3a:cd:83:5c:11:75:48:6e:03:09:5a:8f:48:c0:2a:
f3:1d:0b:e6:11:a1:3d:fc:bd:fc:af:e9:c3:02:2d:6e:b3:7c:
79:57:3d:c7:f7:c7:86:8a:77:65:8e:29:6a:a5:7d:0d:c4:dd:
73:43:57:55:78:b5:12:1e:3e:dc:e6:0e:7c:26:de:61:a3:26:
25:dc:d3:75:17:54:5a:ae:b0:86:a3:02:d8:a5:f6:fe:13:68:
4f:d4:7f:5d:44:14:3a:ce:ba:86:59:ab:4c:ed:2e:00:d4:67:
6b:ac:5c:56:1b:13:43:69:1b:02:dd:69:b8:08:03:03:27:13:
b2:23:2a:c3:53:1a:ec:f6:47:f0:ac:a2:bd:4d:93:65:aa:f6:
eb:bf:76:a7:ed:6d:01:c1:38:71:f7:20:25:98:f3:77:37:a3:
00:95:c6:7b:22:9a:66:a7:fe:7a:0c:df:f5:49:99:cd:f6:72:
e3:39:d2:7e:0f:67:00:b7:48:7c:21:6e:9c:0e:4d:99:0c:19:
02:9c:61:7f:34:2b:b0:9b:db:d1:1a:1a:8a:68:4e:50:2b:06:
47:07:14:23:31:0c:ef:31:62:27:57:45:a5:25:dd:c3:fe:1b:
42:03:3e:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJVeksZBEGIEPOatZMq2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGY1YWQ1YWE4NWIxYjQ5ZjljYmM0MWI5YjdmYWY4ZTNlZjYyM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqFhrB6h1++nVREl0q6KYwtT4eld
weS0eW4VS+z+JvN/zG9UZIMdJU3VeA5QX53xqbEExqhkurvHGDiRIFF2xO4dTAfX
pj4aMBEFTeZ14xdyIdo92LXHMWSVlqRAzjv0xAe2ha1/dNFGMJ2+YyaVj8JCkMwe
7fKy4m0OCLEOu6+x18ambgRdaJSnGUVagNRWJtyvvsZrQiFmw8ugbLllzkCcAwsY
mqjtVKYodLfbXaZU1TXIa04udJC/sleB6Rx/vTfWQ8gpnF/BTTCBExjCYwzpx0Zo
AwonTEv2d8nrZ1LlJFEuG53aqmjRvQZkzsW9Vqf9C8cKCUItB92kPhFqVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPT1rVqoWxtJ+cvEG5t/r44+9iO7MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvOVBXdFdxaGJHMG41eThRYm0zLXZqajcySTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVEUMA0E
AgACMAcDBQMqC3CAMA0GCSqGSIb3DQEBCwUAA4IBAQBf0asV5QMyWB6LXwu5izOl
SZpguPU6zYNcEXVIbgMJWo9IwCrzHQvmEaE9/L38r+nDAi1us3x5Vz3H98eGindl
jilqpX0NxN1zQ1dVeLUSHj7c5g58Jt5hoyYl3NN1F1RarrCGowLYpfb+E2hP1H9d
RBQ6zrqGWatM7S4A1GdrrFxWGxNDaRsC3Wm4CAMDJxOyIyrDUxrs9kfwrKK9TZNl
qvbrv3an7W0BwThx9yAlmPN3N6MAlcZ7Ippmp/56DN/1SZnN9nLjOdJ+D2cAt0h8
IW6cDk2ZDBkCnGF/NCuwm9vRGhqKaE5QKwZHBxQjMQzvMWInV0WlJd3D/htCAz7N
-----END CERTIFICATE-----
Generated at Mon Mar 4 19:43:29 2024 by rpki-client on console-fra.rpki-client.org