Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/4FOJevjinWaaXFnS1tL3pzqnFEU.roa
File: 4FOJevjinWaaXFnS1tL3pzqnFEU.roa (raw, json)
Hash identifier: Ca/hu39zPh0fFcdJA+WNa0JXh+fzusYSsq48misPgG8=
Subject key identifier: E0:53:89:7A:F8:E2:9D:66:9A:5C:59:D2:D6:D2:F7:A7:3A:A7:14:45
Certificate issuer: /CN=159d30b70b9a83cb8ed5501f554a7feca382f959
Certificate serial: 01898D29630FB5169B6E2143F02F5262BBA4
Authority key identifier: 15:9D:30:B7:0B:9A:83:CB:8E:D5:50:1F:55:4A:7F:EC:A3:82:F9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/4FOJevjinWaaXFnS1tL3pzqnFEU.roa
Signing time: Tue 25 Jul 2023 13:07:26 +0000
ROA not before: Tue 25 Jul 2023 13:07:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199703
IP address blocks: 45.157.144.0/22 maxlen: 22
2a13:f000::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8d:29:63:0f:b5:16:9b:6e:21:43:f0:2f:52:62:bb:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=159d30b70b9a83cb8ed5501f554a7feca382f959
Validity
Not Before: Jul 25 13:07:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e053897af8e29d669a5c59d2d6d2f7a73aa71445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4c:60:3f:88:30:e7:65:b5:f0:82:94:e8:ee:
2a:ec:f4:aa:ae:7b:74:b1:6d:76:42:58:0a:ab:4d:
73:65:b6:a8:a1:fa:93:53:c5:e0:6d:60:79:44:01:
3d:67:83:c0:d0:61:cb:bf:d0:56:c9:c6:55:17:cc:
0c:0b:39:52:80:10:83:0a:40:a0:4f:6f:c4:dd:f9:
ef:28:4b:a8:9b:b0:83:cb:c9:14:4c:eb:90:d9:80:
c5:46:2c:cc:e5:d8:7f:d9:e0:4d:d5:d4:99:e8:64:
06:a5:1a:06:28:e0:a9:9f:e6:67:0c:ee:0e:ec:95:
5d:33:b4:6b:b3:28:2a:98:32:57:d3:54:02:e0:84:
a1:78:2f:77:0c:7f:d3:a0:bb:2a:61:6f:2a:61:c3:
a5:76:46:5b:47:c2:79:8c:8d:65:20:68:8e:13:bf:
b3:f6:ab:00:11:48:7d:3d:a4:12:c1:c2:ac:8b:d8:
eb:d3:f0:0e:f4:51:7a:db:87:ad:96:64:27:bb:5e:
7c:4a:84:b8:ba:83:b0:37:63:4f:c7:1b:8b:52:5f:
99:85:1f:dc:3e:80:5b:87:10:aa:3c:f3:79:9a:fc:
38:3e:59:ec:e7:06:68:e7:f6:99:a0:0f:61:40:bd:
31:d3:55:bd:19:ce:df:23:f1:04:99:6f:3a:fe:15:
6d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:53:89:7A:F8:E2:9D:66:9A:5C:59:D2:D6:D2:F7:A7:3A:A7:14:45
X509v3 Authority Key Identifier:
keyid:15:9D:30:B7:0B:9A:83:CB:8E:D5:50:1F:55:4A:7F:EC:A3:82:F9:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/4FOJevjinWaaXFnS1tL3pzqnFEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/956c37-993a-41de-abe0-65d722837121/1/FZ0wtwuag8uO1VAfVUp_7KOC-Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.144.0/22
IPv6:
2a13:f000::/32
Signature Algorithm: sha256WithRSAEncryption
5e:bf:ae:a7:c4:c6:d7:77:ce:3f:c2:f2:b7:08:70:01:3d:b3:
3c:03:bb:8e:14:b0:98:32:f9:11:e4:89:bc:26:1c:c4:c4:9a:
99:c5:a7:af:3a:a4:a8:9d:2b:90:29:4e:f9:2b:16:bd:71:2c:
32:70:16:74:8e:63:4e:ca:9d:4c:6c:9e:4c:62:01:36:d9:9e:
51:7e:0c:34:cf:c5:04:bf:69:b4:fd:64:bf:aa:4e:c8:4b:71:
98:d8:06:7f:43:83:81:1e:4f:12:d5:1d:95:31:2c:f7:c9:a5:
82:7b:38:23:9b:2b:9f:d5:c8:9a:c5:13:4d:84:c5:41:63:9d:
2a:da:43:a3:cd:aa:c6:05:b1:87:0d:ee:e4:57:dc:58:05:7d:
35:14:7f:be:bd:bc:da:50:83:6b:44:5c:d2:81:a9:4f:af:18:
fb:79:72:e8:32:76:0d:bf:f7:ca:d1:04:2b:78:8c:87:2d:f0:
56:fd:bf:19:f3:0c:ec:6a:16:e0:c1:19:7e:f2:16:da:b6:d9:
9e:a7:0d:77:f5:38:a2:54:c8:31:c0:be:c2:7c:3a:9f:1b:c0:
0b:23:9b:17:36:89:90:97:ea:b1:cf:e8:d7:17:62:fa:8a:b4:
2b:25:c6:82:2f:39:02:7e:0d:d1:4c:3f:9c:d9:95:c9:54:78:
c4:44:43:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmNKWMPtRabbiFD8C9SYrukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OWQzMGI3MGI5YTgzY2I4ZWQ1NTAxZjU1NGE3ZmVjYTM4
MmY5NTkwHhcNMjMwNzI1MTMwNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUzODk3YWY4ZTI5ZDY2OWE1YzU5ZDJkNmQyZjdhNzNhYTcxNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoExgP4gw52W18IKU6O4q7PSqrnt0
sW12QlgKq01zZbaoofqTU8XgbWB5RAE9Z4PA0GHLv9BWycZVF8wMCzlSgBCDCkCg
T2/E3fnvKEuom7CDy8kUTOuQ2YDFRizM5dh/2eBN1dSZ6GQGpRoGKOCpn+ZnDO4O
7JVdM7RrsygqmDJX01QC4ISheC93DH/ToLsqYW8qYcOldkZbR8J5jI1lIGiOE7+z
9qsAEUh9PaQSwcKsi9jr0/AO9FF624etlmQnu158SoS4uoOwN2NPxxuLUl+ZhR/c
PoBbhxCqPPN5mvw4Plns5wZo5/aZoA9hQL0x01W9Gc7fI/EEmW86/hVt2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOBTiXr44p1mmlxZ0tbS96c6pxRFMB8GA1UdIwQY
MBaAFBWdMLcLmoPLjtVQH1VKf+yjgvlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlowd3R3dWFnOHVPMVZBZlZVcF83S09DLVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85NTZjMzctOTkzYS00MWRlLWFiZTAt
NjVkNzIyODM3MTIxLzEvNEZPSmV2amluV2FhWEZuUzF0TDNwenFuRkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85NTZjMzctOTkzYS00MWRlLWFiZTAtNjVkNzIyODM3MTIx
LzEvRlowd3R3dWFnOHVPMVZBZlZVcF83S09DLVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ2QMA0E
AgACMAcDBQAqE/AAMA0GCSqGSIb3DQEBCwUAA4IBAQBev66nxMbXd84/wvK3CHAB
PbM8A7uOFLCYMvkR5Im8JhzExJqZxaevOqSonSuQKU75Kxa9cSwycBZ0jmNOyp1M
bJ5MYgE22Z5Rfgw0z8UEv2m0/WS/qk7IS3GY2AZ/Q4OBHk8S1R2VMSz3yaWCezgj
myuf1ciaxRNNhMVBY50q2kOjzarGBbGHDe7kV9xYBX01FH++vbzaUINrRFzSgalP
rxj7eXLoMnYNv/fK0QQreIyHLfBW/b8Z8wzsahbgwRl+8hbattmepw139TiiVMgx
wL7CfDqfG8ALI5sXNomQl+qxz+jXF2L6irQrJcaCLzkCfg3RTD+c2ZXJVHjEREMB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:47 2024 by rpki-client on console-ams.rpki-client.org