Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/qUzmzt-lLhnw1sY3DGQYobTmhE4.roa
File: qUzmzt-lLhnw1sY3DGQYobTmhE4.roa (raw, json)
Hash identifier: xlDDwX+kNvyvQAhe2pmrhOzfgLJFaKo897VQWWBYy/s=
Subject key identifier: A9:4C:E6:CE:DF:A5:2E:19:F0:D6:C6:37:0C:64:18:A1:B4:E6:84:4E
Certificate issuer: /CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Certificate serial: 018CC2DABC3A71B9D6D2E326D601C97CF2DF
Authority key identifier: B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/qUzmzt-lLhnw1sY3DGQYobTmhE4.roa
Signing time: Mon 01 Jan 2024 02:29:24 +0000
ROA not before: Mon 01 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216154
IP address blocks: 45.10.172.0/23 maxlen: 23
84.252.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 14 Feb 2024 11:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bc:3a:71:b9:d6:d2:e3:26:d6:01:c9:7c:f2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b21a3f4af94a580eb9e7b58542a0084b21c2b09b
Validity
Not Before: Jan 1 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a94ce6cedfa52e19f0d6c6370c6418a1b4e6844e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:49:dc:d9:25:5d:8a:ee:a7:47:f3:16:90:ee:
1f:25:3f:8c:43:04:7c:82:dd:ff:8b:fa:99:75:5f:
bb:03:ce:fa:f4:c2:cf:ae:8a:48:b1:83:e2:1d:68:
30:38:1a:27:78:6b:45:a5:97:01:80:e9:ae:8e:30:
c1:0b:fe:6f:ba:ec:d6:f3:e1:09:13:f3:4f:a9:f9:
9e:1c:fa:97:94:5d:fe:e9:29:ea:5e:66:4d:84:49:
03:a6:d8:51:a9:c3:a2:72:6f:1f:b9:45:6f:c5:e8:
8a:85:c4:e1:02:b5:dc:04:43:12:e0:bd:4b:ef:9e:
80:ff:6b:21:7e:c6:36:bf:9a:5c:77:92:28:c2:66:
af:a7:0c:af:e4:45:98:01:1d:54:88:4d:2a:77:73:
33:70:ac:c6:57:e8:44:ee:f5:cf:50:ed:42:25:2a:
df:c9:5a:1c:10:c8:4e:b7:90:04:91:26:67:f9:59:
9a:99:50:a6:9e:e2:8a:28:ba:64:2c:ee:95:60:02:
36:cc:38:12:46:c5:1b:94:69:83:28:0b:e2:bc:9b:
72:8a:d9:04:81:ad:0b:9a:72:4e:19:75:61:c5:51:
63:b2:19:6d:f9:28:0e:78:26:84:ba:f7:7d:7f:60:
f5:9e:c1:6b:3a:af:72:1e:53:ff:0c:b0:39:07:86:
d3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4C:E6:CE:DF:A5:2E:19:F0:D6:C6:37:0C:64:18:A1:B4:E6:84:4E
X509v3 Authority Key Identifier:
keyid:B2:1A:3F:4A:F9:4A:58:0E:B9:E7:B5:85:42:A0:08:4B:21:C2:B0:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sho_SvlKWA6557WFQqAISyHCsJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/qUzmzt-lLhnw1sY3DGQYobTmhE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/991f1c-999b-4f75-b0bf-5129172b6966/1/sho_SvlKWA6557WFQqAISyHCsJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.172.0/23
84.252.102.0/23
Signature Algorithm: sha256WithRSAEncryption
15:08:af:71:b6:7b:ca:63:12:15:80:11:a5:2f:75:bc:a1:81:
74:34:d5:1a:ff:a6:12:e7:38:24:1e:f5:72:8c:5e:02:01:27:
d5:1f:fa:4a:fd:a6:5d:0f:69:cb:ef:e4:63:0d:b8:73:de:20:
7b:4c:bd:3b:68:5d:96:61:46:da:7a:82:a6:94:7f:94:58:a2:
cf:dd:25:25:cb:e2:86:ad:5f:db:72:e4:8c:96:da:b4:b2:ef:
92:f9:2b:73:3b:be:e6:85:f7:61:96:a4:95:f5:ac:5d:15:7a:
83:fe:6e:a5:76:e3:7b:ce:dc:72:e1:ec:e9:b5:15:b9:d3:97:
72:4b:64:48:c6:1a:ef:d1:d5:2e:f5:ce:3f:e4:95:97:4e:0a:
05:2f:68:47:73:db:10:c4:8f:89:91:bc:54:ff:b7:93:93:58:
aa:53:01:76:f9:b4:14:b0:bc:4f:57:68:c5:c9:ec:0f:06:b2:
f1:6b:27:ea:11:d3:7f:8e:5c:ef:3c:e6:ed:9d:fd:44:ee:90:
d8:f3:97:14:35:af:3a:76:6c:44:da:0a:8e:16:60:b3:b4:da:
2f:95:f0:23:6e:66:f1:ef:60:73:37:a5:2e:12:ed:2f:2e:39:
5b:a6:cf:d5:50:ec:46:35:32:6a:0a:33:fc:54:dc:9b:cb:57:
af:d7:10:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2rw6cbnW0uMm1gHJfPLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMWEzZjRhZjk0YTU4MGViOWU3YjU4NTQyYTAwODRiMjFj
MmIwOWIwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRjZTZjZWRmYTUyZTE5ZjBkNmM2MzcwYzY0MThhMWI0ZTY4NDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEnc2SVdiu6nR/MWkO4fJT+MQwR8
gt3/i/qZdV+7A8769MLPropIsYPiHWgwOBoneGtFpZcBgOmujjDBC/5vuuzW8+EJ
E/NPqfmeHPqXlF3+6SnqXmZNhEkDpthRqcOicm8fuUVvxeiKhcThArXcBEMS4L1L
756A/2shfsY2v5pcd5Iowmavpwyv5EWYAR1UiE0qd3MzcKzGV+hE7vXPUO1CJSrf
yVocEMhOt5AEkSZn+VmamVCmnuKKKLpkLO6VYAI2zDgSRsUblGmDKAvivJtyitkE
ga0LmnJOGXVhxVFjshlt+SgOeCaEuvd9f2D1nsFrOq9yHlP/DLA5B4bTmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKlM5s7fpS4Z8NbGNwxkGKG05oROMB8GA1UdIwQY
MBaAFLIaP0r5SlgOuee1hUKgCEshwrCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYt
NTEyOTE3MmI2OTY2LzEvcVV6bXp0LWxMaG53MXNZM0RHUVlvYlRtaEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85OTFmMWMtOTk5Yi00Zjc1LWIwYmYtNTEyOTE3MmI2OTY2
LzEvc2hvX1N2bEtXQTY1NTdXRlFxQUlTeUhDc0pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQqsAwQB
VPxmMA0GCSqGSIb3DQEBCwUAA4IBAQAVCK9xtnvKYxIVgBGlL3W8oYF0NNUa/6YS
5zgkHvVyjF4CASfVH/pK/aZdD2nL7+RjDbhz3iB7TL07aF2WYUbaeoKmlH+UWKLP
3SUly+KGrV/bcuSMltq0su+S+StzO77mhfdhlqSV9axdFXqD/m6lduN7ztxy4ezp
tRW505dyS2RIxhrv0dUu9c4/5JWXTgoFL2hHc9sQxI+JkbxU/7eTk1iqUwF2+bQU
sLxPV2jFyewPBrLxayfqEdN/jlzvPObtnf1E7pDY85cUNa86dmxE2gqOFmCztNov
lfAjbmbx72BzN6UuEu0vLjlbps/VUOxGNTJqCjP8VNyby1ev1xBM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:39 2024 by rpki-client on console-ams.rpki-client.org