Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/nfc0ZidvjSuj-v1_FAXh8sdgZBY.roa
File: nfc0ZidvjSuj-v1_FAXh8sdgZBY.roa (raw, json)
Hash identifier: yMpGV6JlvmbLaknunT//F0t/ly1ZEG67G3h2BgXO++A=
Subject key identifier: 9D:F7:34:66:27:6F:8D:2B:A3:FA:FD:7F:14:05:E1:F2:C7:60:64:16
Certificate issuer: /CN=188a460189ee14abceda75997194ccbfe3c58b6b
Certificate serial: 01856FE72190ACBFA241067F5534EA29FD8D
Authority key identifier: 18:8A:46:01:89:EE:14:AB:CE:DA:75:99:71:94:CC:BF:E3:C5:8B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIpGAYnuFKvO2nWZcZTMv-PFi2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/nfc0ZidvjSuj-v1_FAXh8sdgZBY.roa
Signing time: Mon 02 Jan 2023 00:34:56 +0000
ROA not before: Mon 02 Jan 2023 00:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5524
IP address blocks: 45.11.12.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:21:90:ac:bf:a2:41:06:7f:55:34:ea:29:fd:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=188a460189ee14abceda75997194ccbfe3c58b6b
Validity
Not Before: Jan 2 00:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9df73466276f8d2ba3fafd7f1405e1f2c7606416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:51:be:9f:4c:5b:9e:01:1f:a2:4a:c9:50:e9:
e9:dd:49:09:80:43:65:94:08:7d:34:d3:42:6a:37:
5f:12:a5:3f:14:42:89:42:78:7e:d3:13:eb:d5:99:
4d:af:8f:06:11:30:99:ff:c1:e0:73:e6:ad:15:d7:
ac:d0:fd:f3:85:9e:ef:21:3a:4c:f2:e1:45:3b:e1:
e4:9b:39:11:33:ad:04:08:e3:cd:24:09:15:bb:7b:
8e:3d:97:9a:95:d3:f1:54:fa:48:87:28:de:1d:ed:
02:a3:85:62:c8:48:cc:cb:3a:9e:4b:ee:ed:ab:7a:
33:0f:ee:46:b4:b5:12:4b:c6:6c:73:06:46:fc:2d:
83:19:cb:ae:fc:0f:aa:f9:fb:f5:85:5a:41:44:1f:
88:14:81:98:da:03:6d:8f:4a:63:66:3d:93:af:ee:
f1:8c:09:5d:58:3d:d3:5a:17:01:7d:68:b1:86:ba:
29:13:48:67:18:87:dd:65:a2:1d:63:38:d0:5f:d3:
6d:f4:97:cb:fb:bf:ab:3b:22:60:ca:3a:1a:6f:6e:
99:03:bb:15:f4:30:63:d8:16:8b:ae:11:15:97:f4:
5b:bb:82:00:84:90:ee:4f:48:87:47:8b:28:46:20:
32:93:f2:38:54:2c:df:a6:3c:42:19:a4:32:b8:17:
44:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F7:34:66:27:6F:8D:2B:A3:FA:FD:7F:14:05:E1:F2:C7:60:64:16
X509v3 Authority Key Identifier:
keyid:18:8A:46:01:89:EE:14:AB:CE:DA:75:99:71:94:CC:BF:E3:C5:8B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIpGAYnuFKvO2nWZcZTMv-PFi2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/nfc0ZidvjSuj-v1_FAXh8sdgZBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/36d245-ed0e-4c55-b6ba-bcee5b1be0cb/1/GIpGAYnuFKvO2nWZcZTMv-PFi2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.12.0/22
Signature Algorithm: sha256WithRSAEncryption
44:4a:01:fa:e4:15:9b:e3:e3:e9:97:36:16:47:10:75:d2:4c:
53:2f:72:9f:8b:57:06:42:a5:70:39:7c:d6:0b:63:48:3e:39:
9b:db:d1:b2:d6:71:6c:ea:0f:43:41:11:fe:43:15:cb:cd:c1:
a7:3b:3e:06:2a:28:4c:e8:30:0a:1f:79:60:0b:7e:7c:16:4f:
71:70:c1:2d:a6:74:6f:b3:2d:a8:b7:bb:59:37:c5:ea:5b:af:
ad:6b:a6:00:9e:1e:c8:00:e4:05:d0:89:0c:02:cb:5d:f2:d0:
a9:e4:54:e2:39:38:e4:5b:04:64:63:47:79:7b:4b:b7:d7:e5:
1b:82:65:9f:4d:de:e5:81:ed:28:1c:66:34:fa:f7:2e:be:19:
6b:54:71:c3:60:53:f4:9c:66:bd:f6:6b:1d:c0:7b:07:5f:45:
45:97:68:0a:d9:30:75:96:e0:b7:e0:92:85:2e:b0:82:33:a3:
1b:9c:3e:95:72:a0:70:6d:f5:aa:17:99:78:dd:bc:0b:cc:b6:
fe:82:e1:a7:e1:9f:a9:b9:f1:f0:a7:27:d8:ef:8e:4e:a3:3c:
b7:f9:39:23:6c:86:c5:ab:3b:32:c2:65:ef:b7:71:01:d1:f3:
63:29:0b:4a:10:79:1f:cb:97:11:4a:19:01:d0:9d:15:8c:a4:
61:3c:bb:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5yGQrL+iQQZ/VTTqKf2NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OGE0NjAxODllZTE0YWJjZWRhNzU5OTcxOTRjY2JmZTNj
NThiNmIwHhcNMjMwMTAyMDAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGY3MzQ2NjI3NmY4ZDJiYTNmYWZkN2YxNDA1ZTFmMmM3NjA2NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1G+n0xbngEfokrJUOnp3UkJgENl
lAh9NNNCajdfEqU/FEKJQnh+0xPr1ZlNr48GETCZ/8Hgc+atFdes0P3zhZ7vITpM
8uFFO+HkmzkRM60ECOPNJAkVu3uOPZealdPxVPpIhyjeHe0Co4ViyEjMyzqeS+7t
q3ozD+5GtLUSS8ZscwZG/C2DGcuu/A+q+fv1hVpBRB+IFIGY2gNtj0pjZj2Tr+7x
jAldWD3TWhcBfWixhropE0hnGIfdZaIdYzjQX9Nt9JfL+7+rOyJgyjoab26ZA7sV
9DBj2BaLrhEVl/Rbu4IAhJDuT0iHR4soRiAyk/I4VCzfpjxCGaQyuBdElwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ33NGYnb40ro/r9fxQF4fLHYGQWMB8GA1UdIwQY
MBaAFBiKRgGJ7hSrztp1mXGUzL/jxYtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0lwR0FZbnVGS3ZPMm5XWmNaVE12LVBGaTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNmQyNDUtZWQwZS00YzU1LWI2YmEt
YmNlZTViMWJlMGNiLzEvbmZjMFppZHZqU3VqLXYxX0ZBWGg4c2RnWkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNmQyNDUtZWQwZS00YzU1LWI2YmEtYmNlZTViMWJlMGNi
LzEvR0lwR0FZbnVGS3ZPMm5XWmNaVE12LVBGaTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQsMMA0G
CSqGSIb3DQEBCwUAA4IBAQBESgH65BWb4+PplzYWRxB10kxTL3Kfi1cGQqVwOXzW
C2NIPjmb29Gy1nFs6g9DQRH+QxXLzcGnOz4GKihM6DAKH3lgC358Fk9xcMEtpnRv
sy2ot7tZN8XqW6+ta6YAnh7IAOQF0IkMAstd8tCp5FTiOTjkWwRkY0d5e0u31+Ub
gmWfTd7lge0oHGY0+vcuvhlrVHHDYFP0nGa99msdwHsHX0VFl2gK2TB1luC34JKF
LrCCM6MbnD6VcqBwbfWqF5l43bwLzLb+guGn4Z+pufHwpyfY745Oozy3+TkjbIbF
qzsywmXvt3EB0fNjKQtKEHkfy5cRShkB0J0VjKRhPLul
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:03 2024 by rpki-client on console-ams.rpki-client.org