Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/RO8_MLaAZ4LHj7sx1W71gGnW-B8.roa
File: RO8_MLaAZ4LHj7sx1W71gGnW-B8.roa (raw, json)
Hash identifier: 1FbW9E+oImaMxTvQnFgeUcHfwnCEOWRvS4HTepxjChA=
Subject key identifier: 44:EF:3F:30:B6:80:67:82:C7:8F:BB:31:D5:6E:F5:80:69:D6:F8:1F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01856ED4DCC6525C140BC5A3DA5AC2A3F264
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/RO8_MLaAZ4LHj7sx1W71gGnW-B8.roa
Signing time: Sun 01 Jan 2023 19:35:22 +0000
ROA not before: Sun 01 Jan 2023 19:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 109.122.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Mar 2023 18:14:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:dc:c6:52:5c:14:0b:c5:a3:da:5a:c2:a3:f2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 1 19:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44ef3f30b6806782c78fbb31d56ef58069d6f81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3e:60:21:ce:e4:e9:50:86:61:d3:67:20:4f:
76:a9:d1:82:11:dd:99:60:15:89:37:e6:b6:14:ef:
fb:0d:24:54:8e:12:51:d0:13:39:78:1c:0a:3e:65:
20:27:9d:74:a4:2f:a6:79:9d:3d:4a:11:41:53:5a:
22:45:53:50:ed:d2:3f:f8:e4:1d:f2:91:d7:e8:74:
b2:e6:e6:8c:df:35:d2:6c:3d:13:e1:67:e6:57:e5:
ad:3b:98:85:25:b9:43:bc:ae:7c:f1:11:17:70:2a:
64:b7:ee:b9:99:fb:a3:6e:11:1e:c8:97:ba:b8:9e:
b1:5a:f3:7b:63:8a:5a:65:d0:3a:e8:d2:22:5c:79:
36:16:ca:60:30:fc:68:69:db:04:15:d8:90:a9:c4:
d9:9d:d3:3b:c1:c5:23:b1:ca:2d:5c:67:a6:62:34:
9a:a0:d7:7a:4d:d6:87:9c:5b:25:98:27:11:cc:f8:
a9:d7:c7:23:d7:b9:08:16:9a:db:c2:e2:b8:85:3a:
77:8e:60:fb:54:57:71:8a:38:0d:44:82:b6:0e:9e:
6f:e6:20:a6:61:d1:ac:0e:69:4d:47:af:55:86:26:
a8:bb:2c:19:85:8e:41:28:fd:b0:f7:78:f2:08:86:
41:a0:37:81:14:9b:37:e8:d9:06:fe:c2:64:16:c9:
fa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:EF:3F:30:B6:80:67:82:C7:8F:BB:31:D5:6E:F5:80:69:D6:F8:1F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/RO8_MLaAZ4LHj7sx1W71gGnW-B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.45.0/24
Signature Algorithm: sha256WithRSAEncryption
36:4d:a7:19:02:d0:e7:e4:3d:d1:2b:19:87:1f:7b:c0:e3:b3:
dc:3e:fd:04:bb:ab:f8:c5:ec:91:f9:ff:45:a7:5e:78:59:45:
f5:4b:e6:be:13:21:06:1f:8a:92:7a:0c:e0:d9:a4:e0:a0:dd:
70:99:4f:a1:b3:0b:ab:0b:65:cb:0d:02:91:28:12:c6:37:c1:
98:8c:52:2d:f7:dc:e3:5c:cb:4d:72:06:12:4b:2d:56:72:0b:
bd:13:c4:04:41:94:dd:c7:11:21:ef:cb:c1:2e:36:a0:fb:2d:
35:5d:db:c7:a0:a8:6c:02:5f:81:d0:d8:bf:d1:ae:2d:0a:a5:
87:6d:92:13:08:2f:18:ff:ea:54:24:0a:78:4a:3a:0b:0e:84:
0f:ef:54:1f:e3:ac:c7:f0:b3:f0:10:b2:97:83:45:59:85:e9:
88:5c:05:e3:a9:7d:6d:ce:b2:bf:95:24:bd:34:d2:12:29:5f:
79:20:55:18:67:97:0f:51:b3:17:b7:eb:23:9b:bb:57:28:c1:
a4:cb:82:69:ef:68:d2:58:94:1d:1d:c4:23:81:50:1a:44:d1:
df:81:53:f8:b7:9f:8a:87:c9:4c:e0:d7:65:51:3a:84:a8:82:
11:99:59:e4:bd:bc:4c:10:44:f7:91:81:91:f5:f5:8b:2b:f1:
2c:f9:f5:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NzGUlwUC8Wj2lrCo/JkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMTAxMTkzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGVmM2YzMGI2ODA2NzgyYzc4ZmJiMzFkNTZlZjU4MDY5ZDZmODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij5gIc7k6VCGYdNnIE92qdGCEd2Z
YBWJN+a2FO/7DSRUjhJR0BM5eBwKPmUgJ510pC+meZ09ShFBU1oiRVNQ7dI/+OQd
8pHX6HSy5uaM3zXSbD0T4WfmV+WtO5iFJblDvK588REXcCpkt+65mfujbhEeyJe6
uJ6xWvN7Y4paZdA66NIiXHk2FspgMPxoadsEFdiQqcTZndM7wcUjscotXGemYjSa
oNd6TdaHnFslmCcRzPip18cj17kIFprbwuK4hTp3jmD7VFdxijgNRIK2Dp5v5iCm
YdGsDmlNR69VhiaouywZhY5BKP2w93jyCIZBoDeBFJs36NkG/sJkFsn6/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFETvPzC2gGeCx4+7MdVu9YBp1vgfMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUk84X01MYUFaNExIajdzeDFXNzFnR25XLUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXotMA0G
CSqGSIb3DQEBCwUAA4IBAQA2TacZAtDn5D3RKxmHH3vA47PcPv0Eu6v4xeyR+f9F
p154WUX1S+a+EyEGH4qSegzg2aTgoN1wmU+hswurC2XLDQKRKBLGN8GYjFIt99zj
XMtNcgYSSy1Wcgu9E8QEQZTdxxEh78vBLjag+y01XdvHoKhsAl+B0Ni/0a4tCqWH
bZITCC8Y/+pUJAp4SjoLDoQP71Qf46zH8LPwELKXg0VZhemIXAXjqX1tzrK/lSS9
NNISKV95IFUYZ5cPUbMXt+sjm7tXKMGky4Jp72jSWJQdHcQjgVAaRNHfgVP4t5+K
h8lM4NdlUTqEqIIRmVnkvbxMEET3kYGR9fWLK/Es+fUM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org