Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/xJVI_SKJ716hYOjc3W4LQcEstcE.roa
File: xJVI_SKJ716hYOjc3W4LQcEstcE.roa (raw, json)
Hash identifier: UlxODNeajr2heqaCYso5wT/kxuz1+GZwfv2bZlXzk/E=
Subject key identifier: C4:95:48:FD:22:89:EF:5E:A1:60:E8:DC:DD:6E:0B:41:C1:2C:B5:C1
Certificate issuer: /CN=4def5b8ffbaf7d56af5d39f2f94c946d72f770f3
Certificate serial: 01857169C00CB59451A0329A866461B1AF3C
Authority key identifier: 4D:EF:5B:8F:FB:AF:7D:56:AF:5D:39:F2:F9:4C:94:6D:72:F7:70:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Te9bj_uvfVavXTny-UyUbXL3cPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/xJVI_SKJ716hYOjc3W4LQcEstcE.roa
Signing time: Mon 02 Jan 2023 07:37:13 +0000
ROA not before: Mon 02 Jan 2023 07:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39305
IP address blocks: 45.93.144.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c0:0c:b5:94:51:a0:32:9a:86:64:61:b1:af:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4def5b8ffbaf7d56af5d39f2f94c946d72f770f3
Validity
Not Before: Jan 2 07:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49548fd2289ef5ea160e8dcdd6e0b41c12cb5c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b7:e5:f1:fb:66:1e:e3:c7:00:1f:a2:6d:88:
a8:d6:38:5f:20:cc:0b:33:83:8d:0b:e9:fb:e6:da:
fa:1f:2d:bc:ed:53:be:0c:98:ba:2f:2a:0e:2b:61:
6e:f0:15:da:77:ff:3e:3d:c2:b2:1c:41:2e:2f:1b:
fd:4d:6e:31:39:38:37:06:7a:49:e3:79:cc:99:86:
a2:02:9e:67:ba:6e:e4:f0:e9:75:fc:a2:1f:ec:13:
b4:54:a0:b7:48:41:60:02:ec:09:4e:22:bf:72:8c:
96:77:25:8f:51:fa:a9:da:af:73:de:14:90:a1:c2:
69:e4:f3:53:76:aa:9e:63:10:ce:ee:af:7f:55:f4:
15:a0:b0:cb:f8:55:46:bb:ed:cb:98:63:51:58:23:
09:06:a4:ed:6c:a7:18:be:3c:59:e9:cb:b0:0f:d8:
39:db:6b:fb:1d:99:5a:b1:77:97:cc:cb:d3:51:b4:
5b:91:88:52:f9:03:b0:a6:d7:51:e9:91:6d:29:02:
1f:38:86:ef:4f:70:4b:e1:f5:32:df:46:a9:e9:b6:
dc:3b:15:af:2e:50:da:d4:e3:d2:30:18:d6:a3:63:
03:a6:74:c8:97:fc:6e:3d:9c:76:82:3c:68:91:6a:
b5:c3:9d:e7:c6:81:af:2e:23:f7:89:de:04:0c:03:
e2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:95:48:FD:22:89:EF:5E:A1:60:E8:DC:DD:6E:0B:41:C1:2C:B5:C1
X509v3 Authority Key Identifier:
keyid:4D:EF:5B:8F:FB:AF:7D:56:AF:5D:39:F2:F9:4C:94:6D:72:F7:70:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Te9bj_uvfVavXTny-UyUbXL3cPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/xJVI_SKJ716hYOjc3W4LQcEstcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/40427e-74fa-4a66-837d-a523bacdc2be/1/Te9bj_uvfVavXTny-UyUbXL3cPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.144.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:7f:ce:08:e0:ca:b9:8c:41:4f:c2:ee:74:44:f5:27:f4:53:
3c:d2:db:78:0f:2e:93:83:e8:2c:28:c9:a8:bc:72:dc:fe:a3:
4e:91:d5:8d:82:8a:dc:27:ac:cd:c9:2d:77:6e:e4:04:a9:a1:
33:a4:82:b6:5e:e9:47:c8:1f:2c:34:bd:46:65:30:b9:89:ba:
f0:28:fd:48:4c:eb:7c:83:9a:bd:df:a0:4d:f6:b2:db:72:7a:
8f:7f:99:aa:d1:98:f2:b0:63:9f:f5:06:d6:bb:b9:aa:93:9e:
57:4b:cf:f7:c3:64:08:38:df:66:aa:06:c9:45:c0:88:bb:5b:
8b:f4:ed:c6:16:a0:55:38:1e:9b:f9:7e:bb:85:11:7b:2e:17:
2f:a8:b5:91:a7:20:aa:3e:0d:5f:31:dc:0f:27:26:e0:2d:fd:
22:d4:39:17:d7:50:33:7f:fe:c4:65:8d:01:d9:52:9c:53:eb:
f7:52:7b:b1:91:df:a7:1a:31:06:0d:d9:66:a0:30:17:02:4a:
9f:d4:7d:1a:8e:ca:c6:9c:c6:2a:0e:5d:4e:11:85:11:9b:ff:
36:6c:41:f8:d9:5f:74:29:ef:d5:24:78:a8:69:3a:9e:00:82:
38:e3:ce:43:9c:a7:63:aa:db:c4:04:7e:ea:61:e6:11:fc:34:
10:e5:d2:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxacAMtZRRoDKahmRhsa88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZWY1YjhmZmJhZjdkNTZhZjVkMzlmMmY5NGM5NDZkNzJm
NzcwZjMwHhcNMjMwMTAyMDczNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk1NDhmZDIyODllZjVlYTE2MGU4ZGNkZDZlMGI0MWMxMmNiNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7fl8ftmHuPHAB+ibYio1jhfIMwL
M4ONC+n75tr6Hy287VO+DJi6LyoOK2Fu8BXad/8+PcKyHEEuLxv9TW4xOTg3BnpJ
43nMmYaiAp5num7k8Ol1/KIf7BO0VKC3SEFgAuwJTiK/coyWdyWPUfqp2q9z3hSQ
ocJp5PNTdqqeYxDO7q9/VfQVoLDL+FVGu+3LmGNRWCMJBqTtbKcYvjxZ6cuwD9g5
22v7HZlasXeXzMvTUbRbkYhS+QOwptdR6ZFtKQIfOIbvT3BL4fUy30ap6bbcOxWv
LlDa1OPSMBjWo2MDpnTIl/xuPZx2gjxokWq1w53nxoGvLiP3id4EDAPiGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSVSP0iie9eoWDo3N1uC0HBLLXBMB8GA1UdIwQY
MBaAFE3vW4/7r31Wr1058vlMlG1y93DzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGU5YmpfdXZmVmF2WFRueS1VeVViWEwzY1BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80MDQyN2UtNzRmYS00YTY2LTgzN2Qt
YTUyM2JhY2RjMmJlLzEveEpWSV9TS0o3MTZoWU9qYzNXNExRY0VzdGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80MDQyN2UtNzRmYS00YTY2LTgzN2QtYTUyM2JhY2RjMmJl
LzEvVGU5YmpfdXZmVmF2WFRueS1VeVViWEwzY1BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLV2QMA0G
CSqGSIb3DQEBCwUAA4IBAQBKf84I4Mq5jEFPwu50RPUn9FM80tt4Dy6Tg+gsKMmo
vHLc/qNOkdWNgorcJ6zNyS13buQEqaEzpIK2XulHyB8sNL1GZTC5ibrwKP1ITOt8
g5q936BN9rLbcnqPf5mq0ZjysGOf9QbWu7mqk55XS8/3w2QION9mqgbJRcCIu1uL
9O3GFqBVOB6b+X67hRF7LhcvqLWRpyCqPg1fMdwPJybgLf0i1DkX11Azf/7EZY0B
2VKcU+v3Unuxkd+nGjEGDdlmoDAXAkqf1H0ajsrGnMYqDl1OEYURm/82bEH42V90
Ke/VJHioaTqeAII4485DnKdjqtvEBH7qYeYR/DQQ5dKm
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:49 2024 by rpki-client on console-ams.rpki-client.org