Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/2T4O2IBQXgpLU3PKnzG72eEqKo4.roa
File: 2T4O2IBQXgpLU3PKnzG72eEqKo4.roa (raw, json)
Hash identifier: GEwtTB3ZdVOU2HUB/b+PMEkCKJuyD/s/x2deK57Iauo=
Subject key identifier: D9:3E:0E:D8:80:50:5E:0A:4B:53:73:CA:9F:31:BB:D9:E1:2A:2A:8E
Certificate issuer: /CN=df83cc17f26bc6a97c44d8a2436a95c72a94bff1
Certificate serial: 0185708CA992AB2935D57A2BE07931E2EEB5
Authority key identifier: DF:83:CC:17:F2:6B:C6:A9:7C:44:D8:A2:43:6A:95:C7:2A:94:BF:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34PMF_Jrxql8RNiiQ2qVxyqUv_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/2T4O2IBQXgpLU3PKnzG72eEqKo4.roa
Signing time: Mon 02 Jan 2023 03:35:44 +0000
ROA not before: Mon 02 Jan 2023 03:35:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48821
IP address blocks: 45.159.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a9:92:ab:29:35:d5:7a:2b:e0:79:31:e2:ee:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df83cc17f26bc6a97c44d8a2436a95c72a94bff1
Validity
Not Before: Jan 2 03:35:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d93e0ed880505e0a4b5373ca9f31bbd9e12a2a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f1:9e:64:07:6f:ad:c3:b5:50:58:f7:c0:bd:
e0:18:23:57:de:2f:b2:6a:30:d8:29:53:7d:24:65:
c0:41:63:07:bf:5d:78:17:d5:34:0e:1b:eb:2a:08:
80:56:31:be:4a:82:43:32:9e:54:92:e6:4f:33:2a:
64:56:23:42:44:42:ee:10:eb:ec:36:dc:b1:74:71:
00:85:8f:29:3f:70:e7:f1:c1:4a:2b:91:39:7e:ca:
63:52:c5:f1:0c:3e:24:60:b6:1b:a6:87:88:c2:70:
58:66:54:e0:9e:ea:83:6f:6c:29:18:9d:4f:18:8f:
87:9d:81:76:a3:ab:03:00:85:e7:fb:ce:1f:2a:f5:
84:84:d5:95:58:2a:53:de:66:f0:98:db:e1:a8:8b:
77:8c:ab:21:c7:4a:c8:65:80:a6:79:9b:a4:43:d8:
df:18:d0:4b:ff:68:23:36:9c:e8:f2:aa:2d:5e:a7:
fc:cf:ef:7f:30:81:00:ca:bb:36:21:3b:d0:36:8a:
40:65:0a:4e:60:f2:2a:5b:81:ef:86:40:bf:1f:2c:
42:0a:bd:8b:92:e3:e9:2c:df:1c:b3:a0:d5:25:cc:
bd:aa:a0:44:74:a7:5b:35:b7:9b:76:9b:06:89:69:
69:b7:92:73:b3:e8:57:c6:64:63:bb:48:64:ad:8e:
10:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3E:0E:D8:80:50:5E:0A:4B:53:73:CA:9F:31:BB:D9:E1:2A:2A:8E
X509v3 Authority Key Identifier:
keyid:DF:83:CC:17:F2:6B:C6:A9:7C:44:D8:A2:43:6A:95:C7:2A:94:BF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34PMF_Jrxql8RNiiQ2qVxyqUv_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/2T4O2IBQXgpLU3PKnzG72eEqKo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/840683-519c-4a4d-ae46-069ad3d6e5b0/1/34PMF_Jrxql8RNiiQ2qVxyqUv_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.32.0/22
Signature Algorithm: sha256WithRSAEncryption
98:a2:22:b6:a0:cd:73:f7:1e:f1:2e:59:b2:8e:f6:d0:f1:10:
6e:17:ed:db:f2:b4:8f:64:ef:5c:c4:d4:51:3c:18:3c:75:f6:
30:55:04:96:95:84:9d:5f:0b:41:6c:70:a4:05:22:d0:cc:42:
2f:4e:17:3e:2f:e4:bd:3c:3e:cc:03:b8:13:fc:1f:5a:c2:f5:
17:a0:be:37:82:cc:b3:ab:99:8e:89:a7:2b:a7:9e:28:69:50:
55:3d:b8:40:54:79:c5:3f:b6:41:cf:be:bd:68:3d:62:90:15:
9b:ef:7a:b9:d5:31:25:3c:68:42:62:86:12:4f:98:6f:cd:7b:
31:af:d3:39:e3:ac:ff:7a:92:9f:99:b3:52:f4:b1:69:8c:5b:
2c:fb:9a:78:61:0d:9d:96:27:23:3d:0a:5b:f9:c0:07:3d:ac:
83:34:12:28:c9:00:ff:a4:37:58:f7:45:77:38:ee:f4:e1:03:
72:cb:01:b3:f9:81:70:13:00:d9:a8:da:8d:aa:a0:15:ff:ba:
3d:98:0c:c9:5d:d9:53:b7:94:76:7f:c4:df:e4:26:4e:b5:07:
9a:6f:88:e6:e4:d0:f8:35:e5:a3:1a:46:ee:99:38:f9:7b:f9:
e5:71:ac:47:c3:d5:dd:ce:f2:9c:43:85:3e:70:28:bb:a9:40:
61:6e:f8:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKmSqyk11Xor4Hkx4u61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODNjYzE3ZjI2YmM2YTk3YzQ0ZDhhMjQzNmE5NWM3MmE5
NGJmZjEwHhcNMjMwMTAyMDMzNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNlMGVkODgwNTA1ZTBhNGI1MzczY2E5ZjMxYmJkOWUxMmEyYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPGeZAdvrcO1UFj3wL3gGCNX3i+y
ajDYKVN9JGXAQWMHv114F9U0DhvrKgiAVjG+SoJDMp5UkuZPMypkViNCRELuEOvs
NtyxdHEAhY8pP3Dn8cFKK5E5fspjUsXxDD4kYLYbpoeIwnBYZlTgnuqDb2wpGJ1P
GI+HnYF2o6sDAIXn+84fKvWEhNWVWCpT3mbwmNvhqIt3jKshx0rIZYCmeZukQ9jf
GNBL/2gjNpzo8qotXqf8z+9/MIEAyrs2ITvQNopAZQpOYPIqW4HvhkC/HyxCCr2L
kuPpLN8cs6DVJcy9qqBEdKdbNbebdpsGiWlpt5Jzs+hXxmRju0hkrY4QOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNk+DtiAUF4KS1Nzyp8xu9nhKiqOMB8GA1UdIwQY
MBaAFN+DzBfya8apfETYokNqlccqlL/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRQTUZfSnJ4cWw4Uk5paVEycVZ4eXFVdl9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84NDA2ODMtNTE5Yy00YTRkLWFlNDYt
MDY5YWQzZDZlNWIwLzEvMlQ0TzJJQlFYZ3BMVTNQS256RzcyZUVxS280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84NDA2ODMtNTE5Yy00YTRkLWFlNDYtMDY5YWQzZDZlNWIw
LzEvMzRQTUZfSnJ4cWw4Uk5paVEycVZ4eXFVdl9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ8gMA0G
CSqGSIb3DQEBCwUAA4IBAQCYoiK2oM1z9x7xLlmyjvbQ8RBuF+3b8rSPZO9cxNRR
PBg8dfYwVQSWlYSdXwtBbHCkBSLQzEIvThc+L+S9PD7MA7gT/B9awvUXoL43gsyz
q5mOiacrp54oaVBVPbhAVHnFP7ZBz769aD1ikBWb73q51TElPGhCYoYST5hvzXsx
r9M546z/epKfmbNS9LFpjFss+5p4YQ2dlicjPQpb+cAHPayDNBIoyQD/pDdY90V3
OO704QNyywGz+YFwEwDZqNqNqqAV/7o9mAzJXdlTt5R2f8Tf5CZOtQeab4jm5ND4
NeWjGkbumTj5e/nlcaxHw9XdzvKcQ4U+cCi7qUBhbvgz
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:45 2024 by rpki-client on console-ams.rpki-client.org