Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/_4d6RyJrNOrkaPwqx6SWei-wumM.roa
File: _4d6RyJrNOrkaPwqx6SWei-wumM.roa (raw, json)
Hash identifier: Egj6QsA+a74ww9yF4kxB3aNhx37Te3roeQelH1qYVrk=
Subject key identifier: FF:87:7A:47:22:6B:34:EA:E4:68:FC:2A:C7:A4:96:7A:2F:B0:BA:63
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 018963E95658ABE4C80A7C863F20271B0B8D
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/_4d6RyJrNOrkaPwqx6SWei-wumM.roa
Signing time: Mon 17 Jul 2023 12:53:03 +0000
ROA not before: Mon 17 Jul 2023 12:53:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204572
IP address blocks: 45.86.216.0/22 maxlen: 22
2a0e:e880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:e9:56:58:ab:e4:c8:0a:7c:86:3f:20:27:1b:0b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Jul 17 12:53:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff877a47226b34eae468fc2ac7a4967a2fb0ba63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:66:7d:a9:64:f6:7d:e3:0c:92:ed:a2:d5:
e7:9c:b1:30:f5:2d:2b:e1:d2:71:d4:aa:f5:cc:fd:
22:af:c5:d4:88:03:a5:b7:c2:0c:60:05:22:e5:7b:
24:16:cf:8c:3f:dc:0b:3e:ff:62:83:90:7f:02:dc:
a4:7d:25:fc:cc:96:48:2c:95:66:f9:3f:cd:27:88:
55:ec:59:40:84:a0:94:17:6d:4f:12:5b:ff:57:3c:
a8:58:3d:82:ac:ed:4c:94:50:dd:2d:92:ea:26:d5:
c0:73:de:d0:12:2d:97:94:40:e1:01:88:c7:9a:ed:
bb:22:7b:04:f5:6f:99:b8:6b:ee:12:a9:51:f9:8f:
92:15:a7:a8:d6:0d:7b:a8:67:31:9b:20:c6:99:43:
ea:cf:de:13:50:35:39:08:5c:a3:3e:63:38:05:87:
02:4f:ef:c3:c5:e6:64:4b:fb:1b:f1:aa:ff:e1:e5:
4e:01:e2:6d:23:ba:00:8b:c4:74:7f:0c:c7:10:3c:
21:0d:8d:f1:5b:41:5a:46:ce:bd:ea:98:e5:bb:b7:
b4:e7:9b:9b:d1:49:c1:b4:a0:47:f9:a0:90:94:0e:
37:9a:77:39:ac:c0:3c:df:d0:62:74:75:11:d3:d7:
b1:97:34:3f:39:ec:5d:0d:34:0e:28:86:b0:4a:5b:
3f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:87:7A:47:22:6B:34:EA:E4:68:FC:2A:C7:A4:96:7A:2F:B0:BA:63
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/_4d6RyJrNOrkaPwqx6SWei-wumM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.216.0/22
IPv6:
2a0e:e880::/29
Signature Algorithm: sha256WithRSAEncryption
63:45:f7:fb:98:ee:c4:da:ae:26:31:63:1b:ad:aa:ea:0f:0e:
27:bf:b3:af:63:8a:64:bf:1f:26:30:97:0b:d0:17:6c:26:e1:
ab:74:7d:b5:42:a1:e2:21:9c:53:14:96:e1:dd:69:f8:10:5d:
2f:46:54:dc:18:ff:94:02:1d:4c:58:ea:3b:35:c9:a3:f3:88:
b4:98:e6:9c:51:23:2c:67:06:7f:f4:b0:45:71:2c:e0:f7:ca:
c1:12:43:95:04:18:06:c7:21:91:6e:4e:1a:17:0e:c1:54:0e:
76:99:d1:32:3c:92:c0:65:1c:03:5a:af:b3:dd:a3:11:c2:31:
c3:19:a4:2c:27:8a:24:5e:2e:7f:be:34:96:e0:af:fe:d6:85:
bc:d4:91:95:32:1d:58:54:e9:7e:cb:ce:3c:29:81:ed:ff:c5:
ad:0c:a3:da:83:d6:02:79:1d:df:c1:d2:4b:47:cf:fe:7b:8a:
25:fd:47:22:19:32:2a:3e:76:75:b5:3c:21:51:3b:ec:be:e8:
dd:66:e2:69:70:74:22:63:12:37:c2:f5:ad:de:9b:bb:d3:cb:
6c:24:4f:03:87:2e:b3:00:50:7e:12:f9:a4:c1:3e:e2:b5:09:
70:c6:ca:f5:91:0e:03:76:19:63:b2:54:03:c4:bf:63:5f:91:
6d:ef:9f:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlj6VZYq+TICnyGPyAnGwuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjMwNzE3MTI1MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg3N2E0NzIyNmIzNGVhZTQ2OGZjMmFjN2E0OTY3YTJmYjBiYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnJmfalk9n3jDJLtotXnnLEw9S0r
4dJx1Kr1zP0ir8XUiAOlt8IMYAUi5XskFs+MP9wLPv9ig5B/AtykfSX8zJZILJVm
+T/NJ4hV7FlAhKCUF21PElv/VzyoWD2CrO1MlFDdLZLqJtXAc97QEi2XlEDhAYjH
mu27InsE9W+ZuGvuEqlR+Y+SFaeo1g17qGcxmyDGmUPqz94TUDU5CFyjPmM4BYcC
T+/DxeZkS/sb8ar/4eVOAeJtI7oAi8R0fwzHEDwhDY3xW0FaRs696pjlu7e055ub
0UnBtKBH+aCQlA43mnc5rMA839BidHUR09exlzQ/OexdDTQOKIawSls/UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP+HekciazTq5Gj8KseklnovsLpjMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvXzRkNlJ5SnJOT3JrYVB3cXg2U1dlaS13dW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVbYMA0E
AgACMAcDBQMqDuiAMA0GCSqGSIb3DQEBCwUAA4IBAQBjRff7mO7E2q4mMWMbrarq
Dw4nv7OvY4pkvx8mMJcL0BdsJuGrdH21QqHiIZxTFJbh3Wn4EF0vRlTcGP+UAh1M
WOo7Ncmj84i0mOacUSMsZwZ/9LBFcSzg98rBEkOVBBgGxyGRbk4aFw7BVA52mdEy
PJLAZRwDWq+z3aMRwjHDGaQsJ4okXi5/vjSW4K/+1oW81JGVMh1YVOl+y848KYHt
/8WtDKPag9YCeR3fwdJLR8/+e4ol/UciGTIqPnZ1tTwhUTvsvujdZuJpcHQiYxI3
wvWt3pu708tsJE8Dhy6zAFB+EvmkwT7itQlwxsr1kQ4DdhljslQDxL9jX5Ft759q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:02 2024 by rpki-client on console-ams.rpki-client.org