Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/1-Z2JLVOSsBG9eIfxKHn0AWUq-zI.roa
File: 1-Z2JLVOSsBG9eIfxKHn0AWUq-zI.roa (raw, json)
Hash identifier: QR2BgAQ6etnPZFt7eZnVl4Jr2Vt9yreBH4wF5hepXww=
Subject key identifier: F9:9D:89:2D:53:92:B0:11:BD:78:87:F1:28:79:F4:01:65:2A:FB:32
Certificate issuer: /CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Certificate serial: 01856F14A9F000AFFD8E57A20F7A375DBE32
Authority key identifier: D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/1-Z2JLVOSsBG9eIfxKHn0AWUq-zI.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 45.145.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a9:f0:00:af:fd:8e:57:a2:0f:7a:37:5d:be:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ba2618ab4b6042ee25c4679e0775e4306d71c6
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f99d892d5392b011bd7887f12879f401652afb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:38:0e:c9:ee:af:4a:78:83:e1:87:93:de:2d:
20:93:6c:b2:ab:f5:da:35:09:b0:cb:cb:db:27:33:
11:c5:c4:af:50:b8:b8:29:be:e9:70:de:da:95:35:
29:da:44:68:28:9b:87:a7:ce:b8:df:0a:db:e3:e4:
ab:14:54:77:15:e4:9e:31:f5:cf:96:4f:67:23:5f:
3f:c3:07:39:72:85:b2:ca:80:16:82:2d:ad:c0:f6:
d4:ea:b0:04:27:8c:15:b4:5c:d7:4b:f6:e0:59:ff:
56:a6:bb:65:09:d0:d2:70:2e:a2:65:4e:ad:fa:a0:
fd:c6:05:30:fd:6d:f3:7b:07:a3:1c:96:fe:32:af:
9d:c7:f8:81:33:6e:f8:ea:87:3f:a9:87:0d:85:a3:
8d:ce:2a:c2:83:ea:c1:19:02:92:32:af:94:30:71:
78:80:9b:13:62:06:31:8b:25:2b:8b:75:ce:d7:01:
02:b0:02:4c:40:59:07:89:18:33:59:30:f5:61:3f:
13:87:f0:5e:40:3d:71:a4:c7:31:15:e2:96:62:d1:
d6:0d:13:3a:1f:76:fe:e7:14:f6:b8:25:9d:d4:a6:
28:07:1d:8a:ca:47:17:ee:5f:e8:cf:66:9f:6e:4e:
fc:2a:41:5a:04:d7:8a:71:86:77:a5:14:7a:76:66:
01:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:9D:89:2D:53:92:B0:11:BD:78:87:F1:28:79:F4:01:65:2A:FB:32
X509v3 Authority Key Identifier:
keyid:D2:BA:26:18:AB:4B:60:42:EE:25:C4:67:9E:07:75:E4:30:6D:71:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0romGKtLYELuJcRnngd15DBtccY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/1-Z2JLVOSsBG9eIfxKHn0AWUq-zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a67996-54f1-4f1e-a760-8e0d5293aac8/1/0romGKtLYELuJcRnngd15DBtccY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.176.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:a6:bb:b5:46:0e:0b:a8:62:3c:be:e1:df:bd:17:41:19:cc:
90:2e:bc:2e:44:4d:3d:55:ef:bf:1d:7c:55:68:49:17:ec:ab:
a9:a5:e1:49:00:39:e4:ca:66:8e:2e:3e:bb:27:4e:2e:ef:17:
ba:a4:42:ee:8b:b3:91:87:85:17:48:c1:78:a9:d9:44:ee:68:
11:c2:0d:69:67:31:b8:a3:2b:b0:86:92:a9:69:b5:1a:4c:7e:
11:44:e3:4f:53:c0:16:58:34:60:07:b5:e1:d3:be:3e:84:0d:
a5:46:32:47:c8:f2:58:1d:9a:0f:73:fb:e7:c9:ab:d7:16:18:
f3:9b:0e:60:1f:32:cc:78:ae:e5:cf:8d:99:ad:d4:e6:de:66:
95:2a:c3:c3:c9:7f:c4:5c:86:61:2c:52:b1:f7:ce:3c:f0:3e:
21:ea:52:d9:f0:1c:a8:07:66:4e:c9:d5:19:05:12:44:52:71:
3d:e9:cc:45:5d:e1:13:cd:3e:ed:af:0a:10:20:56:11:b6:91:
b9:23:3d:2f:51:81:a8:dc:4a:01:b4:3a:7e:e9:fc:17:5f:73:
b4:62:c5:f9:88:b2:0b:56:a9:e5:cd:a6:11:32:37:37:0f:47:
fc:80:9d:18:20:4c:45:c1:9e:1f:0e:00:e9:0a:9e:08:8c:5e:
85:21:36:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvFKnwAK/9jleiD3o3Xb4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYmEyNjE4YWI0YjYwNDJlZTI1YzQ2NzllMDc3NWU0MzA2
ZDcxYzYwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTlkODkyZDUzOTJiMDExYmQ3ODg3ZjEyODc5ZjQwMTY1MmFmYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDgOye6vSniD4YeT3i0gk2yyq/Xa
NQmwy8vbJzMRxcSvULi4Kb7pcN7alTUp2kRoKJuHp8643wrb4+SrFFR3FeSeMfXP
lk9nI18/wwc5coWyyoAWgi2twPbU6rAEJ4wVtFzXS/bgWf9WprtlCdDScC6iZU6t
+qD9xgUw/W3zewejHJb+Mq+dx/iBM2746oc/qYcNhaONzirCg+rBGQKSMq+UMHF4
gJsTYgYxiyUri3XO1wECsAJMQFkHiRgzWTD1YT8Th/BeQD1xpMcxFeKWYtHWDRM6
H3b+5xT2uCWd1KYoBx2KykcX7l/oz2afbk78KkFaBNeKcYZ3pRR6dmYBOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmdiS1TkrARvXiH8Sh59AFlKvsyMB8GA1UdIwQY
MBaAFNK6JhirS2BC7iXEZ54HdeQwbXHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJvbUdLdExZRUx1SmNSbm5nZDE1REJ0Y2NZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNjc5OTYtNTRmMS00ZjFlLWE3NjAt
OGUwZDUyOTNhYWM4LzEvMS1aMkpMVk9Tc0JHOWVJZnhLSG4wQVdVcS16SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvYTY3OTk2LTU0ZjEtNGYxZS1hNzYwLThlMGQ1MjkzYWFj
OC8xLzByb21HS3RMWUVMdUpjUm5uZ2QxNURCdGNjWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2RsDAN
BgkqhkiG9w0BAQsFAAOCAQEAfKa7tUYOC6hiPL7h370XQRnMkC68LkRNPVXvvx18
VWhJF+yrqaXhSQA55Mpmji4+uydOLu8XuqRC7ouzkYeFF0jBeKnZRO5oEcINaWcx
uKMrsIaSqWm1Gkx+EUTjT1PAFlg0YAe14dO+PoQNpUYyR8jyWB2aD3P758mr1xYY
85sOYB8yzHiu5c+Nma3U5t5mlSrDw8l/xFyGYSxSsffOPPA+IepS2fAcqAdmTsnV
GQUSRFJxPenMRV3hE80+7a8KECBWEbaRuSM9L1GBqNxKAbQ6fun8F19ztGLF+Yiy
C1ap5c2mETI3Nw9H/ICdGCBMRcGeHw4A6QqeCIxehSE2ow==
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:02 2024 by rpki-client on console-ams.rpki-client.org