Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R4zaS_gfV0NcXDGaJJxNOsbeX-w.roa
File: R4zaS_gfV0NcXDGaJJxNOsbeX-w.roa (raw, json)
Hash identifier: d6NBjajW/T4Q+kJHWKxhjMCU0EvTegEuPy4oexgkCpU=
Subject key identifier: 47:8C:DA:4B:F8:1F:57:43:5C:5C:31:9A:24:9C:4D:3A:C6:DE:5F:EC
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B6D12BBD30DE5E972BDF250EA98B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R4zaS_gfV0NcXDGaJJxNOsbeX-w.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206127
IP address blocks: 45.150.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b6:d1:2b:bd:30:de:5e:97:2b:df:25:0e:a9:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=478cda4bf81f57435c5c319a249c4d3ac6de5fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:62:1f:b8:ec:80:e0:c0:1f:2b:9b:e0:58:e3:
ce:36:3d:59:93:e4:31:56:eb:3f:3b:fd:b7:77:e3:
d9:43:99:bc:6d:31:85:b3:ee:10:30:53:42:b9:04:
0a:32:40:53:a0:d3:9e:ae:0e:48:b1:b9:00:89:5b:
be:cd:26:19:22:b4:ef:05:f7:42:63:24:c4:6c:bd:
98:a1:3b:ca:35:57:44:7f:84:e2:5b:eb:44:dc:a6:
27:a4:2f:cc:78:5d:73:2f:7b:c6:c4:fb:12:53:02:
ee:8e:6c:7f:ca:c5:ba:e6:c8:cd:32:16:3b:9a:4e:
07:0a:0a:b8:a1:0b:03:1c:5a:96:38:c2:e3:01:ed:
e8:07:b0:f0:7f:d5:af:f2:70:7e:2f:52:46:d0:33:
93:64:19:a5:06:4e:20:d0:22:92:c4:3b:e4:a8:72:
38:99:1c:be:8a:dc:02:e3:bd:df:a8:10:b0:b2:b6:
4a:2f:8c:00:aa:5b:75:0d:8d:05:1b:d4:10:ff:9b:
ed:b6:fa:61:60:21:ca:44:6b:82:65:c4:44:61:62:
ff:95:a3:ae:7a:d0:1d:3a:f4:07:b5:40:12:e5:18:
8c:73:65:af:df:55:37:57:91:4a:40:7e:cc:74:16:
84:17:50:cb:d7:00:06:22:53:9c:f5:6d:91:8a:ac:
f2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:8C:DA:4B:F8:1F:57:43:5C:5C:31:9A:24:9C:4D:3A:C6:DE:5F:EC
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/R4zaS_gfV0NcXDGaJJxNOsbeX-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:1f:2f:06:bd:79:d5:ef:2b:79:fa:62:1c:07:e1:68:f8:15:
e1:41:17:f2:6b:68:46:90:d2:d5:8e:47:da:54:8c:28:cc:8c:
c8:34:ed:85:2e:c9:fa:d0:84:6c:1f:52:39:02:50:10:d5:38:
83:0d:a9:bf:0d:78:17:88:d9:e9:5e:e1:b0:30:fa:63:b1:1f:
ae:78:83:53:59:33:74:f9:d0:31:be:0f:01:b3:ec:ea:e3:b8:
4d:38:8d:a9:b1:f9:46:77:f5:7d:bf:94:6e:24:f2:45:ee:3e:
50:a6:21:86:f5:ae:83:ca:ba:fa:06:0a:b9:af:54:9c:28:eb:
7c:27:97:85:64:a3:50:28:03:f2:c1:82:53:26:95:82:fd:34:
56:ee:9a:ac:a4:90:05:8b:15:51:d9:48:7b:94:51:9c:8f:cc:
1d:53:72:af:ff:36:22:1d:d1:6f:a5:6f:2b:a9:c0:82:80:30:
9c:c8:98:cf:fa:cc:5a:1c:9f:91:07:11:b6:a5:d1:89:58:33:
d6:a6:78:76:2e:fc:e5:bb:33:4e:e2:10:c7:82:a6:2d:d9:fa:
3f:6e:54:3d:a2:81:27:6e:75:23:ab:10:cc:91:c3:08:13:03:
d0:83:10:b2:d7:3e:51:f2:8d:c9:3f:c1:6d:c1:da:ee:7f:84:
3c:34:54:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7bRK70w3l6XK98lDqmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzhjZGE0YmY4MWY1NzQzNWM1YzMxOWEyNDljNGQzYWM2ZGU1ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2IfuOyA4MAfK5vgWOPONj1Zk+Qx
Vus/O/23d+PZQ5m8bTGFs+4QMFNCuQQKMkBToNOerg5IsbkAiVu+zSYZIrTvBfdC
YyTEbL2YoTvKNVdEf4TiW+tE3KYnpC/MeF1zL3vGxPsSUwLujmx/ysW65sjNMhY7
mk4HCgq4oQsDHFqWOMLjAe3oB7Dwf9Wv8nB+L1JG0DOTZBmlBk4g0CKSxDvkqHI4
mRy+itwC473fqBCwsrZKL4wAqlt1DY0FG9QQ/5vttvphYCHKRGuCZcREYWL/laOu
etAdOvQHtUAS5RiMc2Wv31U3V5FKQH7MdBaEF1DL1wAGIlOc9W2RiqzyuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeM2kv4H1dDXFwxmiScTTrG3l/sMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUjR6YVNfZ2ZWME5jWERHYUpKeE5Pc2JlWC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZaoMA0G
CSqGSIb3DQEBCwUAA4IBAQA8Hy8GvXnV7yt5+mIcB+Fo+BXhQRfya2hGkNLVjkfa
VIwozIzINO2FLsn60IRsH1I5AlAQ1TiDDam/DXgXiNnpXuGwMPpjsR+ueINTWTN0
+dAxvg8Bs+zq47hNOI2psflGd/V9v5RuJPJF7j5QpiGG9a6Dyrr6Bgq5r1ScKOt8
J5eFZKNQKAPywYJTJpWC/TRW7pqspJAFixVR2Uh7lFGcj8wdU3Kv/zYiHdFvpW8r
qcCCgDCcyJjP+sxaHJ+RBxG2pdGJWDPWpnh2LvzluzNO4hDHgqYt2fo/blQ9ooEn
bnUjqxDMkcMIEwPQgxCy1z5R8o3JP8Ftwdruf4Q8NFRD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org