Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/h7o-U-F4rD99IfFYUBVj0A7Hihw.roa
File: h7o-U-F4rD99IfFYUBVj0A7Hihw.roa (raw, json)
Hash identifier: X8v6cTZ8yrXshgTVa5TpIgySBSpxD08k1Zl07Ou3er4=
Subject key identifier: 87:BA:3E:53:E1:78:AC:3F:7D:21:F1:58:50:15:63:D0:0E:C7:8A:1C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B9F3432877132FCCAD16DB9B43C0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/h7o-U-F4rD99IfFYUBVj0A7Hihw.roa
Signing time: Mon 02 Jan 2023 08:44:55 +0000
ROA not before: Mon 02 Jan 2023 08:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206847
IP address blocks: 45.143.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b9:f3:43:28:77:13:2f:cc:ad:16:db:9b:43:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87ba3e53e178ac3f7d21f158501563d00ec78a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9b:9f:11:73:89:82:96:22:05:17:d7:aa:53:
0c:8b:ce:2c:92:49:8c:47:42:30:bc:8c:2a:3f:bc:
aa:82:db:85:db:d8:c6:1b:c8:e5:c1:40:b4:5c:26:
a5:ab:6c:84:13:1a:5f:66:b3:c9:c2:64:23:63:31:
89:ca:a4:e0:9a:69:0b:5f:57:ef:01:c3:80:98:14:
99:5a:d3:0c:9a:9a:b4:fb:f4:87:7e:b5:89:2b:f4:
a8:6c:26:c7:ea:83:1b:89:3a:a2:d7:86:1a:d6:20:
18:70:1a:f0:08:71:39:13:55:9f:37:8b:2e:e8:52:
91:97:d2:9b:48:30:96:de:cf:78:2c:80:fc:d2:9a:
94:fd:1e:4d:c3:e5:6e:84:fb:ec:35:45:73:05:f6:
2f:a2:4d:17:e3:3d:88:f0:60:e3:76:71:4f:26:02:
b6:ec:7f:0d:a0:98:63:d8:c3:a0:78:29:96:e6:1b:
61:e9:6f:dc:51:c7:e8:a8:e5:25:b8:b2:c0:0d:5a:
64:f1:c1:14:e3:51:d4:cc:4c:ea:b8:f5:91:76:fe:
77:41:f6:64:d1:ee:76:44:07:cf:d9:c8:64:68:49:
dd:ab:ca:46:55:c3:58:04:6b:92:78:3f:82:d2:0b:
da:ab:f9:e5:16:b4:54:8f:c6:a7:2b:ea:f9:2c:86:
5f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BA:3E:53:E1:78:AC:3F:7D:21:F1:58:50:15:63:D0:0E:C7:8A:1C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/h7o-U-F4rD99IfFYUBVj0A7Hihw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
53:d5:af:fd:4c:77:ee:41:93:3d:7f:c9:a1:be:03:7b:e7:73:
f6:be:4c:c2:5d:02:48:09:0e:e3:15:f2:60:f5:72:ff:cb:4a:
b6:bb:b1:83:c9:40:55:01:8a:69:d9:dc:7a:a1:b6:16:be:07:
8a:37:b8:59:79:12:8a:ce:e5:dd:91:0d:4d:f6:54:58:27:99:
89:39:a9:57:7f:72:b9:11:c6:23:94:6c:a8:1c:71:a5:db:39:
ad:c8:48:5b:dd:10:9a:2e:eb:dc:72:19:7b:31:ab:9c:1d:30:
f5:1f:79:16:0a:41:3f:ba:01:3c:43:b9:19:20:9f:7c:15:08:
35:67:15:fd:1c:e8:a7:d1:56:28:33:fa:69:0c:5e:be:98:81:
79:d8:6c:7b:44:59:c3:db:c6:2e:07:10:02:61:a1:9f:33:aa:
ba:fe:f9:f1:b4:64:b6:f2:a2:11:10:91:bc:db:41:aa:f3:29:
31:0f:e6:40:db:90:57:f3:12:b1:5d:93:e1:68:f7:e6:37:a7:
b5:c5:6e:f8:17:79:12:f7:be:fb:ea:d4:6f:0a:14:09:5b:09:
a6:bd:97:68:4a:61:6a:3d:85:17:e8:56:e5:f5:15:3e:cf:a5:
e2:80:57:98:f9:2d:c9:e9:be:1a:46:21:ad:e6:4c:30:5b:5b:
e2:0b:eb:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7nzQyh3Ey/MrRbbm0PAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2JhM2U1M2UxNzhhYzNmN2QyMWYxNTg1MDE1NjNkMDBlYzc4YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJufEXOJgpYiBRfXqlMMi84skkmM
R0IwvIwqP7yqgtuF29jGG8jlwUC0XCalq2yEExpfZrPJwmQjYzGJyqTgmmkLX1fv
AcOAmBSZWtMMmpq0+/SHfrWJK/SobCbH6oMbiTqi14Ya1iAYcBrwCHE5E1WfN4su
6FKRl9KbSDCW3s94LID80pqU/R5Nw+VuhPvsNUVzBfYvok0X4z2I8GDjdnFPJgK2
7H8NoJhj2MOgeCmW5hth6W/cUcfoqOUluLLADVpk8cEU41HUzEzquPWRdv53QfZk
0e52RAfP2chkaEndq8pGVcNYBGuSeD+C0gvaq/nlFrRUj8anK+r5LIZf4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIe6PlPheKw/fSHxWFAVY9AOx4ocMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaDdvLVUtRjRyRDk5SWZGWVVCVmowQTdIaWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY/8MA0G
CSqGSIb3DQEBCwUAA4IBAQBT1a/9THfuQZM9f8mhvgN753P2vkzCXQJICQ7jFfJg
9XL/y0q2u7GDyUBVAYpp2dx6obYWvgeKN7hZeRKKzuXdkQ1N9lRYJ5mJOalXf3K5
EcYjlGyoHHGl2zmtyEhb3RCaLuvcchl7MaucHTD1H3kWCkE/ugE8Q7kZIJ98FQg1
ZxX9HOin0VYoM/ppDF6+mIF52Gx7RFnD28YuBxACYaGfM6q6/vnxtGS28qIREJG8
20Gq8ykxD+ZA25BX8xKxXZPhaPfmN6e1xW74F3kS97776tRvChQJWwmmvZdoSmFq
PYUX6Fbl9RU+z6XigFeY+S3J6b4aRiGt5kwwW1viC+tE
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:06 2024 by rpki-client on console-ams.rpki-client.org