Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/j8J8y-32trBi9ZkB4ivQn31S2YM.roa
File: j8J8y-32trBi9ZkB4ivQn31S2YM.roa (raw, json)
Hash identifier: 9dsmTnMalUNpeT92zoSiuuha1e4k90/VY8jEYmgmFOc=
Subject key identifier: 8F:C2:7C:CB:ED:F6:B6:B0:62:F5:99:01:E2:2B:D0:9F:7D:52:D9:83
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018EEB4CDA469B8DBC0B0BAE80EA3D84E3FD
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/j8J8y-32trBi9ZkB4ivQn31S2YM.roa
Signing time: Wed 17 Apr 2024 09:04:26 +0000
ROA not before: Wed 17 Apr 2024 09:04:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39690
IP address blocks: 45.86.16.0/21 maxlen: 24
45.143.44.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 19 Apr 2024 06:44:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:4c:da:46:9b:8d:bc:0b:0b:ae:80:ea:3d:84:e3:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 17 09:04:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fc27ccbedf6b6b062f59901e22bd09f7d52d983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0e:e4:a4:fa:84:5e:07:b7:3e:8c:85:01:cb:
73:33:ef:3a:69:f9:b2:31:65:fd:6c:37:64:16:3e:
68:de:87:dc:2e:35:9f:21:5c:9f:18:5e:2f:04:d9:
c3:6f:24:63:d1:14:10:46:77:56:7d:83:0d:31:74:
bf:0b:85:32:bb:1c:52:24:02:20:5d:a7:99:96:34:
06:99:de:b6:05:d8:6c:fe:c4:8d:01:2f:d9:16:0a:
d8:22:ab:70:93:c4:92:71:19:83:c9:b8:a7:6b:ed:
26:aa:93:f3:d0:7c:37:24:65:2e:32:21:34:83:f8:
3e:94:b0:a7:dc:e3:2b:4b:a8:b2:b3:31:25:be:68:
fe:3c:fc:36:69:ec:22:68:ba:d1:88:56:66:29:c5:
bf:9d:78:41:63:ef:61:a1:1b:76:01:af:a7:e4:f8:
8e:6a:8a:d8:b4:86:05:d4:e9:01:16:9c:5d:b0:52:
86:2b:fd:3f:ce:fc:91:f9:f7:64:7c:d9:53:99:47:
88:8d:8f:07:e6:4c:be:cd:c1:27:5d:3a:2b:e3:c4:
dc:b7:08:87:db:61:69:cb:1a:c5:16:54:4b:80:82:
a4:46:e9:d8:45:7c:08:8d:14:2c:8c:cb:47:84:07:
3a:d1:08:77:51:d9:a7:eb:2c:d1:30:d6:12:bb:f8:
a4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C2:7C:CB:ED:F6:B6:B0:62:F5:99:01:E2:2B:D0:9F:7D:52:D9:83
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/j8J8y-32trBi9ZkB4ivQn31S2YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.16.0/21
45.143.44.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:01:6f:ac:54:ec:91:bb:c0:17:d2:4e:13:ac:b6:29:8d:7c:
46:d5:e4:4e:e9:64:7e:45:d8:27:9a:af:e9:f7:8d:37:81:de:
69:43:3a:5f:a0:a7:3b:72:2c:f4:ec:fd:49:4c:f7:53:4d:7b:
b9:c5:f8:72:a1:48:4a:06:fa:fd:a2:c8:db:55:1f:17:ae:40:
40:0d:d7:54:14:74:f7:d8:95:5c:62:8d:79:ca:64:1a:b1:47:
cf:06:fe:87:88:17:e5:ab:1b:4c:01:5a:bb:3b:9c:e7:1b:cc:
9f:12:a4:da:73:29:21:14:80:02:f7:94:ca:a4:2d:d9:4e:01:
88:95:72:60:7c:2d:d1:37:e7:36:b7:3d:e8:d5:66:95:46:6e:
73:81:e9:be:b2:55:a0:60:05:e7:da:27:f1:58:92:74:71:4b:
7b:5f:68:eb:4d:5c:c9:4b:68:64:80:86:d2:e1:fc:6a:11:a7:
d9:d4:28:6b:83:d3:65:76:60:17:60:b4:d5:c0:39:74:2d:a0:
e8:34:fa:4c:74:24:61:12:ff:1c:19:65:69:6d:7a:83:52:c2:
07:b9:dc:33:26:bb:30:f0:9c:05:95:16:5c:dd:c3:ea:d1:be:
20:0f:14:eb:1d:39:fd:ca:a2:d7:0f:74:8b:c6:d4:71:12:53:
bc:e8:06:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7rTNpGm428CwuugOo9hOP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDE3MDkwNDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmMyN2NjYmVkZjZiNmIwNjJmNTk5MDFlMjJiZDA5ZjdkNTJkOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg7kpPqEXge3PoyFActzM+86afmy
MWX9bDdkFj5o3ofcLjWfIVyfGF4vBNnDbyRj0RQQRndWfYMNMXS/C4UyuxxSJAIg
XaeZljQGmd62Bdhs/sSNAS/ZFgrYIqtwk8SScRmDybina+0mqpPz0Hw3JGUuMiE0
g/g+lLCn3OMrS6iyszElvmj+PPw2aewiaLrRiFZmKcW/nXhBY+9hoRt2Aa+n5PiO
aorYtIYF1OkBFpxdsFKGK/0/zvyR+fdkfNlTmUeIjY8H5ky+zcEnXTor48TctwiH
22FpyxrFFlRLgIKkRunYRXwIjRQsjMtHhAc60Qh3Udmn6yzRMNYSu/ikCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI/CfMvt9rawYvWZAeIr0J99UtmDMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvajhKOHktMzJ0ckJpOVprQjRpdlFuMzFTMllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLVYQAwQC
LY8sMA0GCSqGSIb3DQEBCwUAA4IBAQCaAW+sVOyRu8AX0k4TrLYpjXxG1eRO6WR+
Rdgnmq/p9403gd5pQzpfoKc7ciz07P1JTPdTTXu5xfhyoUhKBvr9osjbVR8XrkBA
DddUFHT32JVcYo15ymQasUfPBv6HiBflqxtMAVq7O5znG8yfEqTacykhFIAC95TK
pC3ZTgGIlXJgfC3RN+c2tz3o1WaVRm5zgem+slWgYAXn2ifxWJJ0cUt7X2jrTVzJ
S2hkgIbS4fxqEafZ1Chrg9NldmAXYLTVwDl0LaDoNPpMdCRhEv8cGWVpbXqDUsIH
udwzJrsw8JwFlRZc3cPq0b4gDxTrHTn9yqLXD3SLxtRxElO86Ab2
-----END CERTIFICATE-----
Generated at Fri Apr 19 09:42:50 2024 by rpki-client on console-ams.rpki-client.org