Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/IZpNUVeqj5woAHvjhk3oh_VjPEY.roa
File: IZpNUVeqj5woAHvjhk3oh_VjPEY.roa (raw, json)
Hash identifier: zgdnB6ZeGC4umtSGYO94jzRf7I+ivC07RCbasMlZmrc=
Subject key identifier: 21:9A:4D:51:57:AA:8F:9C:28:00:7B:E3:86:4D:E8:87:F5:63:3C:46
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA173C5F2D8C3999D0D5235AB85A47
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/IZpNUVeqj5woAHvjhk3oh_VjPEY.roa
Signing time: Sun 01 Jan 2023 05:24:44 +0000
ROA not before: Sun 01 Jan 2023 05:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 45.152.148.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:17:3c:5f:2d:8c:39:99:d0:d5:23:5a:b8:5a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=219a4d5157aa8f9c28007be3864de887f5633c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:49:ae:b8:69:d3:c1:9d:33:c8:ee:db:ab:5d:
20:13:5e:b9:67:5b:cd:1f:3a:78:62:a9:6b:6b:15:
d8:38:55:7a:1a:b9:ce:90:4a:78:3e:09:cc:70:45:
0e:a2:10:59:07:e8:c9:b8:c2:1c:16:c9:96:8c:8b:
40:3c:f8:87:03:c0:d6:11:07:f3:8c:7f:78:12:0b:
f1:22:2f:45:f5:94:32:77:0e:ce:c6:30:1c:fa:1a:
9b:0f:11:18:b1:1b:49:76:a8:74:fd:6b:1f:0e:68:
48:56:cf:8f:e6:f6:aa:c2:1a:9e:dc:c0:5a:cd:f9:
d3:e8:91:d4:4a:6c:14:4e:65:bc:9d:eb:3b:3a:d1:
77:05:cd:7f:a1:f2:a1:3f:7a:bd:8c:56:bf:84:85:
fd:5e:3a:81:1e:75:9b:06:c5:34:ee:da:e2:a4:ad:
d2:75:12:b4:76:92:79:01:27:1e:9a:a6:fe:af:1a:
af:e1:a7:49:47:2d:86:07:dc:03:f3:a3:37:56:e5:
00:f8:8a:6a:27:f8:fd:37:77:79:b4:e8:80:87:c9:
95:aa:5d:99:f8:3e:c0:ff:87:d6:2a:33:ac:ad:dd:
1d:b8:3e:18:57:44:20:c4:cf:e8:ae:11:8c:05:f5:
93:85:f8:3f:7d:e0:9a:21:0c:c3:c8:4e:1f:0f:0e:
b6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9A:4D:51:57:AA:8F:9C:28:00:7B:E3:86:4D:E8:87:F5:63:3C:46
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/IZpNUVeqj5woAHvjhk3oh_VjPEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.148.0/24
Signature Algorithm: sha256WithRSAEncryption
66:3c:47:1c:05:db:02:84:8b:7c:8c:07:b9:9a:a1:8d:34:19:
7d:49:54:0a:39:4b:65:e6:dd:a4:2b:4a:be:62:e3:75:ef:01:
9d:3c:ad:b5:cd:c1:fd:3c:9d:fa:fa:c2:49:f1:68:83:ae:c2:
0a:35:ee:5c:19:07:0f:44:6c:6e:27:90:c3:ad:6e:62:19:28:
30:6b:31:13:66:e6:e3:95:de:5d:60:f6:22:78:7f:ad:77:22:
62:1c:a0:8d:00:52:59:2a:81:32:b1:bd:e9:9a:b1:f3:68:5b:
8a:7f:23:aa:8f:c7:c2:ac:4a:a9:4d:4c:5b:c2:f7:52:98:ef:
05:e2:2b:5e:43:04:e5:11:dc:98:17:7f:bd:db:41:1f:b9:b2:
eb:c6:90:58:83:1c:55:68:aa:3d:a0:a4:07:47:ee:53:a5:f2:
59:73:27:68:02:3c:e4:9c:01:13:1f:24:94:85:30:49:e8:28:
5f:f1:0f:e8:94:7f:72:30:b8:49:81:42:f4:95:f2:75:cb:dd:
d0:46:79:03:af:79:62:7d:33:7b:f3:7f:6f:58:91:6a:2a:68:
43:83:89:34:8b:1e:dc:f1:da:8d:cd:0b:c1:3c:bf:a6:d9:9a:
7e:cd:4d:96:24:a3:8c:b3:c5:7c:1d:f5:c2:07:ce:3c:98:14:
53:3e:1f:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVryhc8Xy2MOZnQ1SNauFpHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTlhNGQ1MTU3YWE4ZjljMjgwMDdiZTM4NjRkZTg4N2Y1NjMzYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkmuuGnTwZ0zyO7bq10gE165Z1vN
Hzp4YqlraxXYOFV6GrnOkEp4PgnMcEUOohBZB+jJuMIcFsmWjItAPPiHA8DWEQfz
jH94EgvxIi9F9ZQydw7OxjAc+hqbDxEYsRtJdqh0/WsfDmhIVs+P5vaqwhqe3MBa
zfnT6JHUSmwUTmW8nes7OtF3Bc1/ofKhP3q9jFa/hIX9XjqBHnWbBsU07tripK3S
dRK0dpJ5AScemqb+rxqv4adJRy2GB9wD86M3VuUA+IpqJ/j9N3d5tOiAh8mVql2Z
+D7A/4fWKjOsrd0duD4YV0QgxM/orhGMBfWThfg/feCaIQzDyE4fDw62AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGaTVFXqo+cKAB744ZN6If1YzxGMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvSVpwTlVWZXFqNXdvQUh2amhrM29oX1ZqUEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZiUMA0G
CSqGSIb3DQEBCwUAA4IBAQBmPEccBdsChIt8jAe5mqGNNBl9SVQKOUtl5t2kK0q+
YuN17wGdPK21zcH9PJ36+sJJ8WiDrsIKNe5cGQcPRGxuJ5DDrW5iGSgwazETZubj
ld5dYPYieH+tdyJiHKCNAFJZKoEysb3pmrHzaFuKfyOqj8fCrEqpTUxbwvdSmO8F
4iteQwTlEdyYF3+920EfubLrxpBYgxxVaKo9oKQHR+5TpfJZcydoAjzknAETHySU
hTBJ6Chf8Q/olH9yMLhJgUL0lfJ1y93QRnkDr3lifTN7839vWJFqKmhDg4k0ix7c
8dqNzQvBPL+m2Zp+zU2WJKOMs8V8HfXCB848mBRTPh9A
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:18 2024 by rpki-client on console-ams.rpki-client.org