Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/PXDWduJ-4WSODUrVNPmlxWUXZrs.roa
File: PXDWduJ-4WSODUrVNPmlxWUXZrs.roa (raw, json)
Hash identifier: KUyUCZMjhWUoq7m+RKPg52anNVp2Y4b87M/zUdEeVMk=
Subject key identifier: 3D:70:D6:76:E2:7E:E1:64:8E:0D:4A:D5:34:F9:A5:C5:65:17:66:BB
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01856BCA23B49628EF16974A14C7DC2F05F0
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/PXDWduJ-4WSODUrVNPmlxWUXZrs.roa
Signing time: Sun 01 Jan 2023 05:24:47 +0000
ROA not before: Sun 01 Jan 2023 05:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 45.134.23.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:23:b4:96:28:ef:16:97:4a:14:c7:dc:2f:05:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 05:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d70d676e27ee1648e0d4ad534f9a5c5651766bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0e:b2:d0:91:e2:a1:f2:c0:3c:67:c3:36:95:
2a:be:bd:72:59:95:0f:9b:19:0a:9a:e0:d6:cb:a2:
17:f9:65:0c:55:6f:66:b2:43:cd:3f:46:f7:e3:70:
32:ad:cd:70:44:4a:32:5a:36:18:78:a4:e3:cd:d8:
45:0f:36:49:37:8f:12:78:17:71:bb:76:d5:df:fa:
17:af:94:17:0c:99:39:30:a2:18:e0:d5:b7:ab:a4:
8d:c6:bb:13:8d:9f:d5:86:ec:71:8f:51:b6:f6:96:
11:64:06:12:36:35:f1:f3:f1:65:6e:e3:77:31:63:
d0:73:94:ff:06:47:c2:1b:83:bc:18:11:36:8f:81:
a0:4d:9b:b3:0c:10:ba:3a:51:8c:16:f5:8b:1b:3d:
d1:b6:d5:4c:d9:b2:86:d5:e3:f9:27:6d:a7:d9:79:
de:03:a1:61:2d:e3:5f:97:80:c5:e9:bf:40:f3:2d:
ed:4d:c3:68:c4:96:3d:58:d8:88:e6:99:3a:43:1e:
2d:81:36:96:b6:e2:cb:35:0a:6f:88:bf:a7:ed:fe:
59:b5:bd:d3:53:09:b6:79:64:87:31:2b:f5:39:c1:
35:80:61:61:67:8b:a5:7d:72:6b:d7:0d:ca:2d:37:
20:9d:77:41:75:dd:92:16:c4:21:3f:30:a0:f1:4d:
45:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:D6:76:E2:7E:E1:64:8E:0D:4A:D5:34:F9:A5:C5:65:17:66:BB
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/PXDWduJ-4WSODUrVNPmlxWUXZrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.23.0/24
Signature Algorithm: sha256WithRSAEncryption
09:99:88:29:9c:9d:ee:f3:d6:a7:da:78:31:e3:ec:8b:a8:da:
64:f8:18:ef:4c:41:83:e3:c7:16:16:81:88:6e:33:2e:c5:52:
29:c8:7a:ff:9e:a9:eb:0b:f7:09:43:ca:8b:0a:2a:ca:e2:7d:
45:c6:7c:7e:c6:1b:0e:3d:3a:11:34:69:09:e5:8d:9b:d9:78:
f6:a8:7b:b8:29:0b:38:d3:f1:56:99:66:9a:6e:c3:61:27:c5:
61:6f:2d:1e:28:1e:ae:4c:5e:9b:94:af:ee:4f:72:fe:a4:2a:
1d:c3:b6:e4:89:e2:84:6d:c3:f7:d5:44:33:be:66:51:7f:00:
85:ea:79:96:31:32:30:25:d9:b3:74:66:ee:0f:08:b4:dd:7b:
a6:5a:ea:28:83:3a:c1:cb:b8:bb:3d:54:0b:c3:b0:1e:6e:aa:
df:a1:29:ba:80:bd:d0:fe:22:f1:8a:b0:fd:84:85:93:54:bf:
b3:4d:c7:21:7b:9d:2f:43:a5:06:33:a8:af:72:03:8e:00:72:
fa:0b:7c:5e:fd:1d:44:a8:36:79:c4:7e:ce:55:cb:79:49:4b:
90:4f:13:ec:2b:bc:5c:41:0d:ea:14:7b:c4:8d:8f:8d:43:28:
a8:4a:39:af:5b:ea:81:4c:84:b1:32:06:79:4d:3d:99:74:be:
67:65:39:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVryiO0lijvFpdKFMfcLwXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwMTAxMDUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcwZDY3NmUyN2VlMTY0OGUwZDRhZDUzNGY5YTVjNTY1MTc2NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ6y0JHiofLAPGfDNpUqvr1yWZUP
mxkKmuDWy6IX+WUMVW9mskPNP0b343Ayrc1wREoyWjYYeKTjzdhFDzZJN48SeBdx
u3bV3/oXr5QXDJk5MKIY4NW3q6SNxrsTjZ/Vhuxxj1G29pYRZAYSNjXx8/FlbuN3
MWPQc5T/BkfCG4O8GBE2j4GgTZuzDBC6OlGMFvWLGz3RttVM2bKG1eP5J22n2Xne
A6FhLeNfl4DF6b9A8y3tTcNoxJY9WNiI5pk6Qx4tgTaWtuLLNQpviL+n7f5Ztb3T
Uwm2eWSHMSv1OcE1gGFhZ4ulfXJr1w3KLTcgnXdBdd2SFsQhPzCg8U1FAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1w1nbifuFkjg1K1TT5pcVlF2a7MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvUFhEV2R1Si00V1NPRFVyVk5QbWx4V1VYWnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYXMA0G
CSqGSIb3DQEBCwUAA4IBAQAJmYgpnJ3u89an2ngx4+yLqNpk+BjvTEGD48cWFoGI
bjMuxVIpyHr/nqnrC/cJQ8qLCirK4n1Fxnx+xhsOPToRNGkJ5Y2b2Xj2qHu4KQs4
0/FWmWaabsNhJ8Vhby0eKB6uTF6blK/uT3L+pCodw7bkieKEbcP31UQzvmZRfwCF
6nmWMTIwJdmzdGbuDwi03XumWuoogzrBy7i7PVQLw7AebqrfoSm6gL3Q/iLxirD9
hIWTVL+zTcche50vQ6UGM6ivcgOOAHL6C3xe/R1EqDZ5xH7OVct5SUuQTxPsK7xc
QQ3qFHvEjY+NQyioSjmvW+qBTISxMgZ5TT2ZdL5nZTku
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:00 2024 by rpki-client on console-fra.rpki-client.org