Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/sy1asbhbgOnCO3aNXYYRa2QxFZU.roa
File: sy1asbhbgOnCO3aNXYYRa2QxFZU.roa (raw, json)
Hash identifier: fm7HQ4vCugjkrx3eHV4RRtRFNWSiNSDmbGAIkoVZebk=
Subject key identifier: B3:2D:5A:B1:B8:5B:80:E9:C2:3B:76:8D:5D:86:11:6B:64:31:15:95
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018AD559C04D29012DE5E8DD2B77360E46C4
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/sy1asbhbgOnCO3aNXYYRa2QxFZU.roa
Signing time: Wed 27 Sep 2023 06:35:43 +0000
ROA not before: Wed 27 Sep 2023 06:35:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.20.0/24 maxlen: 24
2a0e:d787::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:59:c0:4d:29:01:2d:e5:e8:dd:2b:77:36:0e:46:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Sep 27 06:35:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b32d5ab1b85b80e9c23b768d5d86116b64311595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b1:2b:c0:f3:33:84:1c:7a:e8:58:40:b6:04:
22:fd:06:39:ab:fe:7e:0f:b5:90:8c:d1:89:d4:30:
7a:90:18:82:30:d2:b8:6f:58:96:71:0e:16:85:82:
69:55:31:5b:17:53:98:eb:05:22:db:e5:de:e9:00:
a2:cf:cb:1b:c8:8f:eb:12:90:f1:36:56:67:ee:63:
f7:36:e3:5f:4f:2b:d8:52:30:0e:32:17:bd:0e:1a:
5c:d6:8d:24:17:69:52:43:fb:a7:3e:39:02:1d:49:
20:d0:28:30:3f:6d:44:cb:19:62:f9:80:77:3b:dc:
d1:8b:d3:9d:40:5b:da:bf:53:5f:23:b1:ab:1e:63:
bc:9d:92:6c:45:26:64:03:89:58:4b:5c:92:8b:a2:
cd:8c:35:91:bc:bb:33:7f:e6:1d:86:12:60:92:f1:
79:09:bd:8d:81:f3:90:99:bc:69:49:78:c3:42:a8:
f4:de:bf:b6:2d:4e:24:42:e1:b9:82:fa:ad:29:0a:
96:ef:a8:ed:6b:8f:82:a9:96:79:44:ca:25:e6:51:
1e:bd:57:3d:f0:00:e5:20:31:10:ff:81:1b:51:54:
c7:de:69:e3:df:29:b3:13:37:7e:43:57:48:2b:ca:
dc:a4:a9:c7:cf:63:ed:3e:5a:6c:d7:c9:45:9a:00:
36:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2D:5A:B1:B8:5B:80:E9:C2:3B:76:8D:5D:86:11:6B:64:31:15:95
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/sy1asbhbgOnCO3aNXYYRa2QxFZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.20.0/24
IPv6:
2a0e:d787::/32
Signature Algorithm: sha256WithRSAEncryption
48:59:e2:2a:fa:85:54:43:c5:ee:d3:77:26:94:f4:47:bb:b5:
5b:95:e3:ca:0e:32:33:7a:e4:46:b7:63:24:28:49:4c:ce:cf:
5e:4f:95:40:8b:8b:36:07:19:34:32:4f:05:8e:7f:24:97:4d:
4a:ea:78:c8:bd:74:47:b8:a9:03:11:29:02:67:34:16:5c:10:
29:05:be:73:a8:41:1a:ac:27:db:76:b0:15:f2:2e:59:c0:de:
1e:56:b5:2e:83:7c:97:b7:67:86:5c:80:21:79:2f:9d:9e:2c:
10:01:a4:96:dd:c8:ac:22:a7:9c:a4:68:e3:bf:cf:e2:96:35:
31:eb:ff:61:5b:61:9b:b0:5b:10:69:5d:30:f5:36:e7:0d:7f:
fa:91:67:12:f5:38:aa:91:e5:61:99:08:60:30:21:26:96:59:
99:fc:06:29:d9:73:26:a9:be:ae:fe:78:67:87:86:4b:0c:26:
34:2e:53:af:4f:31:a5:1b:a5:99:96:7c:ee:8d:3b:61:2a:db:
5a:3b:15:18:e7:d2:c6:f5:97:64:56:d1:1d:d4:78:78:81:fe:
8c:c3:ba:95:02:91:7c:a6:9e:e3:f7:37:95:82:f0:75:cb:19:
e0:76:20:24:8d:e8:a2:d2:d9:96:e8:88:e4:d5:a0:20:fa:c4:
92:80:99:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrVWcBNKQEt5ejdK3c2DkbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjMwOTI3MDYzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzJkNWFiMWI4NWI4MGU5YzIzYjc2OGQ1ZDg2MTE2YjY0MzExNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbErwPMzhBx66FhAtgQi/QY5q/5+
D7WQjNGJ1DB6kBiCMNK4b1iWcQ4WhYJpVTFbF1OY6wUi2+Xe6QCiz8sbyI/rEpDx
NlZn7mP3NuNfTyvYUjAOMhe9Dhpc1o0kF2lSQ/unPjkCHUkg0CgwP21Eyxli+YB3
O9zRi9OdQFvav1NfI7GrHmO8nZJsRSZkA4lYS1ySi6LNjDWRvLszf+YdhhJgkvF5
Cb2NgfOQmbxpSXjDQqj03r+2LU4kQuG5gvqtKQqW76jta4+CqZZ5RMol5lEevVc9
8ADlIDEQ/4EbUVTH3mnj3ymzEzd+Q1dIK8rcpKnHz2PtPlps18lFmgA2cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLMtWrG4W4Dpwjt2jV2GEWtkMRWVMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvc3kxYXNiaGJnT25DTzNhTlhZWVJhMlF4RlpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYYUMA0E
AgACMAcDBQAqDteHMA0GCSqGSIb3DQEBCwUAA4IBAQBIWeIq+oVUQ8Xu03cmlPRH
u7VblePKDjIzeuRGt2MkKElMzs9eT5VAi4s2Bxk0Mk8Fjn8kl01K6njIvXRHuKkD
ESkCZzQWXBApBb5zqEEarCfbdrAV8i5ZwN4eVrUug3yXt2eGXIAheS+dniwQAaSW
3cisIqecpGjjv8/iljUx6/9hW2GbsFsQaV0w9TbnDX/6kWcS9TiqkeVhmQhgMCEm
llmZ/AYp2XMmqb6u/nhnh4ZLDCY0LlOvTzGlG6WZlnzujTthKttaOxUY59LG9Zdk
VtEd1Hh4gf6Mw7qVApF8pp7j9zeVgvB1yxngdiAkjeii0tmW6Ijk1aAg+sSSgJnO
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:18 2024 by rpki-client on console-ams.rpki-client.org