Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/8nlJeoeb3rqQQKgVPdTct4V_Yi4.roa
File: 8nlJeoeb3rqQQKgVPdTct4V_Yi4.roa (raw, json)
Hash identifier: sbvZTOyJ8A9twUaLnZN503imqSnJC7nKScFDL6NRk2M=
Subject key identifier: F2:79:49:7A:87:9B:DE:BA:90:40:A8:15:3D:D4:DC:B7:85:7F:62:2E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018CC2DB35282A130FC4BCE210B771A04087
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/8nlJeoeb3rqQQKgVPdTct4V_Yi4.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 45.65.113.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:35:28:2a:13:0f:c4:bc:e2:10:b7:71:a0:40:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f279497a879bdeba9040a8153dd4dcb7857f622e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d3:de:7d:bb:0f:c7:97:42:4b:a1:e0:1b:10:
b6:47:c0:b4:cf:a3:8c:80:80:f5:50:b9:f5:7b:9e:
fb:f1:74:64:4b:b4:60:7e:45:6f:1d:9e:00:66:1b:
f0:63:24:3e:bf:7a:4b:73:86:29:2c:59:51:d7:79:
f6:fc:e4:0a:d9:1a:4a:da:c1:3c:f3:5f:f9:37:4d:
6c:58:ec:70:5f:d9:8f:df:01:9d:93:d9:b2:e0:73:
b0:fd:ba:2e:b1:58:59:52:6f:39:fa:5f:d1:09:82:
8d:e6:53:ac:66:69:01:41:45:31:bd:ee:c5:3e:4f:
3d:ad:49:dd:f0:99:22:74:f6:40:21:54:26:18:ab:
68:6d:7c:f9:6d:9b:4f:7c:27:22:62:a1:06:af:04:
40:41:46:f7:62:77:57:72:eb:5e:76:28:33:01:be:
06:e5:13:e5:ff:77:0b:7d:8a:9d:6c:5f:ab:3f:b9:
6c:c3:9d:8b:51:0e:74:93:46:35:5b:d9:f8:62:c0:
1b:6f:b8:ca:2f:34:02:63:a6:96:49:68:7f:b2:ec:
6d:f5:50:5b:92:0d:02:33:d1:00:41:7e:6e:46:31:
55:3d:4b:4b:75:c3:86:2a:46:53:a6:cb:da:5c:60:
16:e0:51:02:1e:da:72:fa:ba:68:60:72:38:df:96:
ef:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:79:49:7A:87:9B:DE:BA:90:40:A8:15:3D:D4:DC:B7:85:7F:62:2E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/8nlJeoeb3rqQQKgVPdTct4V_Yi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.113.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:fc:de:f8:f3:19:e4:36:0d:0f:e4:2d:ee:3b:95:f6:91:e0:
0a:bb:2f:4b:f5:96:7d:03:01:65:55:a9:01:88:24:1f:88:33:
3a:7b:a0:9a:f7:88:9d:2c:76:44:f6:34:54:2d:db:62:1a:c1:
83:81:3e:bd:73:30:62:ea:f8:6d:5e:5c:47:81:26:40:40:80:
92:ff:75:2f:ab:93:4d:d9:85:2d:92:3c:c6:3a:bc:5e:b0:de:
70:8d:3b:1a:d0:eb:9d:67:c5:2e:72:8f:2f:20:e4:68:0e:28:
0f:59:06:fd:98:c2:23:0c:51:bc:7f:f3:6a:6e:e6:b4:5f:c9:
99:45:7b:d3:0a:2d:56:5b:6b:34:ab:d6:b9:61:7f:f6:52:fe:
ba:ff:4e:79:96:a4:09:01:7a:2c:68:d1:65:af:e8:a1:ae:be:
81:98:be:32:f0:69:53:ea:c0:81:2c:60:a5:7d:65:2a:d8:4b:
24:56:4e:ed:e1:7e:d7:2d:3c:cd:ca:b8:4e:ef:06:d2:73:a4:
40:42:86:95:06:e9:4d:6d:22:3d:01:2c:ab:48:da:a1:98:43:
4a:87:d3:2a:f0:e2:fd:c4:a8:e8:ac:23:ae:17:49:b0:53:32:
6a:1e:2f:39:e5:2a:28:60:f5:4d:d3:6e:1d:0e:70:e6:6b:b8:
d7:00:51:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zUoKhMPxLziELdxoECHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjc5NDk3YTg3OWJkZWJhOTA0MGE4MTUzZGQ0ZGNiNzg1N2Y2MjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNPefbsPx5dCS6HgGxC2R8C0z6OM
gID1ULn1e5778XRkS7RgfkVvHZ4AZhvwYyQ+v3pLc4YpLFlR13n2/OQK2RpK2sE8
81/5N01sWOxwX9mP3wGdk9my4HOw/bousVhZUm85+l/RCYKN5lOsZmkBQUUxve7F
Pk89rUnd8JkidPZAIVQmGKtobXz5bZtPfCciYqEGrwRAQUb3YndXcutedigzAb4G
5RPl/3cLfYqdbF+rP7lsw52LUQ50k0Y1W9n4YsAbb7jKLzQCY6aWSWh/suxt9VBb
kg0CM9EAQX5uRjFVPUtLdcOGKkZTpsvaXGAW4FECHtpy+rpoYHI435bv3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJ5SXqHm966kECoFT3U3LeFf2IuMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvOG5sSmVvZWIzcnFRUUtnVlBkVGN0NFZfWWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUFxMA0G
CSqGSIb3DQEBCwUAA4IBAQAs/N748xnkNg0P5C3uO5X2keAKuy9L9ZZ9AwFlVakB
iCQfiDM6e6Ca94idLHZE9jRULdtiGsGDgT69czBi6vhtXlxHgSZAQICS/3Uvq5NN
2YUtkjzGOrxesN5wjTsa0OudZ8Uuco8vIORoDigPWQb9mMIjDFG8f/Nqbua0X8mZ
RXvTCi1WW2s0q9a5YX/2Uv66/055lqQJAXosaNFlr+ihrr6BmL4y8GlT6sCBLGCl
fWUq2EskVk7t4X7XLTzNyrhO7wbSc6RAQoaVBulNbSI9ASyrSNqhmENKh9Mq8OL9
xKjorCOuF0mwUzJqHi855SooYPVN024dDnDma7jXAFEq
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:02 2024 by rpki-client on console-ams.rpki-client.org