Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zmVgYH_nb2cOEKTdgclHiSKWC44.roa
File: zmVgYH_nb2cOEKTdgclHiSKWC44.roa (raw, json)
Hash identifier: AEfxwaadx7bB3YTUfd0F9FFtTt6adfYrAQfPoaWMBkA=
Subject key identifier: CE:65:60:60:7F:E7:6F:67:0E:10:A4:DD:81:C9:47:89:22:96:0B:8E
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01880B240299F660C9D3CB63FEB30D9ADAE0
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zmVgYH_nb2cOEKTdgclHiSKWC44.roa
Signing time: Thu 11 May 2023 14:08:09 +0000
ROA not before: Thu 11 May 2023 14:08:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.65.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 May 2023 16:10:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0b:24:02:99:f6:60:c9:d3:cb:63:fe:b3:0d:9a:da:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 11 14:08:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce6560607fe76f670e10a4dd81c9478922960b8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:ee:4a:59:00:1f:e0:cc:62:b6:7d:be:c8:
68:48:bb:3d:65:c6:aa:15:b8:14:93:7f:dc:cf:b5:
1d:f3:46:2f:45:2b:2e:f0:e8:96:9d:1c:bb:b2:fd:
58:e4:c8:58:fd:1f:80:4c:ab:dd:19:e6:a6:62:a3:
9a:fb:04:2a:4d:3c:bb:45:7d:05:7e:16:01:98:73:
e9:eb:e0:47:07:b1:8b:ec:f2:ca:90:24:97:01:ae:
4b:61:5d:5f:a9:d2:b8:22:ad:28:65:3b:8b:f7:45:
35:30:2c:cc:8b:6f:86:8b:f0:37:c1:ab:39:82:e8:
eb:1e:5b:14:73:27:83:dd:20:0b:99:8a:9b:36:86:
88:93:70:23:66:a4:18:7a:cc:d5:cd:7e:35:60:28:
f3:5d:ee:77:9c:f0:1b:b9:00:22:ff:fa:86:26:01:
93:5a:34:90:6a:0f:e6:5d:48:43:9f:73:75:5c:d1:
1a:cd:9d:48:9a:0d:c9:b1:a0:cb:0f:ba:fb:ac:14:
0e:cb:76:f9:dc:68:7a:5f:49:2e:29:b0:80:ce:72:
f7:47:a4:59:59:d8:0b:de:ab:40:3b:71:8d:0b:6f:
66:55:a9:6d:6a:ca:16:e5:8c:29:b6:ad:23:ee:8a:
53:f0:fc:51:4e:a0:80:d6:af:e5:26:6a:3b:98:01:
d7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:65:60:60:7F:E7:6F:67:0E:10:A4:DD:81:C9:47:89:22:96:0B:8E
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zmVgYH_nb2cOEKTdgclHiSKWC44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.65.114.0/23
Signature Algorithm: sha256WithRSAEncryption
33:17:a5:95:a4:8b:9f:aa:0d:91:14:71:dc:e3:4d:61:7f:7c:
c0:98:6e:b0:9c:aa:ad:08:97:3a:9c:61:ac:c9:3b:36:c1:83:
bf:1f:ea:ec:04:bc:46:d4:e3:ef:c4:af:54:77:f9:35:37:2a:
5c:31:19:cf:2f:10:d4:f6:35:19:c4:5f:34:9a:c6:da:5b:fd:
88:84:de:f1:9b:86:55:46:de:01:e4:76:fc:f2:d7:89:d8:a8:
9e:46:17:d7:be:1f:5a:63:82:7d:eb:75:c9:06:5f:25:32:8d:
70:da:1e:ae:ba:ee:bf:e5:9c:34:37:ce:a0:66:93:b5:11:d8:
72:fd:28:3e:c5:7d:2c:13:21:fb:06:5d:fe:0a:d5:8e:6e:16:
08:3c:bd:96:a5:fa:41:de:ab:ae:b6:a8:50:7d:be:e9:ff:59:
b0:cd:f3:63:94:94:f8:ea:0a:61:a9:b4:dc:96:03:a5:75:85:
9f:38:b4:f4:0e:03:4e:f1:6a:aa:c0:27:87:75:2f:40:97:92:
44:62:32:98:37:f6:26:b7:d6:d6:77:3f:7f:35:ad:f5:da:43:
dd:e0:cc:3d:66:a2:5e:c8:66:92:07:0d:e9:7d:4e:a1:5e:78:
1b:6e:bb:21:29:63:ff:73:ef:de:9b:39:de:ed:fa:ba:39:01:
80:6a:ae:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgLJAKZ9mDJ08tj/rMNmtrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNTExMTQwODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY1NjA2MDdmZTc2ZjY3MGUxMGE0ZGQ4MWM5NDc4OTIyOTYwYjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4buSlkAH+DMYrZ9vshoSLs9Zcaq
FbgUk3/cz7Ud80YvRSsu8OiWnRy7sv1Y5MhY/R+ATKvdGeamYqOa+wQqTTy7RX0F
fhYBmHPp6+BHB7GL7PLKkCSXAa5LYV1fqdK4Iq0oZTuL90U1MCzMi2+Gi/A3was5
gujrHlsUcyeD3SALmYqbNoaIk3AjZqQYeszVzX41YCjzXe53nPAbuQAi//qGJgGT
WjSQag/mXUhDn3N1XNEazZ1Img3JsaDLD7r7rBQOy3b53Gh6X0kuKbCAznL3R6RZ
WdgL3qtAO3GNC29mValtasoW5Ywptq0j7opT8PxRTqCA1q/lJmo7mAHXDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM5lYGB/529nDhCk3YHJR4kilguOMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvem1WZ1lIX25iMmNPRUtUZGdjbEhpU0tXQzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUFyMA0G
CSqGSIb3DQEBCwUAA4IBAQAzF6WVpIufqg2RFHHc401hf3zAmG6wnKqtCJc6nGGs
yTs2wYO/H+rsBLxG1OPvxK9Ud/k1NypcMRnPLxDU9jUZxF80msbaW/2IhN7xm4ZV
Rt4B5Hb88teJ2KieRhfXvh9aY4J963XJBl8lMo1w2h6uuu6/5Zw0N86gZpO1Edhy
/Sg+xX0sEyH7Bl3+CtWObhYIPL2WpfpB3quutqhQfb7p/1mwzfNjlJT46gphqbTc
lgOldYWfOLT0DgNO8WqqwCeHdS9Al5JEYjKYN/Ymt9bWdz9/Na312kPd4Mw9ZqJe
yGaSBw3pfU6hXngbbrshKWP/c+/emzne7fq6OQGAaq4K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:55 2024 by rpki-client on console-ams.rpki-client.org