Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/D7ygyfLECct7qO-lBTSAN3UjohY.roa
File: D7ygyfLECct7qO-lBTSAN3UjohY.roa (raw, json)
Hash identifier: GpbiHziAur3IEWvyXCnSlOaRPvzrT/FICloljEo9XYc=
Subject key identifier: 0F:BC:A0:C9:F2:C4:09:CB:7B:A8:EF:A5:05:34:80:37:75:23:A2:16
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D65BF0F44F62BADEA220D5E1216BF99C1
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/D7ygyfLECct7qO-lBTSAN3UjohY.roa
Signing time: Thu 01 Feb 2024 17:37:16 +0000
ROA not before: Thu 01 Feb 2024 17:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 45.14.222.0/24 maxlen: 24
91.188.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 02 Feb 2024 09:34:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:bf:0f:44:f6:2b:ad:ea:22:0d:5e:12:16:bf:99:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 1 17:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fbca0c9f2c409cb7ba8efa5053480377523a216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f7:1a:fd:6b:b2:05:bc:bb:7a:14:25:fb:8e:
3f:b8:35:de:29:44:34:6b:00:54:a7:10:8e:bb:29:
cd:9c:b4:d2:0d:9d:a3:47:2a:0f:b7:56:67:47:8b:
ab:e0:44:0f:54:03:5d:4b:3f:d8:33:45:c1:d0:5e:
17:9b:b1:31:c2:e2:8e:25:8c:b5:8c:cc:83:72:6e:
c7:d6:ea:45:37:32:01:0e:37:ff:14:44:aa:a9:cc:
ff:af:e7:c9:89:94:be:87:3b:d1:58:ff:2f:25:94:
8b:f3:0d:85:7f:c2:11:fa:e2:6a:59:80:f5:29:c5:
da:b2:d4:2a:fa:4f:3d:96:8a:8c:c3:26:4f:f5:66:
12:16:00:86:66:02:60:ff:a9:21:da:a3:bf:5c:b0:
fe:4d:7d:7a:23:91:a5:e5:e8:79:b8:45:4c:ee:be:
f5:fc:2a:a4:3d:81:ad:b9:bd:3a:7c:b9:00:1d:41:
89:4a:06:1d:3d:6d:2f:eb:f3:97:fa:29:4d:13:ac:
17:0e:fa:d6:24:dc:96:5e:b8:9b:98:59:28:2e:82:
9e:e0:4d:51:4e:08:a5:81:dd:53:85:71:4f:47:19:
b8:f0:1d:68:80:62:81:95:b4:9b:65:bf:b8:ca:0e:
51:62:9b:8f:88:ba:58:e6:2c:91:fa:6e:3a:82:4b:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BC:A0:C9:F2:C4:09:CB:7B:A8:EF:A5:05:34:80:37:75:23:A2:16
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/D7ygyfLECct7qO-lBTSAN3UjohY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.222.0/24
91.188.212.0/22
Signature Algorithm: sha256WithRSAEncryption
62:61:b2:44:f9:3d:f0:25:be:af:39:38:7e:44:f4:1c:00:86:
16:57:01:83:31:3b:8f:af:3f:25:8e:cc:ea:6d:1a:a8:7c:fe:
d0:de:c5:78:a4:5f:d8:f4:1e:3c:cb:79:a0:77:24:67:c6:ec:
d7:6f:86:6d:d1:95:15:57:d9:0a:3b:78:cd:e1:de:1a:78:67:
0b:78:ab:6c:bb:2b:e9:0f:2f:b9:d6:dc:b2:bc:bb:3b:d5:91:
e6:d0:af:85:1d:b6:67:bc:70:be:68:cb:29:12:33:95:2f:37:
ae:f7:af:e9:44:6e:84:a5:6d:d5:25:24:8c:e4:bb:c0:90:79:
64:cf:b5:7e:3c:b1:a5:b7:c8:4e:b5:c2:96:53:59:65:77:4b:
43:be:41:4e:92:dd:77:a8:8d:5a:8d:9b:56:95:bf:4b:71:80:
16:66:b7:b7:b7:a1:54:ae:8d:86:6a:ee:ca:37:52:00:ec:30:
82:96:eb:62:44:94:07:13:89:55:98:83:37:fa:67:d5:73:fa:
e3:96:d6:68:96:43:eb:10:89:82:1a:6b:3e:6a:49:a9:46:ce:
67:c6:d0:81:fc:2d:53:4c:c9:1a:71:35:48:3d:0c:96:96:fb:
06:06:fb:da:c1:b0:ea:d4:07:14:ad:44:0b:97:3d:42:da:05:
06:46:a3:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1lvw9E9iut6iINXhIWv5nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAxMTczNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmJjYTBjOWYyYzQwOWNiN2JhOGVmYTUwNTM0ODAzNzc1MjNhMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfca/WuyBby7ehQl+44/uDXeKUQ0
awBUpxCOuynNnLTSDZ2jRyoPt1ZnR4ur4EQPVANdSz/YM0XB0F4Xm7ExwuKOJYy1
jMyDcm7H1upFNzIBDjf/FESqqcz/r+fJiZS+hzvRWP8vJZSL8w2Ff8IR+uJqWYD1
KcXastQq+k89loqMwyZP9WYSFgCGZgJg/6kh2qO/XLD+TX16I5Gl5eh5uEVM7r71
/CqkPYGtub06fLkAHUGJSgYdPW0v6/OX+ilNE6wXDvrWJNyWXribmFkoLoKe4E1R
Tgilgd1ThXFPRxm48B1ogGKBlbSbZb+4yg5RYpuPiLpY5iyR+m46gksRawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA+8oMnyxAnLe6jvpQU0gDd1I6IWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRDd5Z3lmTEVDY3Q3cU8tbEJUU0FOM1Vqb2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ7eAwQC
W7zUMA0GCSqGSIb3DQEBCwUAA4IBAQBiYbJE+T3wJb6vOTh+RPQcAIYWVwGDMTuP
rz8ljszqbRqofP7Q3sV4pF/Y9B48y3mgdyRnxuzXb4Zt0ZUVV9kKO3jN4d4aeGcL
eKtsuyvpDy+51tyyvLs71ZHm0K+FHbZnvHC+aMspEjOVLzeu96/pRG6EpW3VJSSM
5LvAkHlkz7V+PLGlt8hOtcKWU1lld0tDvkFOkt13qI1ajZtWlb9LcYAWZre3t6FU
ro2Gau7KN1IA7DCClutiRJQHE4lVmIM3+mfVc/rjltZolkPrEImCGms+akmpRs5n
xtCB/C1TTMkacTVIPQyWlvsGBvvawbDq1AcUrUQLlz1C2gUGRqMH
-----END CERTIFICATE-----
Generated at Fri Feb 2 12:05:18 2024 by rpki-client on console-ams.rpki-client.org