Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/9DG72P2WhBvwYVUKs-2isbTiIE8.roa
File: 9DG72P2WhBvwYVUKs-2isbTiIE8.roa (raw, json)
Hash identifier: JPmZ4mWZuNwLGbOoUYUzmlTwSjDfTZhjxYlf7C8wH/I=
Subject key identifier: F4:31:BB:D8:FD:96:84:1B:F0:61:55:0A:B3:ED:A2:B1:B4:E2:20:4F
Certificate issuer: /CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Certificate serial: 018572837B663851314626A6A55BB1FE4D6C
Authority key identifier: 7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/9DG72P2WhBvwYVUKs-2isbTiIE8.roa
Signing time: Mon 02 Jan 2023 12:44:57 +0000
ROA not before: Mon 02 Jan 2023 12:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208236
IP address blocks: 45.150.152.0/22 maxlen: 24
2a0f:d600::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 10 Jun 2023 13:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:7b:66:38:51:31:46:26:a6:a5:5b:b1:fe:4d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Validity
Not Before: Jan 2 12:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f431bbd8fd96841bf061550ab3eda2b1b4e2204f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:51:bc:83:d1:40:d2:dc:32:6d:bb:fc:1a:aa:
c3:d4:8d:45:06:0a:05:00:c7:17:cc:eb:b5:08:bb:
19:96:c9:8c:f6:99:70:cd:a9:11:a4:f0:3b:f3:75:
c1:90:d6:2d:07:1a:37:1c:ac:b9:0f:98:a8:bd:76:
9f:76:02:d9:04:79:dd:2e:69:b9:9b:00:8b:bd:2d:
d0:c0:26:42:22:c5:fd:1c:36:09:f0:02:f1:4c:31:
62:1b:a7:b3:63:4d:8c:09:27:b2:28:ab:88:3a:96:
45:b7:11:a1:bb:5b:43:8e:e2:2a:7e:12:df:4a:da:
93:ca:5b:73:30:ba:4f:58:8a:a3:56:6e:b8:2c:06:
b5:e9:6f:b3:72:18:f2:21:29:b8:1f:1e:39:bd:41:
f7:bb:cf:c3:0a:f4:7c:1f:81:7e:9b:e3:fe:9a:2e:
d8:6a:6b:08:40:fb:e3:2f:1f:b0:83:24:94:4e:f7:
46:9a:5c:c2:73:c1:b5:e3:e1:c3:35:d5:a3:a7:57:
c1:57:2d:2e:49:42:a4:f0:45:65:15:48:0c:54:fc:
01:7f:0d:74:5c:a5:b7:e1:c7:82:74:da:42:10:c9:
0b:ca:ed:41:38:79:86:dd:57:77:99:f1:a9:d6:73:
81:a2:37:83:6d:11:dc:46:b7:c0:43:02:c2:e4:61:
2c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:31:BB:D8:FD:96:84:1B:F0:61:55:0A:B3:ED:A2:B1:B4:E2:20:4F
X509v3 Authority Key Identifier:
keyid:7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/9DG72P2WhBvwYVUKs-2isbTiIE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.152.0/22
IPv6:
2a0f:d600::/29
Signature Algorithm: sha256WithRSAEncryption
e8:fb:ef:d7:2c:11:c6:cf:23:92:b3:fd:e8:63:51:99:19:1d:
a6:a3:b2:f1:35:3d:e9:73:1c:83:24:f1:4b:af:61:f1:a5:5f:
ab:52:91:39:16:f2:43:ce:24:68:1c:01:d2:8e:36:d6:07:48:
be:b2:70:2a:af:d8:65:dd:0b:a5:12:c8:02:ea:56:cf:4a:f5:
b9:2a:41:89:89:41:aa:87:72:33:5b:bd:23:ee:6e:24:b0:16:
56:82:e5:d6:43:11:03:f2:d1:e7:cf:eb:f5:16:f4:3b:18:f2:
06:62:30:67:25:a2:07:98:62:be:a2:bb:4e:2f:dd:c2:e7:17:
9e:f0:04:e2:9c:d2:15:67:ec:97:2c:5d:85:cf:72:a8:91:57:
0c:d1:e0:84:bf:e2:92:bf:f5:46:b2:c2:11:b7:fe:54:84:7e:
3a:56:07:8b:1c:23:e6:c8:0c:0d:7d:8a:31:b1:74:ce:f5:0c:
30:24:e9:57:3b:23:b8:79:8e:fa:6e:52:c6:3e:82:71:34:ff:
77:ae:81:da:64:82:b0:f6:4e:8d:ac:23:59:5c:6c:46:49:c4:
bf:4d:5f:02:fd:07:57:c6:0c:e6:02:fa:ad:63:58:3a:0f:bc:
8c:24:0d:35:17:f6:c5:de:f1:9c:9c:e5:7d:4d:ac:64:30:c7:
a1:03:07:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyg3tmOFExRiampVux/k1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjY3NzllNjJiNDYxMjg4N2ZlNmY4ZDRlOWMwZTM3MzFm
NmUxMDgwHhcNMjMwMTAyMTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMxYmJkOGZkOTY4NDFiZjA2MTU1MGFiM2VkYTJiMWI0ZTIyMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFG8g9FA0twybbv8GqrD1I1FBgoF
AMcXzOu1CLsZlsmM9plwzakRpPA783XBkNYtBxo3HKy5D5iovXafdgLZBHndLmm5
mwCLvS3QwCZCIsX9HDYJ8ALxTDFiG6ezY02MCSeyKKuIOpZFtxGhu1tDjuIqfhLf
StqTyltzMLpPWIqjVm64LAa16W+zchjyISm4Hx45vUH3u8/DCvR8H4F+m+P+mi7Y
amsIQPvjLx+wgySUTvdGmlzCc8G14+HDNdWjp1fBVy0uSUKk8EVlFUgMVPwBfw10
XKW34ceCdNpCEMkLyu1BOHmG3Vd3mfGp1nOBojeDbRHcRrfAQwLC5GEsxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPQxu9j9loQb8GFVCrPtorG04iBPMB8GA1UdIwQY
MBaAFHr2d55itGEoh/5vjU6cDjcx9uEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUt
NzkwNzc1Yzc3OWM1LzEvOURHNzJQMldoQnZ3WVZVS3MtMmlzYlRpSUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUtNzkwNzc1Yzc3OWM1
LzEvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZaYMA0E
AgACMAcDBQMqD9YAMA0GCSqGSIb3DQEBCwUAA4IBAQDo++/XLBHGzyOSs/3oY1GZ
GR2mo7LxNT3pcxyDJPFLr2HxpV+rUpE5FvJDziRoHAHSjjbWB0i+snAqr9hl3Qul
EsgC6lbPSvW5KkGJiUGqh3IzW70j7m4ksBZWguXWQxED8tHnz+v1FvQ7GPIGYjBn
JaIHmGK+ortOL93C5xee8ATinNIVZ+yXLF2Fz3KokVcM0eCEv+KSv/VGssIRt/5U
hH46VgeLHCPmyAwNfYoxsXTO9QwwJOlXOyO4eY76blLGPoJxNP93roHaZIKw9k6N
rCNZXGxGScS/TV8C/QdXxgzmAvqtY1g6D7yMJA01F/bF3vGcnOV9TaxkMMehAwfG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:28 2024 by rpki-client on console-ams.rpki-client.org