Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/7c44c4-eccd-495c-b983-84c90bba9cd4/1/csXjx-1Ih6CPQziaOvoGIlK47-M.roa
File: csXjx-1Ih6CPQziaOvoGIlK47-M.roa (raw, json)
Hash identifier: 4ovS61dFE69f94QgfIYmAsKRvZartLgePrB92X6SC54=
Subject key identifier: 72:C5:E3:C7:ED:48:87:A0:8F:43:38:9A:3A:FA:06:22:52:B8:EF:E3
Certificate issuer: /CN=f020cb4f9b5f79b9da6b4827bad9c54a2a80c531
Certificate serial: 018572BA48834653577AE448C07E9A7389EE
Authority key identifier: F0:20:CB:4F:9B:5F:79:B9:DA:6B:48:27:BA:D9:C5:4A:2A:80:C5:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8CDLT5tfebnaa0gnutnFSiqAxTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/7c44c4-eccd-495c-b983-84c90bba9cd4/1/csXjx-1Ih6CPQziaOvoGIlK47-M.roa
Signing time: Mon 02 Jan 2023 13:44:48 +0000
ROA not before: Mon 02 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200984
IP address blocks: 45.13.80.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:48:83:46:53:57:7a:e4:48:c0:7e:9a:73:89:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f020cb4f9b5f79b9da6b4827bad9c54a2a80c531
Validity
Not Before: Jan 2 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72c5e3c7ed4887a08f43389a3afa062252b8efe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:13:b7:f6:a2:d4:de:51:d4:81:99:05:df:76:
1c:1f:5e:64:e5:30:8b:93:e2:ce:52:71:ee:20:79:
58:17:d6:e0:b3:1b:42:56:54:54:0f:07:c5:8d:c7:
7c:4b:5c:0f:06:50:f8:56:29:2a:54:8d:74:89:67:
ab:71:e7:19:6b:84:95:98:41:a8:40:11:03:8c:77:
25:a8:32:c7:be:ea:c6:5a:b0:20:e4:a3:aa:9f:ae:
d9:cd:1c:c2:df:15:24:20:26:bf:29:ab:bb:f9:6a:
5d:f3:da:a4:2c:11:18:00:37:42:e2:17:ff:42:fd:
9b:bc:a6:8c:c1:6b:64:b4:0d:b2:8c:f3:89:e4:27:
2b:88:bd:ac:7d:c5:ca:cf:9b:94:e9:9a:47:f2:e8:
ed:d1:62:00:77:21:7b:3f:45:ba:70:64:58:5b:02:
b0:ce:22:64:2c:ea:ee:f6:cb:89:c9:14:4e:14:e0:
6d:df:c5:de:26:36:78:20:00:ba:98:65:49:95:bd:
f9:13:26:61:b7:52:6c:86:92:e1:3f:fa:f3:46:84:
a7:a4:81:bc:f2:83:32:62:bc:d5:fa:14:bf:00:98:
0b:f0:b8:96:c5:4f:12:d9:a8:00:6b:22:45:72:a4:
65:be:ea:2a:3a:df:70:ac:f9:df:09:cd:5a:97:56:
10:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C5:E3:C7:ED:48:87:A0:8F:43:38:9A:3A:FA:06:22:52:B8:EF:E3
X509v3 Authority Key Identifier:
keyid:F0:20:CB:4F:9B:5F:79:B9:DA:6B:48:27:BA:D9:C5:4A:2A:80:C5:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8CDLT5tfebnaa0gnutnFSiqAxTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/7c44c4-eccd-495c-b983-84c90bba9cd4/1/csXjx-1Ih6CPQziaOvoGIlK47-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/7c44c4-eccd-495c-b983-84c90bba9cd4/1/8CDLT5tfebnaa0gnutnFSiqAxTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.80.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:0f:5f:72:5a:6a:0b:cc:c0:5d:c1:f9:d3:8a:73:62:3d:35:
4d:9d:7a:f4:1d:6b:87:d6:43:8e:1c:b9:1c:4d:55:2e:1a:00:
a3:ac:82:50:43:22:53:8c:4a:ec:6e:28:85:98:e7:ec:42:5a:
af:5c:39:d5:a0:86:4d:09:57:d5:e2:46:83:4e:30:18:7a:7f:
3d:6a:ba:ef:fa:28:77:ad:b8:e2:f5:af:7f:74:10:36:61:9f:
4c:9b:aa:d7:35:20:66:ec:90:db:a7:f0:b5:85:96:ce:85:06:
ad:58:67:de:f0:d6:2b:b3:54:d6:a4:64:75:c5:88:02:57:63:
21:3c:05:cb:dd:af:e4:c3:3a:85:08:0b:7b:87:f9:ff:77:74:
f3:b9:c6:3c:14:74:d8:c3:b5:16:dd:2f:0f:c0:8f:f3:c6:f3:
1b:0c:31:43:ba:9c:1f:b7:17:fb:47:45:77:9b:f1:0d:e9:65:
57:59:b9:92:01:17:62:0d:04:28:c9:04:00:68:24:81:9f:bd:
1b:06:1b:31:b9:fd:cf:48:37:54:07:06:17:18:b6:83:75:3c:
b3:1e:e4:7d:7a:11:83:74:34:80:bf:59:97:c3:17:33:0f:dc:
2d:41:93:8d:a8:64:cb:f4:e6:b8:f0:50:46:16:e5:31:de:f2:
22:42:5a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyukiDRlNXeuRIwH6ac4nuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMjBjYjRmOWI1Zjc5YjlkYTZiNDgyN2JhZDljNTRhMmE4
MGM1MzEwHhcNMjMwMTAyMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmM1ZTNjN2VkNDg4N2EwOGY0MzM4OWEzYWZhMDYyMjUyYjhlZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBO39qLU3lHUgZkF33YcH15k5TCL
k+LOUnHuIHlYF9bgsxtCVlRUDwfFjcd8S1wPBlD4VikqVI10iWercecZa4SVmEGo
QBEDjHclqDLHvurGWrAg5KOqn67ZzRzC3xUkICa/Kau7+Wpd89qkLBEYADdC4hf/
Qv2bvKaMwWtktA2yjPOJ5CcriL2sfcXKz5uU6ZpH8ujt0WIAdyF7P0W6cGRYWwKw
ziJkLOru9suJyRROFOBt38XeJjZ4IAC6mGVJlb35EyZht1JshpLhP/rzRoSnpIG8
8oMyYrzV+hS/AJgL8LiWxU8S2agAayJFcqRlvuoqOt9wrPnfCc1al1YQuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHLF48ftSIegj0M4mjr6BiJSuO/jMB8GA1UdIwQY
MBaAFPAgy0+bX3m52mtIJ7rZxUoqgMUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOENETFQ1dGZlYm5hYTBnbnV0bkZTaXFBeFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83YzQ0YzQtZWNjZC00OTVjLWI5ODMt
ODRjOTBiYmE5Y2Q0LzEvY3NYangtMUloNkNQUXppYU92b0dJbEs0Ny1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83YzQ0YzQtZWNjZC00OTVjLWI5ODMtODRjOTBiYmE5Y2Q0
LzEvOENETFQ1dGZlYm5hYTBnbnV0bkZTaXFBeFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ1QMA0G
CSqGSIb3DQEBCwUAA4IBAQDCD19yWmoLzMBdwfnTinNiPTVNnXr0HWuH1kOOHLkc
TVUuGgCjrIJQQyJTjErsbiiFmOfsQlqvXDnVoIZNCVfV4kaDTjAYen89arrv+ih3
rbji9a9/dBA2YZ9Mm6rXNSBm7JDbp/C1hZbOhQatWGfe8NYrs1TWpGR1xYgCV2Mh
PAXL3a/kwzqFCAt7h/n/d3TzucY8FHTYw7UW3S8PwI/zxvMbDDFDupwftxf7R0V3
m/EN6WVXWbmSARdiDQQoyQQAaCSBn70bBhsxuf3PSDdUBwYXGLaDdTyzHuR9ehGD
dDSAv1mXwxczD9wtQZONqGTL9Oa48FBGFuUx3vIiQlqN
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:27 2024 by rpki-client on console-fra.rpki-client.org