Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/2b285d-d6da-4bbb-a93a-b78760334ebd/1/849Yt2dFSWfbpWE5FEEUNXRIcZ0.roa
File: 849Yt2dFSWfbpWE5FEEUNXRIcZ0.roa (raw, json)
Hash identifier: AlHJJOfd6ms/aVnsRXiae5MWlbHSpD4IcDIyNuzXX/Y=
Subject key identifier: F3:8F:58:B7:67:45:49:67:DB:A5:61:39:14:41:14:35:74:48:71:9D
Certificate issuer: /CN=696262b63e63464aa4f1046628fa425dbaee3ceb
Certificate serial: 01856D418447610783A5E222AC5B300A7EB6
Authority key identifier: 69:62:62:B6:3E:63:46:4A:A4:F1:04:66:28:FA:42:5D:BA:EE:3C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aWJitj5jRkqk8QRmKPpCXbruPOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/2b285d-d6da-4bbb-a93a-b78760334ebd/1/849Yt2dFSWfbpWE5FEEUNXRIcZ0.roa
Signing time: Sun 01 Jan 2023 12:14:48 +0000
ROA not before: Sun 01 Jan 2023 12:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206610
IP address blocks: 45.158.140.0/22 maxlen: 24
2a0f:6980::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:84:47:61:07:83:a5:e2:22:ac:5b:30:0a:7e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=696262b63e63464aa4f1046628fa425dbaee3ceb
Validity
Not Before: Jan 1 12:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f38f58b767454967dba56139144114357448719d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:73:74:42:c9:9a:7a:4c:3c:a1:31:c7:6b:03:
91:11:cc:44:56:60:87:01:53:78:be:b2:e6:78:6d:
70:5c:b1:0f:74:0f:fe:89:dd:16:3d:78:99:69:ac:
7c:d0:4a:5e:a3:d5:7e:3a:d7:9c:2f:28:cf:f6:a7:
d7:84:63:2c:8a:71:75:98:ee:84:93:ca:69:e2:56:
b5:29:53:c2:cb:87:2e:93:bd:76:1a:40:54:49:2f:
72:ea:45:df:7a:36:10:75:be:57:cc:26:8e:70:dd:
be:ab:11:85:1f:9d:8b:e0:a1:df:3f:d4:3a:12:22:
2e:8a:ad:0c:15:10:13:1f:03:f3:98:be:9d:43:11:
3d:fa:a0:11:c4:72:a7:ee:53:79:fe:e5:c9:7f:d2:
8e:0a:ac:40:af:86:45:e2:e8:09:02:87:d5:18:9f:
31:7d:e7:98:32:ef:5e:27:73:34:aa:2c:e7:d8:ac:
dd:43:49:f2:3a:b2:58:ba:c0:70:54:9f:d7:db:7a:
98:a0:2d:22:b0:26:ba:2c:71:64:a1:67:f6:b8:2c:
c0:d7:cf:69:31:54:bc:6b:c6:4c:fd:be:cc:92:4b:
88:21:95:33:fa:4b:42:8e:ec:e5:29:f4:a8:5b:18:
ea:4d:c3:a1:31:4e:37:51:1c:93:bc:65:ac:f2:06:
b3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:8F:58:B7:67:45:49:67:DB:A5:61:39:14:41:14:35:74:48:71:9D
X509v3 Authority Key Identifier:
keyid:69:62:62:B6:3E:63:46:4A:A4:F1:04:66:28:FA:42:5D:BA:EE:3C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWJitj5jRkqk8QRmKPpCXbruPOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2b285d-d6da-4bbb-a93a-b78760334ebd/1/849Yt2dFSWfbpWE5FEEUNXRIcZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2b285d-d6da-4bbb-a93a-b78760334ebd/1/aWJitj5jRkqk8QRmKPpCXbruPOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.140.0/22
IPv6:
2a0f:6980::/29
Signature Algorithm: sha256WithRSAEncryption
92:87:ae:41:e2:5f:78:ea:cb:32:9a:f8:9c:f4:7c:e6:5e:48:
a5:61:da:42:75:86:e2:aa:e3:51:63:9d:3b:bc:c7:0a:17:c5:
76:ad:79:84:15:d6:81:ea:a7:c9:59:6f:59:69:23:34:4c:84:
bb:ab:68:13:22:15:d9:a7:2d:4f:d9:36:c1:93:67:ef:ef:ed:
1f:fe:36:a1:ca:00:5e:a9:4e:f1:6f:2a:3a:52:61:1d:a1:bd:
7a:9f:1b:e2:8d:97:ae:8e:d2:12:c6:91:4f:ec:d5:f6:96:d9:
30:8c:f9:e6:5a:79:88:20:24:6a:e4:3c:da:3d:da:9b:89:a1:
37:11:29:95:cd:e1:b8:a9:4b:aa:7e:c0:9f:e5:93:7f:d8:ac:
d8:13:95:28:92:ae:6b:d8:6e:41:00:db:2e:7b:5d:81:33:73:
dc:d1:fa:ed:98:c5:92:54:cf:71:b2:63:59:32:23:ea:3a:a1:
2a:91:8b:8f:e4:d7:ca:e3:85:75:25:05:bf:7e:93:51:e8:a5:
2e:e0:77:b1:34:8a:c3:82:4a:b8:d3:44:de:4c:8d:b9:c9:41:
29:44:ed:5c:36:7d:96:97:d4:e3:38:3f:0c:cc:09:82:07:8e:
2e:48:b2:03:67:0e:b8:82:d7:2a:d8:00:da:c5:89:6f:aa:34:
7b:1c:b1:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtQYRHYQeDpeIirFswCn62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjI2MmI2M2U2MzQ2NGFhNGYxMDQ2NjI4ZmE0MjVkYmFl
ZTNjZWIwHhcNMjMwMTAxMTIxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzhmNThiNzY3NDU0OTY3ZGJhNTYxMzkxNDQxMTQzNTc0NDg3MTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3N0Qsmaekw8oTHHawOREcxEVmCH
AVN4vrLmeG1wXLEPdA/+id0WPXiZaax80Epeo9V+OtecLyjP9qfXhGMsinF1mO6E
k8pp4la1KVPCy4cuk712GkBUSS9y6kXfejYQdb5XzCaOcN2+qxGFH52L4KHfP9Q6
EiIuiq0MFRATHwPzmL6dQxE9+qARxHKn7lN5/uXJf9KOCqxAr4ZF4ugJAofVGJ8x
feeYMu9eJ3M0qizn2KzdQ0nyOrJYusBwVJ/X23qYoC0isCa6LHFkoWf2uCzA189p
MVS8a8ZM/b7MkkuIIZUz+ktCjuzlKfSoWxjqTcOhMU43URyTvGWs8gaz4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPOPWLdnRUln26VhORRBFDV0SHGdMB8GA1UdIwQY
MBaAFGliYrY+Y0ZKpPEEZij6Ql267jzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdKaXRqNWpSa3FrOFFSbUtQcENYYnJ1UE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yYjI4NWQtZDZkYS00YmJiLWE5M2Et
Yjc4NzYwMzM0ZWJkLzEvODQ5WXQyZEZTV2ZicFdFNUZFRVVOWFJJY1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yYjI4NWQtZDZkYS00YmJiLWE5M2EtYjc4NzYwMzM0ZWJk
LzEvYVdKaXRqNWpSa3FrOFFSbUtQcENYYnJ1UE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ6MMA0E
AgACMAcDBQMqD2mAMA0GCSqGSIb3DQEBCwUAA4IBAQCSh65B4l946ssymvic9Hzm
XkilYdpCdYbiquNRY507vMcKF8V2rXmEFdaB6qfJWW9ZaSM0TIS7q2gTIhXZpy1P
2TbBk2fv7+0f/jahygBeqU7xbyo6UmEdob16nxvijZeujtISxpFP7NX2ltkwjPnm
WnmIICRq5DzaPdqbiaE3ESmVzeG4qUuqfsCf5ZN/2KzYE5Uokq5r2G5BANsue12B
M3Pc0frtmMWSVM9xsmNZMiPqOqEqkYuP5NfK44V1JQW/fpNR6KUu4HexNIrDgkq4
00TeTI25yUEpRO1cNn2Wl9TjOD8MzAmCB44uSLIDZw64gtcq2ADaxYlvqjR7HLH5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:11 2024 by rpki-client on console-fra.rpki-client.org