Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/pdktgOS9wqcjafpQXliFGMrioTU.roa
File: pdktgOS9wqcjafpQXliFGMrioTU.roa (raw, json)
Hash identifier: DseXebtCQanxvkQVqlQQ4pWzKWqdzWM0u21R011lq6Y=
Subject key identifier: A5:D9:2D:80:E4:BD:C2:A7:23:69:FA:50:5E:58:85:18:CA:E2:A1:35
Certificate issuer: /CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Certificate serial: 01856F4B666C6175912E0E0379CA0661F233
Authority key identifier: 98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/pdktgOS9wqcjafpQXliFGMrioTU.roa
Signing time: Sun 01 Jan 2023 21:44:50 +0000
ROA not before: Sun 01 Jan 2023 21:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212396
IP address blocks: 45.84.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:66:6c:61:75:91:2e:0e:03:79:ca:06:61:f2:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Validity
Not Before: Jan 1 21:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5d92d80e4bdc2a72369fa505e588518cae2a135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:74:ee:3a:5a:1d:d1:1f:49:38:44:dc:3d:a5:
bc:bf:5c:9c:57:41:1d:04:9f:c6:ad:89:66:bf:86:
81:09:0d:1f:69:57:6c:4e:56:06:76:cd:e3:4c:c5:
77:bb:18:2a:b5:fe:44:da:60:12:72:f4:2b:34:bf:
87:aa:14:8e:55:14:fe:db:d9:87:36:be:a3:75:4a:
d6:43:bf:4f:45:ff:5d:e4:79:bd:bf:1d:d4:6a:14:
69:87:ff:b2:89:75:6b:93:ff:d5:ca:2c:63:36:01:
67:36:60:70:d4:e9:4d:80:d9:2e:f3:4c:6c:06:51:
29:20:44:31:14:1b:8e:56:f7:49:87:65:d0:c4:49:
73:47:ce:e6:4a:d0:bc:46:34:db:ef:63:f3:f4:27:
5c:d1:01:9f:75:8c:fe:62:48:39:43:eb:c3:c8:bc:
4f:35:49:0f:58:75:8b:d3:a0:a3:d2:e4:06:36:1a:
31:ec:63:14:f8:af:55:92:90:bc:b6:2c:88:ca:e5:
20:d5:4a:37:e1:2c:5e:da:14:89:a1:d3:7f:ba:5c:
3f:e9:8b:8b:b4:a0:36:75:9f:e7:37:6a:fd:57:c9:
04:9e:ac:c0:42:43:fe:7b:31:e8:03:d6:04:97:52:
a2:e0:92:83:40:bb:0f:76:cd:86:5f:92:ec:e5:3c:
48:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D9:2D:80:E4:BD:C2:A7:23:69:FA:50:5E:58:85:18:CA:E2:A1:35
X509v3 Authority Key Identifier:
keyid:98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/pdktgOS9wqcjafpQXliFGMrioTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.57.0/24
Signature Algorithm: sha256WithRSAEncryption
22:d4:bd:5b:ca:31:37:59:0b:e2:5b:8b:c7:09:ff:7f:fb:b4:
a8:9d:8f:2c:fb:86:c8:c7:c6:a5:36:69:ff:56:88:32:b6:36:
6b:03:96:62:4a:aa:c9:25:16:12:45:6a:d7:3c:55:0d:30:75:
17:74:b2:23:33:29:7a:67:ec:59:5a:e0:9c:26:68:73:6f:30:
f4:21:08:8e:d7:02:a3:20:d9:40:3e:f7:96:24:68:9b:9c:20:
4a:de:1e:3f:b9:31:e6:d2:be:41:94:51:8e:93:ee:cb:f7:b3:
9c:17:2e:96:3b:b4:7a:85:04:22:c0:fc:d6:c0:03:32:2a:f4:
bc:64:bb:06:27:aa:fd:e9:0c:3b:f8:64:56:f2:27:88:66:59:
1e:3c:a2:46:b2:cc:4c:03:90:b1:b0:b4:83:1f:16:de:b8:72:
44:66:62:93:08:db:3d:96:df:e1:d3:1b:68:2d:78:15:a1:63:
ac:ba:c2:58:4c:b0:6d:76:5a:8e:c8:13:2f:2f:47:3e:7e:35:
f9:3f:ec:4c:99:5a:2e:a7:90:d0:51:28:03:30:54:cb:fa:f0:
ef:c2:18:e5:4b:b8:75:14:4f:f8:b0:88:95:c6:10:f9:0b:9c:
49:00:1c:fa:0c:a3:e3:29:c5:ad:f4:63:a6:65:79:74:34:14:
60:7a:57:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS2ZsYXWRLg4DecoGYfIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjhhMTk5MmJiODAzN2RkZTgxZDBjOGNkYzA2OTVmY2Vl
MTdjMjcwHhcNMjMwMTAxMjE0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQ5MmQ4MGU0YmRjMmE3MjM2OWZhNTA1ZTU4ODUxOGNhZTJhMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXTuOlod0R9JOETcPaW8v1ycV0Ed
BJ/GrYlmv4aBCQ0faVdsTlYGds3jTMV3uxgqtf5E2mAScvQrNL+HqhSOVRT+29mH
Nr6jdUrWQ79PRf9d5Hm9vx3UahRph/+yiXVrk//VyixjNgFnNmBw1OlNgNku80xs
BlEpIEQxFBuOVvdJh2XQxElzR87mStC8RjTb72Pz9Cdc0QGfdYz+Ykg5Q+vDyLxP
NUkPWHWL06Cj0uQGNhox7GMU+K9VkpC8tiyIyuUg1Uo34Sxe2hSJodN/ulw/6YuL
tKA2dZ/nN2r9V8kEnqzAQkP+ezHoA9YEl1Ki4JKDQLsPds2GX5Ls5TxIPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXZLYDkvcKnI2n6UF5YhRjK4qE1MB8GA1UdIwQY
MBaAFJhooZkruAN93oHQyM3AaV/O4XwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2It
ZDc4ZDU2MzFkN2Y2LzEvcGRrdGdPUzl3cWNqYWZwUVhsaUZHTXJpb1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2ItZDc4ZDU2MzFkN2Y2
LzEvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVQ5MA0G
CSqGSIb3DQEBCwUAA4IBAQAi1L1byjE3WQviW4vHCf9/+7SonY8s+4bIx8alNmn/
VogytjZrA5ZiSqrJJRYSRWrXPFUNMHUXdLIjMyl6Z+xZWuCcJmhzbzD0IQiO1wKj
INlAPveWJGibnCBK3h4/uTHm0r5BlFGOk+7L97OcFy6WO7R6hQQiwPzWwAMyKvS8
ZLsGJ6r96Qw7+GRW8ieIZlkePKJGssxMA5CxsLSDHxbeuHJEZmKTCNs9lt/h0xto
LXgVoWOsusJYTLBtdlqOyBMvL0c+fjX5P+xMmVoup5DQUSgDMFTL+vDvwhjlS7h1
FE/4sIiVxhD5C5xJABz6DKPjKcWt9GOmZXl0NBRgelet
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:55 2024 by rpki-client on console-fra.rpki-client.org