Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/RS2q3BqTeIqj4PZoP5Rps_xRD64.roa
File: RS2q3BqTeIqj4PZoP5Rps_xRD64.roa (raw, json)
Hash identifier: Xa8ZLCRGJamFl4df0H8z6MDsLjlLcxbFcjBiUNoctp4=
Subject key identifier: 45:2D:AA:DC:1A:93:78:8A:A3:E0:F6:68:3F:94:69:B3:FC:51:0F:AE
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0185720364C1261DF4CF355CD290DCBE3678
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/RS2q3BqTeIqj4PZoP5Rps_xRD64.roa
Signing time: Mon 02 Jan 2023 10:25:03 +0000
ROA not before: Mon 02 Jan 2023 10:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205007
IP address blocks: 45.89.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 May 2023 12:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:64:c1:26:1d:f4:cf:35:5c:d2:90:dc:be:36:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 2 10:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=452daadc1a93788aa3e0f6683f9469b3fc510fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:18:3a:29:48:13:20:16:5a:f7:2e:86:09:5f:
4e:66:f0:34:6f:ad:31:10:b2:db:3a:a3:3c:b0:c7:
6f:d1:02:11:30:b9:4a:1c:55:89:e5:42:e4:57:0c:
7f:33:62:af:93:b9:60:f7:0a:66:83:ea:12:b2:28:
fb:b0:86:3b:b8:28:69:38:a7:5b:48:cc:4d:58:bb:
e1:b8:fc:50:62:5e:3e:43:7f:69:e0:a8:35:49:b8:
de:bc:c8:f2:67:5a:70:f8:dd:00:cf:c3:fd:73:14:
31:12:fe:e4:f3:29:41:69:15:1d:66:2b:f0:43:60:
e6:92:21:1b:d5:29:c5:64:89:30:1b:bd:13:ff:af:
3f:a6:82:cd:67:05:d0:6d:4f:84:6b:b6:ef:e0:b0:
58:e5:dd:38:13:f0:da:8c:08:77:4d:e1:a4:47:0f:
05:5a:01:46:49:ee:3a:78:f2:ee:4d:7e:fb:44:35:
19:e7:51:45:6a:da:1b:12:a2:ed:7d:6a:80:bf:c4:
29:e2:17:56:57:01:cd:ad:5f:b4:02:36:7a:ae:92:
b4:b6:74:51:95:f9:38:b1:fa:d6:1a:88:fa:0c:1b:
d8:19:ba:a3:f6:92:89:80:3e:fa:14:7a:e9:b0:7f:
9b:bc:74:11:29:05:f4:64:9d:a0:59:42:14:b9:bc:
b7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2D:AA:DC:1A:93:78:8A:A3:E0:F6:68:3F:94:69:B3:FC:51:0F:AE
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/RS2q3BqTeIqj4PZoP5Rps_xRD64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.55.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:62:9c:37:78:9e:24:24:c3:82:15:f0:f8:78:8e:da:7f:27:
98:ca:b7:76:22:f6:49:46:df:ec:5c:8d:72:89:81:d2:49:be:
28:4e:c3:43:62:c8:05:ae:55:ff:ac:03:46:87:1c:6d:62:94:
15:5d:fd:a5:69:e1:ee:0a:88:47:19:07:7b:e5:5b:71:ee:05:
00:3b:35:ea:35:21:b5:93:07:c6:a6:87:a1:25:a1:c0:e2:c6:
cb:25:e1:8a:c5:48:97:5f:20:31:a6:47:65:53:da:20:5c:bb:
a7:c6:0b:5c:32:e4:9e:07:cc:1a:f1:e4:b5:82:c1:57:dc:38:
00:16:94:ad:ac:82:d6:c8:cc:97:b2:cc:f6:28:1e:34:c5:d8:
10:da:f7:0f:fe:d5:b1:7c:46:d1:2d:ad:ca:e6:00:15:e4:99:
fa:0f:6e:11:11:32:ca:7e:2d:3f:ca:b7:68:7a:14:12:c7:42:
18:26:3b:94:dc:b6:ad:e4:e6:3e:f5:dc:ae:76:9d:0a:f1:d9:
db:79:e9:36:d1:53:f5:43:0e:e8:0c:ae:c7:fc:ac:83:e9:5d:
cf:41:32:41:a4:fd:bd:d3:6f:ce:2e:79:ff:07:a6:58:37:f5:
86:8f:b0:ee:ff:9f:1d:b9:76:34:f3:0e:97:82:c1:65:cf:7c:
c4:8a:6a:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA2TBJh30zzVc0pDcvjZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjMwMTAyMTAyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJkYWFkYzFhOTM3ODhhYTNlMGY2NjgzZjk0NjliM2ZjNTEwZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxg6KUgTIBZa9y6GCV9OZvA0b60x
ELLbOqM8sMdv0QIRMLlKHFWJ5ULkVwx/M2Kvk7lg9wpmg+oSsij7sIY7uChpOKdb
SMxNWLvhuPxQYl4+Q39p4Kg1SbjevMjyZ1pw+N0Az8P9cxQxEv7k8ylBaRUdZivw
Q2DmkiEb1SnFZIkwG70T/68/poLNZwXQbU+Ea7bv4LBY5d04E/DajAh3TeGkRw8F
WgFGSe46ePLuTX77RDUZ51FFatobEqLtfWqAv8Qp4hdWVwHNrV+0AjZ6rpK0tnRR
lfk4sfrWGoj6DBvYGbqj9pKJgD76FHrpsH+bvHQRKQX0ZJ2gWUIUuby3mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEUtqtwak3iKo+D2aD+UabP8UQ+uMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvUlMycTNCcVRlSXFqNFBab1A1UnBzX3hSRDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVk3MA0G
CSqGSIb3DQEBCwUAA4IBAQBcYpw3eJ4kJMOCFfD4eI7afyeYyrd2IvZJRt/sXI1y
iYHSSb4oTsNDYsgFrlX/rANGhxxtYpQVXf2laeHuCohHGQd75Vtx7gUAOzXqNSG1
kwfGpoehJaHA4sbLJeGKxUiXXyAxpkdlU9ogXLunxgtcMuSeB8wa8eS1gsFX3DgA
FpStrILWyMyXssz2KB40xdgQ2vcP/tWxfEbRLa3K5gAV5Jn6D24RETLKfi0/yrdo
ehQSx0IYJjuU3Lat5OY+9dyudp0K8dnbeek20VP1Qw7oDK7H/KyD6V3PQTJBpP29
02/OLnn/B6ZYN/WGj7Du/58duXY08w6XgsFlz3zEimqT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:23 2024 by rpki-client on console-fra.rpki-client.org