Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/glnsAwV6YA89-7KXVOBLkHPxLhk.roa
File: glnsAwV6YA89-7KXVOBLkHPxLhk.roa (raw, json)
Hash identifier: rWZCYtuur77VcaX20uG/7WCH/yMGBRtEVJ273srLA6Q=
Subject key identifier: 82:59:EC:03:05:7A:60:0F:3D:FB:B2:97:54:E0:4B:90:73:F1:2E:19
Certificate issuer: /CN=d9ca06a6199d4405bdd360efd5439f6460ab8c11
Certificate serial: 0185714C2879D2E222DBB2336C5E7027F83A
Authority key identifier: D9:CA:06:A6:19:9D:44:05:BD:D3:60:EF:D5:43:9F:64:60:AB:8C:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2coGphmdRAW902Dv1UOfZGCrjBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/glnsAwV6YA89-7KXVOBLkHPxLhk.roa
Signing time: Mon 02 Jan 2023 07:04:54 +0000
ROA not before: Mon 02 Jan 2023 07:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51531
IP address blocks: 45.159.240.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:28:79:d2:e2:22:db:b2:33:6c:5e:70:27:f8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ca06a6199d4405bdd360efd5439f6460ab8c11
Validity
Not Before: Jan 2 07:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8259ec03057a600f3dfbb29754e04b9073f12e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:df:cc:9b:a2:74:64:9b:d3:13:a1:95:b1:e1:
eb:51:2c:a1:95:e4:a7:66:67:07:72:78:e3:05:69:
7f:90:34:e8:7d:35:50:34:19:8d:55:16:1e:86:d2:
c6:63:21:14:51:1d:77:b5:af:7d:97:a2:93:8a:01:
7f:30:d8:88:e6:2f:b1:01:e8:0c:e7:d6:e8:77:af:
d0:9b:d0:5c:d2:72:1b:f4:18:b8:34:f7:4b:7c:33:
84:c4:b2:48:20:e3:bb:3b:15:83:73:2a:00:dc:f0:
04:80:37:e6:9c:4d:b7:84:8f:da:9a:49:82:0e:cf:
0a:0a:fe:2d:89:bc:3c:03:de:0f:cc:0e:a7:d0:b5:
b4:e5:25:d9:ff:ea:0c:bd:36:5e:66:32:a2:d1:66:
83:d0:d2:68:cd:fb:3f:ad:4e:1a:61:25:ec:5d:64:
dd:df:5c:32:c6:eb:27:fb:2d:b9:cd:56:e5:c1:6a:
b4:58:82:10:42:ea:24:2e:11:9c:19:c2:77:0a:fb:
dc:25:07:d3:f8:c0:d3:5a:14:9f:1d:c2:03:62:ec:
0b:7c:ca:d7:9d:50:47:5a:f0:6c:ee:5c:09:99:de:
85:b9:71:a2:e9:43:42:28:5b:25:06:68:bc:97:e9:
41:52:4d:21:c7:81:4d:25:ac:8b:14:fe:a2:6f:c0:
7c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:59:EC:03:05:7A:60:0F:3D:FB:B2:97:54:E0:4B:90:73:F1:2E:19
X509v3 Authority Key Identifier:
keyid:D9:CA:06:A6:19:9D:44:05:BD:D3:60:EF:D5:43:9F:64:60:AB:8C:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2coGphmdRAW902Dv1UOfZGCrjBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/glnsAwV6YA89-7KXVOBLkHPxLhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b30aa1-0dc2-4626-8cd1-6f03557518c9/1/2coGphmdRAW902Dv1UOfZGCrjBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:bd:34:70:e7:b0:77:fe:5a:f6:18:27:62:ae:5a:ca:20:c7:
86:ef:90:82:8b:3c:c0:ea:e8:27:56:61:b6:db:9f:3d:fa:0c:
60:fd:c0:60:78:6b:32:ba:c2:ed:6a:18:6e:0f:50:46:ce:1f:
45:76:2e:48:64:79:a0:9c:6c:58:cb:99:ba:e0:1b:47:cd:76:
f2:9c:9f:da:22:5d:ac:8e:ea:ac:28:db:3d:da:77:6a:be:ea:
c3:00:f7:16:2c:ca:4d:fc:a2:f2:09:6a:05:b1:0c:2d:4e:2e:
00:90:cc:d3:fc:e6:98:4f:5c:b2:59:86:ba:8b:86:5e:76:8e:
54:b7:bb:fa:09:70:45:7e:aa:eb:95:b5:58:23:fd:4f:a1:ad:
a7:be:ab:4c:74:e4:3c:51:06:95:0a:96:0d:01:31:e9:26:7b:
78:d4:b4:b2:05:6a:0a:b0:28:75:85:61:d9:8c:85:53:f6:f1:
3d:5f:8c:60:b6:5c:a9:38:fa:63:31:c4:9e:d1:b6:db:7d:f4:
41:9a:aa:77:0c:64:d4:4f:79:fe:25:62:ec:ce:ef:73:b0:fe:
5b:aa:d4:92:63:5c:e7:ef:b7:27:09:07:40:0d:8d:fe:22:2e:
5d:8b:ad:b5:29:72:a6:58:a3:9a:49:ba:06:b4:1b:fa:62:97:
d7:03:79:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxTCh50uIi27IzbF5wJ/g6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5Y2EwNmE2MTk5ZDQ0MDViZGQzNjBlZmQ1NDM5ZjY0NjBh
YjhjMTEwHhcNMjMwMTAyMDcwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU5ZWMwMzA1N2E2MDBmM2RmYmIyOTc1NGUwNGI5MDczZjEyZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt/Mm6J0ZJvTE6GVseHrUSyhleSn
ZmcHcnjjBWl/kDTofTVQNBmNVRYehtLGYyEUUR13ta99l6KTigF/MNiI5i+xAegM
59bod6/Qm9Bc0nIb9Bi4NPdLfDOExLJIIOO7OxWDcyoA3PAEgDfmnE23hI/amkmC
Ds8KCv4tibw8A94PzA6n0LW05SXZ/+oMvTZeZjKi0WaD0NJozfs/rU4aYSXsXWTd
31wyxusn+y25zVblwWq0WIIQQuokLhGcGcJ3CvvcJQfT+MDTWhSfHcIDYuwLfMrX
nVBHWvBs7lwJmd6FuXGi6UNCKFslBmi8l+lBUk0hx4FNJayLFP6ib8B8+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIJZ7AMFemAPPfuyl1TgS5Bz8S4ZMB8GA1UdIwQY
MBaAFNnKBqYZnUQFvdNg79VDn2Rgq4wRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNvR3BobWRSQVc5MDJEdjFVT2ZaR0NyakJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iMzBhYTEtMGRjMi00NjI2LThjZDEt
NmYwMzU1NzUxOGM5LzEvZ2xuc0F3VjZZQTg5LTdLWFZPQkxrSFB4TGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iMzBhYTEtMGRjMi00NjI2LThjZDEtNmYwMzU1NzUxOGM5
LzEvMmNvR3BobWRSQVc5MDJEdjFVT2ZaR0NyakJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ/wMA0G
CSqGSIb3DQEBCwUAA4IBAQCKvTRw57B3/lr2GCdirlrKIMeG75CCizzA6ugnVmG2
2589+gxg/cBgeGsyusLtahhuD1BGzh9Fdi5IZHmgnGxYy5m64BtHzXbynJ/aIl2s
juqsKNs92ndqvurDAPcWLMpN/KLyCWoFsQwtTi4AkMzT/OaYT1yyWYa6i4Zedo5U
t7v6CXBFfqrrlbVYI/1Poa2nvqtMdOQ8UQaVCpYNATHpJnt41LSyBWoKsCh1hWHZ
jIVT9vE9X4xgtlypOPpjMcSe0bbbffRBmqp3DGTUT3n+JWLszu9zsP5bqtSSY1zn
77cnCQdADY3+Ii5di621KXKmWKOaSboGtBv6YpfXA3me
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:13 2024 by rpki-client on console-ams.rpki-client.org