Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/hnErOdx0rm_VezSqr1AXj-ADeWk.roa
File: hnErOdx0rm_VezSqr1AXj-ADeWk.roa (raw, json)
Hash identifier: eHeRpSQ/cJaAJsplzHzxsVFveVgJ5eSt3kwlRX1hPtQ=
Subject key identifier: 86:71:2B:39:DC:74:AE:6F:D5:7B:34:AA:AF:50:17:8F:E0:03:79:69
Certificate issuer: /CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Certificate serial: 01880E5854405DAE07041FF889C5F0BE7E15
Authority key identifier: F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/hnErOdx0rm_VezSqr1AXj-ADeWk.roa
Signing time: Fri 12 May 2023 05:04:09 +0000
ROA not before: Fri 12 May 2023 05:04:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59651
IP address blocks: 45.155.166.0/24 maxlen: 24
45.155.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 May 2023 11:39:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0e:58:54:40:5d:ae:07:04:1f:f8:89:c5:f0:be:7e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8651b1194f12e98e70d3da78efe4dd2467cd423
Validity
Not Before: May 12 05:04:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86712b39dc74ae6fd57b34aaaf50178fe0037969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fb:59:77:c3:ba:6d:82:6e:7d:75:80:17:b8:
13:c8:90:ae:ba:f8:12:96:30:5f:a3:96:38:c7:d9:
2b:59:0e:e0:cc:6a:a2:e4:6c:03:92:c5:f9:39:6d:
c5:5f:1d:2e:a7:6c:b7:38:1f:0b:f6:28:40:8f:31:
61:41:5f:92:a8:24:56:33:4b:d3:f3:75:3c:94:67:
03:18:8c:31:7e:76:d7:57:ea:81:cc:95:19:4a:51:
40:36:38:ef:34:5c:a0:93:29:e3:58:7a:8c:03:80:
02:3c:83:99:a0:16:d3:99:c8:02:e2:6a:f2:b5:1c:
67:18:55:93:b8:e6:17:90:24:56:bf:f0:d3:58:45:
78:c4:ed:81:0d:19:a6:6d:fa:0c:c8:c5:6a:78:9f:
65:9a:66:f0:e6:52:8e:f3:eb:6d:46:e5:6f:55:b0:
22:ec:36:ca:59:f7:d7:00:2d:1f:61:6a:f4:34:7c:
47:cc:52:1f:3b:e0:f9:f2:c7:3b:3c:ee:f5:b1:5b:
91:92:11:28:2c:82:0a:ff:e4:38:46:6d:82:58:b6:
49:bb:1e:7c:17:fc:08:0c:56:70:c7:88:66:24:32:
af:d1:1b:55:5e:a8:ed:ac:b1:8a:b5:a3:9f:0b:20:
e2:50:69:a4:de:22:47:b8:df:b6:86:dd:0f:18:26:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:71:2B:39:DC:74:AE:6F:D5:7B:34:AA:AF:50:17:8F:E0:03:79:69
X509v3 Authority Key Identifier:
keyid:F8:65:1B:11:94:F1:2E:98:E7:0D:3D:A7:8E:FE:4D:D2:46:7C:D4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-GUbEZTxLpjnDT2njv5N0kZ81CM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/hnErOdx0rm_VezSqr1AXj-ADeWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/822400-3248-4702-b29b-a1b7ceefa16c/1/1-GUbEZTxLpjnDT2njv5N0kZ81CM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.166.0/23
Signature Algorithm: sha256WithRSAEncryption
08:09:c3:66:2a:bc:f6:0a:58:4a:10:df:5c:0b:d7:12:4a:6e:
66:73:fb:dc:94:f5:7a:c5:49:40:38:28:ea:bb:9d:c3:3a:a0:
ed:73:28:32:c6:35:99:5d:99:86:e9:3f:91:a5:e5:e8:a8:d0:
37:b3:14:89:4c:dd:62:9b:b0:48:68:3d:13:f1:d3:00:29:c1:
d3:d5:09:c8:0a:fd:11:85:d9:12:d7:ce:01:d4:1a:32:be:b7:
64:9d:0a:eb:8d:bd:20:81:a5:ba:21:4a:45:4e:a1:81:a4:d7:
04:19:98:3f:fb:07:4d:39:b5:13:72:ff:ca:c5:5f:df:b7:67:
3b:eb:78:6d:31:45:f3:4c:46:f1:52:20:70:fd:a5:69:46:e3:
fe:27:60:17:80:ee:f4:af:1f:63:59:c3:89:90:74:b6:d4:f3:
c9:b0:54:ad:94:1e:bc:a9:23:1b:a1:ae:13:33:c8:10:c0:b8:
4d:6f:c8:6c:4c:4b:82:60:b9:06:3b:92:7d:0e:7a:49:46:2a:
97:7c:fd:aa:f6:e1:a0:eb:a4:de:a0:b9:09:cb:48:7e:5c:bd:
7d:46:b9:8f:bf:17:8f:8d:83:bb:73:6e:8f:6d:3c:44:ca:95:
a5:26:92:b4:9a:65:d7:ef:27:e0:cc:c5:b9:f9:ff:fe:29:d4:
e7:50:82:01
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYgOWFRAXa4HBB/4icXwvn4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NjUxYjExOTRmMTJlOThlNzBkM2RhNzhlZmU0ZGQyNDY3
Y2Q0MjMwHhcNMjMwNTEyMDUwNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcxMmIzOWRjNzRhZTZmZDU3YjM0YWFhZjUwMTc4ZmUwMDM3OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsftZd8O6bYJufXWAF7gTyJCuuvgS
ljBfo5Y4x9krWQ7gzGqi5GwDksX5OW3FXx0up2y3OB8L9ihAjzFhQV+SqCRWM0vT
83U8lGcDGIwxfnbXV+qBzJUZSlFANjjvNFygkynjWHqMA4ACPIOZoBbTmcgC4mry
tRxnGFWTuOYXkCRWv/DTWEV4xO2BDRmmbfoMyMVqeJ9lmmbw5lKO8+ttRuVvVbAi
7DbKWffXAC0fYWr0NHxHzFIfO+D58sc7PO71sVuRkhEoLIIK/+Q4Rm2CWLZJux58
F/wIDFZwx4hmJDKv0RtVXqjtrLGKtaOfCyDiUGmk3iJHuN+2ht0PGCaCOwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIZxKzncdK5v1Xs0qq9QF4/gA3lpMB8GA1UdIwQY
MBaAFPhlGxGU8S6Y5w09p47+TdJGfNQjMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1HVWJFWlR4THBqbkRUMm5qdjVOMGtaODFDTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjli
LWExYjdjZWVmYTE2Yy8xL2huRXJPZHgwcm1fVmV6U3FyMUFYai1BRGVXay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvODIyNDAwLTMyNDgtNDcwMi1iMjliLWExYjdjZWVmYTE2
Yy8xLzEtR1ViRVpUeExwam5EVDJuanY1TjBrWjgxQ00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtm6Yw
DQYJKoZIhvcNAQELBQADggEBAAgJw2YqvPYKWEoQ31wL1xJKbmZz+9yU9XrFSUA4
KOq7ncM6oO1zKDLGNZldmYbpP5Gl5eio0DezFIlM3WKbsEhoPRPx0wApwdPVCcgK
/RGF2RLXzgHUGjK+t2SdCuuNvSCBpbohSkVOoYGk1wQZmD/7B005tRNy/8rFX9+3
ZzvreG0xRfNMRvFSIHD9pWlG4/4nYBeA7vSvH2NZw4mQdLbU88mwVK2UHrypIxuh
rhMzyBDAuE1vyGxMS4JguQY7kn0OeklGKpd8/ar24aDrpN6guQnLSH5cvX1GuY+/
F4+Ng7tzbo9tPETKlaUmkrSaZdfvJ+DMxbn5//4p1OdQggE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:55 2024 by rpki-client on console-fra.rpki-client.org