Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/wWfASjreqFiQ7mSG_CZkcNF-5lI.roa
File: wWfASjreqFiQ7mSG_CZkcNF-5lI.roa (raw, json)
Hash identifier: gnogsug6EeaSj+Npsf5jDn5l957sRPCkTqo5B6hTWyE=
Subject key identifier: C1:67:C0:4A:3A:DE:A8:58:90:EE:64:86:FC:26:64:70:D1:7E:E6:52
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018B2EEB69C19AA1763972F2D040A8AD0CDB
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/wWfASjreqFiQ7mSG_CZkcNF-5lI.roa
Signing time: Sat 14 Oct 2023 16:01:01 +0000
ROA not before: Sat 14 Oct 2023 16:01:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211439
IP address blocks: 45.86.52.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:eb:69:c1:9a:a1:76:39:72:f2:d0:40:a8:ad:0c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Oct 14 16:01:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c167c04a3adea85890ee6486fc266470d17ee652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b7:01:07:b8:85:b0:40:ac:84:1b:14:26:8b:
04:44:2e:97:15:73:9e:68:0f:77:57:1a:a8:f9:dc:
24:d7:76:f5:72:20:e8:f6:1f:50:16:37:54:18:13:
a1:0f:b0:44:e2:de:8b:de:f0:b4:a1:49:8f:41:19:
bf:08:5e:43:a7:c4:c1:4a:57:4b:20:6f:cf:11:c1:
ef:ce:e7:15:78:b4:95:bb:4b:07:cc:ac:e3:9f:9f:
53:cd:4d:fb:34:1e:b8:b4:16:5c:fc:a5:a0:2f:f6:
18:9e:45:7f:f1:75:37:32:6b:a1:42:3b:73:2b:8d:
f6:46:51:63:18:75:9a:61:da:c6:b2:f5:62:14:cf:
2d:9f:af:0e:f6:a7:29:5a:a8:c6:54:d4:83:ea:64:
5a:fb:c7:ec:50:41:0e:9e:a0:99:06:e5:97:c9:29:
41:71:08:83:65:3f:01:1c:8d:65:ef:3a:cc:ac:45:
11:f3:05:42:96:04:bd:bf:c3:a6:fe:9f:14:e3:22:
b5:f0:85:d5:d3:1f:87:1c:2c:62:72:db:48:47:5f:
80:97:6c:15:72:7e:83:2a:52:f1:48:04:22:a9:5f:
b4:6e:b4:80:49:18:7f:a8:50:dd:14:7a:98:6d:67:
79:44:1d:d9:a1:c5:b9:26:43:a7:46:9b:2d:77:a1:
f8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:67:C0:4A:3A:DE:A8:58:90:EE:64:86:FC:26:64:70:D1:7E:E6:52
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/wWfASjreqFiQ7mSG_CZkcNF-5lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.52.0/22
Signature Algorithm: sha256WithRSAEncryption
44:81:21:b2:fd:62:77:5a:1a:15:e7:15:37:b0:61:14:20:af:
8b:a7:e0:3c:0f:13:b7:d5:b9:97:44:bf:6b:a4:27:8c:b4:2d:
55:d0:31:a1:5a:f8:62:aa:2f:c6:db:9f:22:fb:31:f4:9e:3d:
69:bd:ed:e2:49:28:1d:bd:61:90:68:0f:92:6d:55:f0:76:bf:
8d:de:84:be:f5:62:c3:e2:e8:81:25:e5:7d:30:de:8d:da:ed:
0e:09:8c:5a:fd:a8:2d:84:3a:2d:57:22:f9:ed:37:fa:65:d7:
7f:2d:d1:2a:c8:03:f4:2b:2b:98:9a:b0:f4:fc:87:64:76:3c:
76:90:6f:ef:b0:78:c7:95:ba:cf:b6:cb:fd:fe:e0:4a:dd:29:
94:03:20:d0:6a:6c:c2:2f:7c:0f:41:9e:7c:1b:e7:31:01:fd:
0f:24:f9:a1:7b:ed:44:d0:9a:08:97:b4:de:86:ae:05:ea:6c:
7f:b2:99:f0:59:de:cf:ae:eb:48:b7:6b:97:6f:df:51:49:e4:
fc:8f:a6:82:9f:37:c2:a0:14:16:4c:07:a9:28:07:ad:f0:8f:
e0:01:12:21:61:ec:78:68:98:11:21:19:e8:9a:36:a6:7e:f1:
e8:e7:ad:43:88:3f:62:99:6c:05:aa:ec:3f:66:dc:74:65:b2:
33:02:b1:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsu62nBmqF2OXLy0ECorQzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjMxMDE0MTYwMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTY3YzA0YTNhZGVhODU4OTBlZTY0ODZmYzI2NjQ3MGQxN2VlNjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7cBB7iFsECshBsUJosERC6XFXOe
aA93Vxqo+dwk13b1ciDo9h9QFjdUGBOhD7BE4t6L3vC0oUmPQRm/CF5Dp8TBSldL
IG/PEcHvzucVeLSVu0sHzKzjn59TzU37NB64tBZc/KWgL/YYnkV/8XU3MmuhQjtz
K432RlFjGHWaYdrGsvViFM8tn68O9qcpWqjGVNSD6mRa+8fsUEEOnqCZBuWXySlB
cQiDZT8BHI1l7zrMrEUR8wVClgS9v8Om/p8U4yK18IXV0x+HHCxicttIR1+Al2wV
cn6DKlLxSAQiqV+0brSASRh/qFDdFHqYbWd5RB3ZocW5JkOnRpstd6H4VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFnwEo63qhYkO5khvwmZHDRfuZSMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvd1dmQVNqcmVxRmlRN21TR19DWmtjTkYtNWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVY0MA0G
CSqGSIb3DQEBCwUAA4IBAQBEgSGy/WJ3WhoV5xU3sGEUIK+Lp+A8DxO31bmXRL9r
pCeMtC1V0DGhWvhiqi/G258i+zH0nj1pve3iSSgdvWGQaA+SbVXwdr+N3oS+9WLD
4uiBJeV9MN6N2u0OCYxa/agthDotVyL57Tf6Zdd/LdEqyAP0KyuYmrD0/Idkdjx2
kG/vsHjHlbrPtsv9/uBK3SmUAyDQamzCL3wPQZ58G+cxAf0PJPmhe+1E0JoIl7Te
hq4F6mx/spnwWd7PrutIt2uXb99RSeT8j6aCnzfCoBQWTAepKAet8I/gARIhYex4
aJgRIRnomjamfvHo561DiD9imWwFquw/Ztx0ZbIzArFC
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:48 2024 by rpki-client on console-ams.rpki-client.org