Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/PYp1k0WAqGFLU6yWaxuK3WVCvRE.roa
File: PYp1k0WAqGFLU6yWaxuK3WVCvRE.roa (raw, json)
Hash identifier: ycFUTF4/Wnn1oFm5/XnFC5tWQVgnbAJTIs7D2fLCdSE=
Subject key identifier: 3D:8A:75:93:45:80:A8:61:4B:53:AC:96:6B:1B:8A:DD:65:42:BD:11
Certificate issuer: /CN=6d23ce7b0c10068fbc44c021943e339013f2aee0
Certificate serial: 01856D2F501B7D872825E851EA5BFB06AB4E
Authority key identifier: 6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/PYp1k0WAqGFLU6yWaxuK3WVCvRE.roa
Signing time: Sun 01 Jan 2023 11:54:55 +0000
ROA not before: Sun 01 Jan 2023 11:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58291
IP address blocks: 45.11.28.0/22 maxlen: 24
2a0e:5700::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:50:1b:7d:87:28:25:e8:51:ea:5b:fb:06:ab:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d23ce7b0c10068fbc44c021943e339013f2aee0
Validity
Not Before: Jan 1 11:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d8a75934580a8614b53ac966b1b8add6542bd11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e6:90:02:88:44:23:e4:ba:3a:70:10:eb:ff:
c7:72:09:08:7c:94:ff:eb:ec:3a:8e:bf:21:92:d1:
8f:1c:8e:f4:25:3c:45:75:57:02:e4:0a:42:d9:b5:
ce:05:01:e4:e8:ed:44:75:ea:be:15:1d:cd:ff:90:
5e:f7:4e:83:1c:3f:0b:f4:7e:f5:c9:67:a7:d4:88:
9b:47:ac:2a:2f:ff:b0:dc:42:a7:bb:d5:c6:3e:52:
83:ad:27:cb:1e:28:bf:97:47:a6:bc:b0:7d:1f:34:
b2:1a:be:98:13:e6:7f:bb:df:3f:e3:a3:bd:e8:7a:
9d:6b:ed:02:70:dd:e5:0e:31:07:4b:05:79:5d:99:
47:57:56:06:d4:b7:a7:0d:91:86:c4:62:17:10:84:
ce:c3:cb:af:35:73:06:9b:9f:43:74:be:de:0a:e9:
08:03:25:ad:77:7c:69:e2:eb:31:73:dd:7f:54:2c:
65:a5:ff:0c:2f:00:64:96:9d:f4:01:a2:8f:d2:80:
f3:b0:ab:09:fd:ab:16:61:b8:8e:e5:3b:e6:9d:07:
3b:e0:a7:45:aa:62:d2:c2:d9:47:c1:fb:04:af:f3:
23:23:5f:1c:d4:0f:ca:c0:28:82:ea:fa:5f:5e:82:
b5:11:11:a3:f3:57:55:20:1c:80:e6:74:60:98:5b:
82:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:75:93:45:80:A8:61:4B:53:AC:96:6B:1B:8A:DD:65:42:BD:11
X509v3 Authority Key Identifier:
keyid:6D:23:CE:7B:0C:10:06:8F:BC:44:C0:21:94:3E:33:90:13:F2:AE:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSPOewwQBo-8RMAhlD4zkBPyruA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/PYp1k0WAqGFLU6yWaxuK3WVCvRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/66af07-3318-4f4a-89ff-40c5ebc6f736/1/bSPOewwQBo-8RMAhlD4zkBPyruA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.28.0/22
IPv6:
2a0e:5700::/32
Signature Algorithm: sha256WithRSAEncryption
62:fa:e5:70:e8:75:81:ec:e6:46:2e:1d:a6:87:18:e7:6d:04:
8b:48:a5:34:04:16:61:ff:6b:60:f7:80:38:95:7f:bc:be:0c:
cb:e3:36:92:fe:10:68:4d:3e:bb:38:09:fb:58:07:dc:22:0f:
a8:b9:fe:ad:50:5c:9c:ab:4b:dc:cc:d0:41:09:ed:5d:96:84:
21:35:ec:3e:c4:22:77:8d:f8:35:05:a1:bc:d9:c3:97:9b:39:
5a:55:da:0d:e6:6e:11:74:ad:2a:7a:c5:79:89:dc:d2:62:31:
db:05:25:82:4f:51:9b:94:ee:6a:ae:60:9c:55:a0:fc:c6:ed:
aa:b6:a5:65:f6:70:60:f4:83:e9:1c:88:66:17:85:7d:7e:50:
2a:be:56:75:b6:bb:7b:53:8c:fb:1a:1c:2b:b8:08:28:2d:2e:
d1:cc:7a:9c:a2:22:9c:4f:a6:cc:7f:c1:0d:45:c7:d0:fd:fc:
cf:82:ff:9e:2c:cb:96:b1:4d:e1:26:9e:41:0e:9f:70:b6:5b:
d2:a3:73:bd:33:6c:55:f7:70:74:d5:7d:d6:f1:d3:b8:26:83:
07:3a:1d:74:f4:c7:5f:a9:a1:34:b7:9d:07:3f:19:02:a0:61:
4d:4e:5d:40:d1:e6:80:b0:77:2a:c0:82:b9:ee:ba:aa:13:87:
50:89:22:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtL1AbfYcoJehR6lv7BqtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjNjZTdiMGMxMDA2OGZiYzQ0YzAyMTk0M2UzMzkwMTNm
MmFlZTAwHhcNMjMwMTAxMTE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhNzU5MzQ1ODBhODYxNGI1M2FjOTY2YjFiOGFkZDY1NDJiZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheaQAohEI+S6OnAQ6//HcgkIfJT/
6+w6jr8hktGPHI70JTxFdVcC5ApC2bXOBQHk6O1Edeq+FR3N/5Be906DHD8L9H71
yWen1IibR6wqL/+w3EKnu9XGPlKDrSfLHii/l0emvLB9HzSyGr6YE+Z/u98/46O9
6Hqda+0CcN3lDjEHSwV5XZlHV1YG1LenDZGGxGIXEITOw8uvNXMGm59DdL7eCukI
AyWtd3xp4usxc91/VCxlpf8MLwBklp30AaKP0oDzsKsJ/asWYbiO5TvmnQc74KdF
qmLSwtlHwfsEr/MjI18c1A/KwCiC6vpfXoK1ERGj81dVIByA5nRgmFuCmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD2KdZNFgKhhS1Oslmsbit1lQr0RMB8GA1UdIwQY
MBaAFG0jznsMEAaPvETAIZQ+M5AT8q7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYt
NDBjNWViYzZmNzM2LzEvUFlwMWswV0FxR0ZMVTZ5V2F4dUszV1ZDdlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82NmFmMDctMzMxOC00ZjRhLTg5ZmYtNDBjNWViYzZmNzM2
LzEvYlNQT2V3d1FCby04Uk1BaGxENHprQlB5cnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQscMA0E
AgACMAcDBQAqDlcAMA0GCSqGSIb3DQEBCwUAA4IBAQBi+uVw6HWB7OZGLh2mhxjn
bQSLSKU0BBZh/2tg94A4lX+8vgzL4zaS/hBoTT67OAn7WAfcIg+ouf6tUFycq0vc
zNBBCe1dloQhNew+xCJ3jfg1BaG82cOXmzlaVdoN5m4RdK0qesV5idzSYjHbBSWC
T1GblO5qrmCcVaD8xu2qtqVl9nBg9IPpHIhmF4V9flAqvlZ1trt7U4z7GhwruAgo
LS7RzHqcoiKcT6bMf8ENRcfQ/fzPgv+eLMuWsU3hJp5BDp9wtlvSo3O9M2xV93B0
1X3W8dO4JoMHOh109MdfqaE0t50HPxkCoGFNTl1A0eaAsHcqwIK57rqqE4dQiSJ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:55 2024 by rpki-client on console-fra.rpki-client.org