Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/VHiLfYDjLDFsoLVYeSzHDHsBVwc.roa
File: VHiLfYDjLDFsoLVYeSzHDHsBVwc.roa (raw, json)
Hash identifier: feNY62Gm3kRGXGFEc4Df1omt4Au+jlbY/L4ZbLwfsWM=
Subject key identifier: 54:78:8B:7D:80:E3:2C:31:6C:A0:B5:58:79:2C:C7:0C:7B:01:57:07
Certificate issuer: /CN=509df728d1b46634054972d2945fda58073b5762
Certificate serial: 01856F54A4ABD3120A0CEA97B7E273AFEE5C
Authority key identifier: 50:9D:F7:28:D1:B4:66:34:05:49:72:D2:94:5F:DA:58:07:3B:57:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ33KNG0ZjQFSXLSlF_aWAc7V2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/VHiLfYDjLDFsoLVYeSzHDHsBVwc.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208972
IP address blocks: 45.12.55.0/24 maxlen: 24
45.12.54.0/24 maxlen: 24
2a0a:4944::/30 maxlen: 48
2a0a:4940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a4:ab:d3:12:0a:0c:ea:97:b7:e2:73:af:ee:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509df728d1b46634054972d2945fda58073b5762
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54788b7d80e32c316ca0b558792cc70c7b015707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cb:9a:a7:28:84:14:ca:19:b1:5c:80:fb:df:
70:8c:ac:7d:59:b8:39:cd:86:9a:51:28:3e:80:7e:
df:2e:4b:6d:30:3c:cf:ac:90:c5:d7:dc:d4:bd:f7:
46:a9:61:69:4f:a8:8d:43:1b:94:42:7a:79:7c:cd:
42:a0:03:a9:6f:1d:e5:95:a5:9f:88:49:e4:77:fc:
b7:e6:77:85:e8:2a:a3:f9:1e:29:b4:ca:f9:75:9a:
47:0d:9e:77:7a:fc:4f:5d:c6:23:5b:ce:49:a5:62:
74:ff:b9:15:6d:ab:af:63:36:18:73:6f:18:1b:1c:
df:0a:29:93:5c:ea:30:c5:e8:eb:af:8b:21:52:3f:
bb:07:29:a5:f7:c0:fa:41:6d:a8:bf:72:c9:df:de:
19:1a:ee:22:c3:fb:e0:67:a9:d0:04:16:2c:66:c7:
c0:bb:6b:96:1f:54:67:c6:32:bc:61:29:a3:f6:12:
ca:af:67:c4:4b:fb:ff:ba:34:67:d5:4a:a4:73:09:
4d:98:7c:6c:f7:22:9d:fa:98:c5:bb:5f:c7:59:a7:
e2:62:5a:b0:24:e9:2a:0e:04:c3:6d:0c:3c:85:0a:
2d:d2:79:d9:3e:b9:7d:b7:8f:0e:31:32:74:57:78:
b1:aa:04:df:d3:6a:b5:a6:05:67:35:2f:1d:29:b1:
1c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:78:8B:7D:80:E3:2C:31:6C:A0:B5:58:79:2C:C7:0C:7B:01:57:07
X509v3 Authority Key Identifier:
keyid:50:9D:F7:28:D1:B4:66:34:05:49:72:D2:94:5F:DA:58:07:3B:57:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ33KNG0ZjQFSXLSlF_aWAc7V2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/VHiLfYDjLDFsoLVYeSzHDHsBVwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/acfcb6-d78a-448a-a761-dd3b4f8381c4/1/UJ33KNG0ZjQFSXLSlF_aWAc7V2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.54.0/23
IPv6:
2a0a:4940::/29
Signature Algorithm: sha256WithRSAEncryption
45:1e:cd:c8:2f:ea:e8:6d:8b:cd:e2:43:17:c8:58:ee:bd:1b:
f4:6e:03:f2:59:ff:33:ce:fb:71:d2:5a:28:cf:0a:b3:41:90:
73:cf:38:1d:c4:8d:a7:02:df:2b:29:ee:41:7f:3a:e5:94:34:
45:37:bf:db:ad:c7:d2:b7:f8:9d:f7:02:2d:3e:94:40:37:db:
b7:f7:25:11:82:c1:19:ac:27:a2:07:96:5d:25:83:27:62:13:
47:b7:97:90:bd:53:e7:0e:bd:80:d4:6e:83:9c:db:23:af:dd:
f7:34:b0:86:50:6d:49:b3:6e:43:a6:de:01:f2:c9:61:68:a9:
94:4a:0d:91:04:ec:fb:72:32:12:3d:15:31:ca:85:8e:dc:cb:
4d:a0:23:b2:29:e4:94:ac:1e:d4:d0:f0:70:09:05:88:47:77:
9c:88:d3:8d:21:6d:b9:bc:2f:fb:e8:ff:09:5f:52:3a:e2:fd:
30:43:5a:61:94:24:00:f3:1a:0e:8c:cd:a5:f4:be:bf:7a:06:
86:99:7d:c8:2e:a0:65:91:74:75:92:07:3a:16:60:45:19:a9:
6d:0e:f4:50:4f:af:7e:6f:ad:c1:4e:3e:e6:db:cf:47:18:d9:
75:48:6b:9a:1a:cd:e9:aa:28:57:cc:38:4c:5e:5d:47:6c:02:
23:bf:0e:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvVKSr0xIKDOqXt+Jzr+5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWRmNzI4ZDFiNDY2MzQwNTQ5NzJkMjk0NWZkYTU4MDcz
YjU3NjIwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDc4OGI3ZDgwZTMyYzMxNmNhMGI1NTg3OTJjYzcwYzdiMDE1NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcuapyiEFMoZsVyA+99wjKx9Wbg5
zYaaUSg+gH7fLkttMDzPrJDF19zUvfdGqWFpT6iNQxuUQnp5fM1CoAOpbx3llaWf
iEnkd/y35neF6Cqj+R4ptMr5dZpHDZ53evxPXcYjW85JpWJ0/7kVbauvYzYYc28Y
GxzfCimTXOowxejrr4shUj+7Byml98D6QW2ov3LJ394ZGu4iw/vgZ6nQBBYsZsfA
u2uWH1RnxjK8YSmj9hLKr2fES/v/ujRn1UqkcwlNmHxs9yKd+pjFu1/HWafiYlqw
JOkqDgTDbQw8hQot0nnZPrl9t48OMTJ0V3ixqgTf02q1pgVnNS8dKbEcsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFR4i32A4ywxbKC1WHksxwx7AVcHMB8GA1UdIwQY
MBaAFFCd9yjRtGY0BUly0pRf2lgHO1diMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUozM0tORzBaalFGU1hMU2xGX2FXQWM3VjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9hY2ZjYjYtZDc4YS00NDhhLWE3NjEt
ZGQzYjRmODM4MWM0LzEvVkhpTGZZRGpMREZzb0xWWWVTekhESHNCVndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9hY2ZjYjYtZDc4YS00NDhhLWE3NjEtZGQzYjRmODM4MWM0
LzEvVUozM0tORzBaalFGU1hMU2xGX2FXQWM3VjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLQw2MA0E
AgACMAcDBQMqCklAMA0GCSqGSIb3DQEBCwUAA4IBAQBFHs3IL+robYvN4kMXyFju
vRv0bgPyWf8zzvtx0loozwqzQZBzzzgdxI2nAt8rKe5BfzrllDRFN7/brcfSt/id
9wItPpRAN9u39yURgsEZrCeiB5ZdJYMnYhNHt5eQvVPnDr2A1G6DnNsjr933NLCG
UG1Js25Dpt4B8slhaKmUSg2RBOz7cjISPRUxyoWO3MtNoCOyKeSUrB7U0PBwCQWI
R3eciNONIW25vC/76P8JX1I64v0wQ1phlCQA8xoOjM2l9L6/egaGmX3ILqBlkXR1
kgc6FmBFGaltDvRQT69+b63BTj7m289HGNl1SGuaGs3pqihXzDhMXl1HbAIjvw6v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org