Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/sDNnYkGivUVdYqLY8jv-Lcxe500.roa
File: sDNnYkGivUVdYqLY8jv-Lcxe500.roa (raw, json)
Hash identifier: xlriWn6MJkEuKTPZt1CLsKsbO5giOPz8uSa+4qwmxJw=
Subject key identifier: B0:33:67:62:41:A2:BD:45:5D:62:A2:D8:F2:3B:FE:2D:CC:5E:E7:4D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0185725EB897DCDF22001145D47C1B9B23FF
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/sDNnYkGivUVdYqLY8jv-Lcxe500.roa
Signing time: Mon 02 Jan 2023 12:04:48 +0000
ROA not before: Mon 02 Jan 2023 12:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11426
IP address blocks: 104.249.56.0/22 maxlen: 22
45.43.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 28 Apr 2023 09:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:5e:b8:97:dc:df:22:00:11:45:d4:7c:1b:9b:23:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 12:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b033676241a2bd455d62a2d8f23bfe2dcc5ee74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:de:d8:31:e6:4b:92:01:7b:4b:6d:72:1e:
f7:db:61:e0:bb:35:ff:97:77:54:29:87:a3:8d:cf:
bd:67:df:48:c3:44:dd:e7:03:8b:84:88:04:3f:20:
09:1a:cd:4d:e2:ad:85:e3:55:88:fc:3a:56:34:20:
1d:2f:08:30:1f:46:31:7b:b2:d0:e2:28:88:8b:ad:
5c:1e:d0:aa:10:43:ea:53:ba:97:0d:e4:5a:78:fd:
bb:51:19:f2:c0:ed:51:01:f6:b9:92:79:82:11:57:
d3:15:3b:5d:1f:c0:ff:86:3e:72:68:db:92:4c:ee:
15:57:a3:a9:ae:de:45:47:2d:f7:96:6a:a1:89:85:
dd:8c:37:68:20:c1:58:4a:cb:f9:04:17:3d:66:41:
53:ab:46:ca:11:b4:83:81:01:fd:77:25:62:e8:4b:
34:d6:77:e9:62:2f:94:ed:5a:af:1f:3f:72:c1:ae:
e2:59:50:ab:d3:29:5a:7a:91:61:ac:ca:5d:dc:23:
bd:4d:a8:93:2b:6b:71:45:49:3a:90:a2:da:fa:76:
ef:ed:9b:c7:2b:d8:8c:bb:77:cd:b4:4a:00:5a:0d:
c3:4d:99:3e:f0:72:75:b8:67:a7:8b:65:06:b4:4a:
51:ae:a0:6e:5f:06:09:07:1e:ed:0d:39:ce:8a:61:
a9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:33:67:62:41:A2:BD:45:5D:62:A2:D8:F2:3B:FE:2D:CC:5E:E7:4D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/sDNnYkGivUVdYqLY8jv-Lcxe500.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.132.0/22
104.249.56.0/22
Signature Algorithm: sha256WithRSAEncryption
56:86:91:61:22:3d:59:ee:aa:53:3d:2d:11:ee:bd:cc:24:bc:
0c:0b:c7:4a:05:de:19:7b:a7:6b:63:b9:19:50:5d:8d:09:c0:
41:e5:5a:ac:fc:35:7f:bb:fa:04:34:ee:68:09:9a:b9:c2:f9:
f4:cc:f4:4c:0c:f1:46:72:78:44:f3:99:57:52:76:9b:6b:d7:
6a:bc:5c:79:80:e5:38:f0:2c:bd:53:a5:86:28:13:a3:df:b2:
92:8b:32:8d:33:8a:22:18:d9:5a:67:e6:d8:7d:96:78:f8:ae:
93:77:79:b3:e2:f3:8a:90:61:24:b8:4b:f4:0e:a0:a1:e0:fe:
3b:a1:d3:70:31:57:a6:0a:3d:7a:0b:d5:b5:e4:8c:cf:f0:d9:
71:0e:e5:95:9e:04:0e:4b:90:b1:19:81:c7:f8:e7:89:7d:e4:
9c:9a:5a:c3:be:60:a3:e9:e9:0d:48:b5:cf:6c:fc:0f:13:05:
68:00:28:fe:8d:87:87:81:02:7a:22:40:9c:44:95:b2:8d:41:
28:6f:c6:fd:fc:28:01:5a:d5:18:fd:ad:64:95:0b:34:6b:0b:
31:cc:0e:78:37:24:f2:a0:06:5d:91:6f:41:d4:4d:e2:b5:f9:
e3:42:e3:ee:df:ed:32:8b:f2:08:c2:79:fa:7c:a8:ad:0f:b9:
16:5e:b1:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyXriX3N8iABFF1HwbmyP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjMwMTAyMTIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDMzNjc2MjQxYTJiZDQ1NWQ2MmEyZDhmMjNiZmUyZGNjNWVlNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZTe2DHmS5IBe0ttch7322HguzX/
l3dUKYejjc+9Z99Iw0Td5wOLhIgEPyAJGs1N4q2F41WI/DpWNCAdLwgwH0Yxe7LQ
4iiIi61cHtCqEEPqU7qXDeRaeP27URnywO1RAfa5knmCEVfTFTtdH8D/hj5yaNuS
TO4VV6Oprt5FRy33lmqhiYXdjDdoIMFYSsv5BBc9ZkFTq0bKEbSDgQH9dyVi6Es0
1nfpYi+U7VqvHz9ywa7iWVCr0ylaepFhrMpd3CO9TaiTK2txRUk6kKLa+nbv7ZvH
K9iMu3fNtEoAWg3DTZk+8HJ1uGeni2UGtEpRrqBuXwYJBx7tDTnOimGpdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLAzZ2JBor1FXWKi2PI7/i3MXudNMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvc0RObllrR2l2VVZkWXFMWThqdi1MY3hlNTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLSuEAwQC
aPk4MA0GCSqGSIb3DQEBCwUAA4IBAQBWhpFhIj1Z7qpTPS0R7r3MJLwMC8dKBd4Z
e6drY7kZUF2NCcBB5Vqs/DV/u/oENO5oCZq5wvn0zPRMDPFGcnhE85lXUnaba9dq
vFx5gOU48Cy9U6WGKBOj37KSizKNM4oiGNlaZ+bYfZZ4+K6Td3mz4vOKkGEkuEv0
DqCh4P47odNwMVemCj16C9W15IzP8NlxDuWVngQOS5CxGYHH+OeJfeScmlrDvmCj
6ekNSLXPbPwPEwVoACj+jYeHgQJ6IkCcRJWyjUEob8b9/CgBWtUY/a1klQs0awsx
zA54NyTyoAZdkW9B1E3itfnjQuPu3+0yi/IIwnn6fKitD7kWXrFM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org