Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/19ddad-c458-441e-984e-573f17d2aef3/1/itZRlYAD5zCm6O2ZnWwdEMRYyV0.roa
File: itZRlYAD5zCm6O2ZnWwdEMRYyV0.roa (raw, json)
Hash identifier: x9seLlXH5V3QReVeAEF4XI2Q3lPGTVPsmR4VP7IwSZ0=
Subject key identifier: 8A:D6:51:95:80:03:E7:30:A6:E8:ED:99:9D:6C:1D:10:C4:58:C9:5D
Certificate issuer: /CN=b4cd96b27e8843504bb5bd55c329ec02db9f0ffd
Certificate serial: 018572C36CDCDA239350187755CF4CD08907
Authority key identifier: B4:CD:96:B2:7E:88:43:50:4B:B5:BD:55:C3:29:EC:02:DB:9F:0F:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tM2Wsn6IQ1BLtb1VwynsAtufD_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/19ddad-c458-441e-984e-573f17d2aef3/1/itZRlYAD5zCm6O2ZnWwdEMRYyV0.roa
Signing time: Mon 02 Jan 2023 13:54:48 +0000
ROA not before: Mon 02 Jan 2023 13:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50629
IP address blocks: 45.157.236.0/22 maxlen: 22
2a0f:4e80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:6c:dc:da:23:93:50:18:77:55:cf:4c:d0:89:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4cd96b27e8843504bb5bd55c329ec02db9f0ffd
Validity
Not Before: Jan 2 13:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ad651958003e730a6e8ed999d6c1d10c458c95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9a:e4:da:2c:ff:84:b6:63:61:8d:7f:c4:ba:
d6:fd:e4:c8:85:e3:69:d2:06:09:9f:39:1b:98:e9:
c4:53:ce:8f:bf:0c:89:65:f7:58:b9:45:d4:c9:f2:
92:23:00:8c:ad:f3:43:06:78:a7:d9:19:bb:df:ed:
8b:e0:a0:5e:d4:d3:a4:13:5a:68:4a:68:ed:8d:51:
57:ca:2b:00:a1:1f:70:68:ab:00:8d:26:1f:6d:1a:
51:26:c3:22:09:81:33:6d:00:80:24:28:3e:ae:e7:
f4:49:ee:67:fb:7f:44:a2:e3:bf:f0:44:17:26:36:
3e:d5:0b:2d:94:bf:3d:f6:31:99:6c:92:a0:55:31:
5e:14:9b:7d:9f:0c:2a:f5:cf:65:43:b6:b3:fa:2a:
82:ff:14:1a:3d:dc:30:f4:33:eb:b0:3a:15:ae:a0:
4f:d3:9e:71:31:ce:f6:e2:63:b8:59:c5:d0:34:ea:
75:59:b2:e9:07:eb:2a:9a:8a:5d:bb:b4:20:9f:0c:
52:25:5e:5f:a2:66:e1:ff:3c:b0:68:1b:9e:a5:f2:
91:e9:db:5c:36:8f:c3:fc:72:d3:fa:22:b0:7d:00:
f2:2d:6d:d7:a5:f1:fc:08:f2:89:c0:99:99:8d:25:
14:2d:80:dd:98:4d:5c:50:90:b0:e8:aa:2f:7c:01:
d5:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D6:51:95:80:03:E7:30:A6:E8:ED:99:9D:6C:1D:10:C4:58:C9:5D
X509v3 Authority Key Identifier:
keyid:B4:CD:96:B2:7E:88:43:50:4B:B5:BD:55:C3:29:EC:02:DB:9F:0F:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tM2Wsn6IQ1BLtb1VwynsAtufD_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/19ddad-c458-441e-984e-573f17d2aef3/1/itZRlYAD5zCm6O2ZnWwdEMRYyV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/19ddad-c458-441e-984e-573f17d2aef3/1/tM2Wsn6IQ1BLtb1VwynsAtufD_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.236.0/22
IPv6:
2a0f:4e80::/29
Signature Algorithm: sha256WithRSAEncryption
34:99:6f:c2:6a:86:e6:97:9d:76:97:44:ca:f9:19:fb:cc:64:
4b:95:3d:bb:3f:fd:2b:d3:42:06:0a:c9:cc:5a:99:ea:64:ed:
88:3b:01:2a:c1:64:14:e3:e2:3e:27:33:74:62:56:09:59:3b:
0f:90:ab:db:c0:df:89:b8:f8:a3:54:b1:49:e1:b1:d7:0d:8e:
80:9a:69:a8:9c:7a:94:04:ba:60:b9:36:8e:c9:15:14:05:ef:
26:a0:9d:d9:79:af:b2:9e:db:25:0b:fe:37:9a:bc:67:a5:17:
ce:e4:ad:4d:e4:9a:fd:cf:0e:74:19:cf:6f:a7:dc:c4:40:a6:
13:48:aa:33:6d:ae:c8:76:61:8e:b2:65:ef:49:9a:d6:57:3d:
ac:45:ce:d7:41:08:b9:09:97:1b:6a:14:70:2b:33:85:43:c1:
c5:37:7f:ae:6e:c5:5d:4d:ef:aa:8c:4e:95:6c:25:ce:ee:0e:
f0:91:27:5e:1b:71:60:9d:c7:60:78:0a:e2:91:f3:b5:6a:08:
51:e0:b9:2e:67:cb:bf:b2:42:fa:3a:90:a3:b8:cd:14:72:b0:
75:52:0d:f0:ff:34:1b:51:12:cd:dc:a8:62:b3:78:27:70:1e:
dc:85:35:b0:2d:b4:5c:85:cd:42:21:d7:79:7f:7c:29:4c:39:
a7:8f:bc:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyw2zc2iOTUBh3Vc9M0IkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Y2Q5NmIyN2U4ODQzNTA0YmI1YmQ1NWMzMjllYzAyZGI5
ZjBmZmQwHhcNMjMwMTAyMTM1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ2NTE5NTgwMDNlNzMwYTZlOGVkOTk5ZDZjMWQxMGM0NThjOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZrk2iz/hLZjYY1/xLrW/eTIheNp
0gYJnzkbmOnEU86PvwyJZfdYuUXUyfKSIwCMrfNDBnin2Rm73+2L4KBe1NOkE1po
SmjtjVFXyisAoR9waKsAjSYfbRpRJsMiCYEzbQCAJCg+ruf0Se5n+39EouO/8EQX
JjY+1QstlL899jGZbJKgVTFeFJt9nwwq9c9lQ7az+iqC/xQaPdww9DPrsDoVrqBP
055xMc724mO4WcXQNOp1WbLpB+sqmopdu7QgnwxSJV5fombh/zywaBuepfKR6dtc
No/D/HLT+iKwfQDyLW3XpfH8CPKJwJmZjSUULYDdmE1cUJCw6KovfAHVywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIrWUZWAA+cwpujtmZ1sHRDEWMldMB8GA1UdIwQY
MBaAFLTNlrJ+iENQS7W9VcMp7ALbnw/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE0yV3NuNklRMUJMdGIxVnd5bnNBdHVmRF8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8xOWRkYWQtYzQ1OC00NDFlLTk4NGUt
NTczZjE3ZDJhZWYzLzEvaXRaUmxZQUQ1ekNtNk8yWm5Xd2RFTVJZeVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8xOWRkYWQtYzQ1OC00NDFlLTk4NGUtNTczZjE3ZDJhZWYz
LzEvdE0yV3NuNklRMUJMdGIxVnd5bnNBdHVmRF8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ3sMA0E
AgACMAcDBQMqD06AMA0GCSqGSIb3DQEBCwUAA4IBAQA0mW/Caobml512l0TK+Rn7
zGRLlT27P/0r00IGCsnMWpnqZO2IOwEqwWQU4+I+JzN0YlYJWTsPkKvbwN+JuPij
VLFJ4bHXDY6AmmmonHqUBLpguTaOyRUUBe8moJ3Zea+yntslC/43mrxnpRfO5K1N
5Jr9zw50Gc9vp9zEQKYTSKozba7IdmGOsmXvSZrWVz2sRc7XQQi5CZcbahRwKzOF
Q8HFN3+ubsVdTe+qjE6VbCXO7g7wkSdeG3FgncdgeArikfO1aghR4LkuZ8u/skL6
OpCjuM0UcrB1Ug3w/zQbURLN3Khis3gncB7chTWwLbRchc1CIdd5f3wpTDmnj7wk
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:48 2024 by rpki-client on console-fra.rpki-client.org