Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/fhDehnd83YKAr2qDUnllWNP8tGY.roa
File: fhDehnd83YKAr2qDUnllWNP8tGY.roa (raw, json)
Hash identifier: oCjuuB51sRverdJjaNLMCME+kmGv73NyoURdh/9Vcd0=
Subject key identifier: 7E:10:DE:86:77:7C:DD:82:80:AF:6A:83:52:79:65:58:D3:FC:B4:66
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01856F42CB2E9A863C1536AD37D47AD32976
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/fhDehnd83YKAr2qDUnllWNP8tGY.roa
Signing time: Sun 01 Jan 2023 21:35:26 +0000
ROA not before: Sun 01 Jan 2023 21:35:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197731
IP address blocks: 45.91.118.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:cb:2e:9a:86:3c:15:36:ad:37:d4:7a:d3:29:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 21:35:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e10de86777cdd8280af6a8352796558d3fcb466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9b:51:4e:76:60:d4:98:22:79:3f:84:29:83:
1f:ac:61:cc:73:b7:fe:1a:a3:4a:e1:36:3a:a4:e3:
50:b7:cb:6a:0f:b8:43:4b:2a:a3:49:7e:ec:a2:81:
d1:57:81:e2:4d:ad:6e:a7:d2:b0:ac:b8:3a:da:0b:
8b:07:35:ee:e4:a1:6c:a9:d4:37:b5:57:62:e8:39:
9d:17:a6:48:55:83:84:4c:de:48:fa:fd:75:f5:64:
ca:f3:bc:32:02:66:fd:7d:5b:89:f9:e8:47:a6:a0:
c4:04:60:a7:80:36:3d:75:6d:87:fe:32:1b:d4:84:
c1:b3:eb:bf:d1:ba:a4:f0:f0:5c:6d:5b:74:75:91:
91:1c:5c:8f:ec:57:af:ea:4d:8f:b9:94:0f:4c:32:
db:bf:93:50:5f:2b:8a:95:99:ff:b0:dc:21:a5:32:
22:e9:20:ab:28:0f:5f:c9:e8:8d:f2:25:6e:20:9f:
40:3c:08:65:04:b0:db:53:cd:42:08:5a:9d:db:f0:
7b:f9:4f:fd:18:64:d2:49:8c:1c:0e:89:69:d0:6f:
4a:2f:72:fe:f0:2d:73:fd:7b:42:c1:02:8e:18:80:
3d:98:12:46:c8:81:3e:11:ac:1b:d7:74:12:e9:ab:
0d:fe:7e:90:d4:f0:ab:02:1e:d9:c3:33:05:3f:59:
6b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:10:DE:86:77:7C:DD:82:80:AF:6A:83:52:79:65:58:D3:FC:B4:66
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/fhDehnd83YKAr2qDUnllWNP8tGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.118.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:64:b2:71:cd:50:12:a3:dc:1a:51:e3:a0:93:a6:aa:a6:6a:
5e:1e:bf:0d:7a:7c:2c:81:fd:ba:e2:9d:b3:c3:4b:8d:6f:bb:
b8:b5:0c:90:d2:46:33:b4:84:38:94:64:fa:96:9d:7c:81:48:
fa:50:4b:18:68:6d:9c:ac:0d:85:5f:70:a7:f8:a0:61:6f:57:
1f:b3:2f:51:7d:ef:50:e7:7e:94:03:0c:54:75:bf:52:d8:05:
da:18:d3:d1:f6:5d:62:1e:1c:fe:53:5a:72:48:6b:f6:23:21:
51:0c:2d:c0:f9:fe:eb:65:66:89:1f:0c:bf:6b:4b:88:8a:73:
52:a1:63:c6:73:38:85:59:83:e1:34:23:a5:4c:12:d3:56:f7:
ab:c6:d2:bc:4c:1e:e2:11:9b:cc:c0:7c:78:8f:e8:17:f6:d7:
d8:d6:67:d1:44:07:c8:d6:9d:7a:da:64:88:99:89:5a:02:e9:
d2:bc:24:26:a2:ef:28:ae:27:0b:23:3d:73:76:f4:88:81:16:
59:cb:0e:9b:44:06:fb:9a:03:f9:c3:af:b0:b1:7e:85:b0:64:
a6:a8:0e:88:76:c6:90:8c:f9:6f:c7:1b:e9:e1:6b:d5:60:dc:
ca:e3:ea:b3:df:6d:d8:8f:f6:17:64:c1:f4:90:a8:14:18:fe:
29:fe:f4:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQssumoY8FTatN9R60yl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMwMTAxMjEzNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTEwZGU4Njc3N2NkZDgyODBhZjZhODM1Mjc5NjU1OGQzZmNiNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoptRTnZg1JgieT+EKYMfrGHMc7f+
GqNK4TY6pONQt8tqD7hDSyqjSX7sooHRV4HiTa1up9KwrLg62guLBzXu5KFsqdQ3
tVdi6DmdF6ZIVYOETN5I+v119WTK87wyAmb9fVuJ+ehHpqDEBGCngDY9dW2H/jIb
1ITBs+u/0bqk8PBcbVt0dZGRHFyP7Fev6k2PuZQPTDLbv5NQXyuKlZn/sNwhpTIi
6SCrKA9fyeiN8iVuIJ9APAhlBLDbU81CCFqd2/B7+U/9GGTSSYwcDolp0G9KL3L+
8C1z/XtCwQKOGIA9mBJGyIE+Eawb13QS6asN/n6Q1PCrAh7ZwzMFP1lrmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4Q3oZ3fN2CgK9qg1J5ZVjT/LRmMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvZmhEZWhuZDgzWUtBcjJxRFVubGxXTlA4dEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVt2MA0G
CSqGSIb3DQEBCwUAA4IBAQAtZLJxzVASo9waUeOgk6aqpmpeHr8Nenwsgf264p2z
w0uNb7u4tQyQ0kYztIQ4lGT6lp18gUj6UEsYaG2crA2FX3Cn+KBhb1cfsy9Rfe9Q
536UAwxUdb9S2AXaGNPR9l1iHhz+U1pySGv2IyFRDC3A+f7rZWaJHwy/a0uIinNS
oWPGcziFWYPhNCOlTBLTVverxtK8TB7iEZvMwHx4j+gX9tfY1mfRRAfI1p162mSI
mYlaAunSvCQmou8oricLIz1zdvSIgRZZyw6bRAb7mgP5w6+wsX6FsGSmqA6IdsaQ
jPlvxxvp4WvVYNzK4+qz323Yj/YXZMH0kKgUGP4p/vSF
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:44 2024 by rpki-client on console-fra.rpki-client.org