Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/1-VuL06w3-uBKxV8U-V9APLrqG1A.roa
File: 1-VuL06w3-uBKxV8U-V9APLrqG1A.roa (raw, json)
Hash identifier: cCh8VhSbeEOBauCiTmAdanMFrq3BQICzW8awE5yeFcU=
Subject key identifier: F9:5B:8B:D3:AC:37:FA:E0:4A:C5:5F:14:F9:5F:40:3C:BA:EA:1B:50
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 0185706735F180CED212E08116A6938CFCD7
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/1-VuL06w3-uBKxV8U-V9APLrqG1A.roa
Signing time: Mon 02 Jan 2023 02:54:50 +0000
ROA not before: Mon 02 Jan 2023 02:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.99.0/24 maxlen: 24
2a10:ba00:bee4::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee5::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:35:f1:80:ce:d2:12:e0:81:16:a6:93:8c:fc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Jan 2 02:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f95b8bd3ac37fae04ac55f14f95f403cbaea1b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:eb:b6:4a:90:3d:48:c7:a3:a5:73:b3:21:c0:
14:d5:dc:30:26:ca:23:72:9f:91:c4:fd:c4:26:95:
eb:3e:cb:32:2f:b8:5e:20:72:44:b7:7e:15:6a:09:
46:a5:b6:dd:72:0c:2d:2c:6e:9f:20:92:28:5a:78:
78:4e:a2:fd:7b:0d:c9:bf:69:f6:0e:c8:22:9d:c2:
af:b0:b7:47:10:41:33:d4:16:d4:4e:ac:1a:bf:b1:
50:02:b0:71:6a:67:36:d2:0b:ee:29:fe:42:bd:37:
db:90:73:bb:e9:39:dc:77:59:e0:87:1d:b4:c3:3a:
00:da:67:52:0e:54:f7:94:c7:50:3e:bb:79:e5:22:
60:00:cf:78:d2:41:c7:02:3d:ca:ed:ba:f8:c1:98:
68:c4:99:4b:44:a5:86:d6:6f:34:db:26:76:f1:2d:
90:6f:b2:47:7d:e1:33:81:16:d9:11:49:46:37:a8:
ee:07:1f:2f:29:54:ca:fc:cf:53:38:eb:8a:b9:47:
f0:91:a2:6d:0e:fb:5b:18:ee:1d:c1:b6:82:9c:d4:
f6:97:a7:ce:20:47:0b:af:96:ea:0b:fc:af:1e:da:
63:ad:5d:2c:89:6f:a8:d4:bf:4d:69:02:de:a2:d0:
58:df:1f:29:0f:0f:bf:ad:0d:0d:59:24:da:6a:e3:
ad:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:5B:8B:D3:AC:37:FA:E0:4A:C5:5F:14:F9:5F:40:3C:BA:EA:1B:50
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/1-VuL06w3-uBKxV8U-V9APLrqG1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.99.0/24
IPv6:
2a10:ba00:bee0::-2a10:ba00:bee5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:27:f2:e1:ac:1a:e9:fe:ae:ee:3a:f4:d8:05:e8:a5:99:a4:
d5:65:6e:6e:1a:64:7f:3d:c0:91:8e:3d:b7:4e:ea:81:26:c7:
b9:b1:f6:69:27:cb:32:bb:3d:85:23:57:e6:39:72:27:ca:25:
31:22:ec:cf:48:e7:af:5c:24:ce:ce:d5:df:30:5c:79:db:26:
a3:f6:fd:44:8b:4e:3a:25:7d:aa:38:a5:9e:b5:a9:6e:6d:1a:
77:2e:9c:c4:42:35:da:a6:8c:47:be:9c:a1:71:35:a0:96:f5:
2d:8d:8d:cb:ad:c0:e4:bb:52:16:6d:75:ca:8c:fe:0f:c1:d4:
2f:b9:94:50:7c:15:c5:49:9a:ba:53:94:cc:95:70:68:6c:8c:
38:04:6f:97:21:84:49:19:1a:8b:f6:84:21:25:16:d0:fd:f6:
74:6b:61:d8:76:22:12:b2:32:3c:c0:9a:f6:0e:7f:f0:b5:79:
13:b8:68:4e:55:0d:7b:61:98:b3:89:15:84:9c:1c:8b:59:17:
3d:98:88:c2:37:bd:2e:69:ce:41:a0:0a:4b:4a:55:aa:ff:8b:
08:6e:3f:62:64:66:d9:eb:89:6c:e1:3e:98:dd:40:88:8a:31:
19:87:94:f0:49:fa:9d:84:af:77:e4:cc:a1:db:e3:24:37:b6:
46:0f:65:71
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVwZzXxgM7SEuCBFqaTjPzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjMwMTAyMDI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTViOGJkM2FjMzdmYWUwNGFjNTVmMTRmOTVmNDAzY2JhZWExYjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOu2SpA9SMejpXOzIcAU1dwwJsoj
cp+RxP3EJpXrPssyL7heIHJEt34VaglGpbbdcgwtLG6fIJIoWnh4TqL9ew3Jv2n2
DsgincKvsLdHEEEz1BbUTqwav7FQArBxamc20gvuKf5CvTfbkHO76Tncd1nghx20
wzoA2mdSDlT3lMdQPrt55SJgAM940kHHAj3K7br4wZhoxJlLRKWG1m802yZ28S2Q
b7JHfeEzgRbZEUlGN6juBx8vKVTK/M9TOOuKuUfwkaJtDvtbGO4dwbaCnNT2l6fO
IEcLr5bqC/yvHtpjrV0siW+o1L9NaQLeotBY3x8pDw+/rQ0NWSTaauOtKQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPlbi9OsN/rgSsVfFPlfQDy66htQMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvMS1WdUwwNnczLXVCS3hWOFUtVjlBUExycUcxQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjQvMTYzNmY4LTUwMjYtNDA0ZS1hMWFlLTI1MDk3NDNhZDI5
ZS8xL1E5X0FaczU4MC1PQ1YwcG9abmx6c0xSbzN6dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAC2bYzAa
BAIAAjAUMBIDBwUqELoAvuADBwEqELoAvuQwDQYJKoZIhvcNAQELBQADggEBAAcn
8uGsGun+ru469NgF6KWZpNVlbm4aZH89wJGOPbdO6oEmx7mx9mknyzK7PYUjV+Y5
cifKJTEi7M9I569cJM7O1d8wXHnbJqP2/USLTjolfao4pZ61qW5tGncunMRCNdqm
jEe+nKFxNaCW9S2NjcutwOS7UhZtdcqM/g/B1C+5lFB8FcVJmrpTlMyVcGhsjDgE
b5chhEkZGov2hCElFtD99nRrYdh2IhKyMjzAmvYOf/C1eRO4aE5VDXthmLOJFYSc
HItZFz2YiMI3vS5pzkGgCktKVar/iwhuP2JkZtnriWzhPpjdQIiKMRmHlPBJ+p2E
r3fkzKHb4yQ3tkYPZXE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:11 2024 by rpki-client on console-fra.rpki-client.org