Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/1-_aaay_GWfY8o872qDkSCEOvayo.roa
File: 1-_aaay_GWfY8o872qDkSCEOvayo.roa (raw, json)
Hash identifier: 2lTSzWlQHa7PmQZ+KaaNWoxOiv4H99ZxfOgnxL28M68=
Subject key identifier: FB:F6:9A:6B:2F:C6:59:F6:3C:A3:CE:F6:A8:39:12:08:43:AF:6B:2A
Certificate issuer: /CN=1f53c06ca7976d737b23bc72768a228c397faf2f
Certificate serial: 018C8376BDD4FC14C6AE890C77015B982B1E
Authority key identifier: 1F:53:C0:6C:A7:97:6D:73:7B:23:BC:72:76:8A:22:8C:39:7F:AF:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H1PAbKeXbXN7I7xydooijDl_ry8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/1-_aaay_GWfY8o872qDkSCEOvayo.roa
Signing time: Tue 19 Dec 2023 19:04:06 +0000
ROA not before: Tue 19 Dec 2023 19:04:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29657
IP address blocks: 45.132.100.0/24 maxlen: 24
45.132.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Dec 2023 12:56:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:76:bd:d4:fc:14:c6:ae:89:0c:77:01:5b:98:2b:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f53c06ca7976d737b23bc72768a228c397faf2f
Validity
Not Before: Dec 19 19:04:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbf69a6b2fc659f63ca3cef6a839120843af6b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:aa:ab:66:85:03:61:27:d2:28:3a:69:5b:25:
df:9a:f7:ad:1b:69:6b:a5:25:0f:26:ef:00:41:04:
9b:50:a5:de:d1:10:e3:39:c9:ab:1c:03:ec:81:e1:
b7:99:5d:1d:cf:5e:1c:b4:75:63:64:9a:65:55:e5:
02:71:53:c3:b4:80:96:ef:20:3b:e4:d6:f0:2b:de:
92:89:3b:91:81:13:43:a0:ba:1d:66:a5:60:9e:db:
b2:03:9f:1b:36:9e:19:99:c8:19:3d:10:28:bd:16:
e7:50:95:ea:0b:f0:63:73:a8:b6:5c:20:7b:3f:db:
b4:60:72:c4:3c:0e:2f:fc:4e:2f:31:61:7e:c4:99:
cf:5c:e2:6b:88:91:96:b5:49:d5:29:85:29:32:2d:
0e:bd:c9:77:29:0d:a1:55:dd:8f:d6:4d:d5:5e:12:
74:ee:a0:07:2b:75:56:4c:96:1d:a5:c7:97:a9:3d:
dc:fb:8b:d1:33:6e:06:84:18:1a:ef:fa:67:6c:53:
cd:3d:a9:fb:03:40:ab:e2:db:1e:ec:be:25:a8:99:
ad:d8:1b:64:45:f8:65:3f:8e:0d:01:6e:1b:9f:8e:
cb:f1:4a:93:9c:ee:22:cd:a7:35:cc:19:c3:b4:e0:
ea:30:84:a3:4e:d8:0f:66:73:94:f5:09:ea:df:f3:
cf:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F6:9A:6B:2F:C6:59:F6:3C:A3:CE:F6:A8:39:12:08:43:AF:6B:2A
X509v3 Authority Key Identifier:
keyid:1F:53:C0:6C:A7:97:6D:73:7B:23:BC:72:76:8A:22:8C:39:7F:AF:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H1PAbKeXbXN7I7xydooijDl_ry8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/1-_aaay_GWfY8o872qDkSCEOvayo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/8ca3bc-a875-4507-91cc-bcefa45658cc/1/H1PAbKeXbXN7I7xydooijDl_ry8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.100.0/23
Signature Algorithm: sha256WithRSAEncryption
04:83:97:22:08:b3:c0:8f:02:e6:d9:02:df:f2:8d:2e:27:20:
5d:a0:de:73:b4:e2:b8:ab:82:c6:52:aa:98:6f:99:21:42:d0:
4c:26:a2:3a:1e:a1:b7:00:92:69:ca:b9:72:0d:44:ad:ad:52:
e8:29:7d:05:08:20:7b:26:c2:68:4d:42:e0:82:e4:7c:08:33:
aa:2b:d6:9e:8f:43:ef:ae:6a:8d:d7:e9:4a:71:55:25:22:4c:
b7:01:fa:b3:9f:70:01:b2:16:1a:78:bc:64:4e:44:af:2b:1e:
d2:c0:5b:f3:f0:62:d2:bf:0e:23:f7:17:81:18:26:9e:ae:61:
ce:db:24:47:1d:8e:80:ee:47:0c:f2:05:3d:b5:d8:be:ba:73:
06:04:30:1f:3b:ed:91:49:39:ba:31:a4:ad:61:f4:04:f7:6b:
ab:95:e9:94:2f:22:98:23:4d:16:a8:1d:6d:3f:dc:fb:b5:2a:
11:52:d7:02:23:ad:7d:0e:80:3a:07:0a:0c:75:83:01:ac:86:
e9:8b:4c:a1:b1:fc:90:5e:22:c8:fb:6e:aa:7e:ed:6f:5b:7d:
b1:2b:0d:72:9a:47:1f:f1:2a:40:37:71:e6:ba:ef:87:86:0f:
30:39:07:03:70:3e:fb:65:1b:fa:f7:46:f9:11:28:67:c1:b8:
2f:64:3f:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyDdr3U/BTGrokMdwFbmCseMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNTNjMDZjYTc5NzZkNzM3YjIzYmM3Mjc2OGEyMjhjMzk3
ZmFmMmYwHhcNMjMxMjE5MTkwNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmY2OWE2YjJmYzY1OWY2M2NhM2NlZjZhODM5MTIwODQzYWY2YjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKqrZoUDYSfSKDppWyXfmvetG2lr
pSUPJu8AQQSbUKXe0RDjOcmrHAPsgeG3mV0dz14ctHVjZJplVeUCcVPDtICW7yA7
5NbwK96SiTuRgRNDoLodZqVgntuyA58bNp4ZmcgZPRAovRbnUJXqC/Bjc6i2XCB7
P9u0YHLEPA4v/E4vMWF+xJnPXOJriJGWtUnVKYUpMi0Ovcl3KQ2hVd2P1k3VXhJ0
7qAHK3VWTJYdpceXqT3c+4vRM24GhBga7/pnbFPNPan7A0Cr4tse7L4lqJmt2Btk
RfhlP44NAW4bn47L8UqTnO4izac1zBnDtODqMISjTtgPZnOU9Qnq3/PPwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPv2mmsvxln2PKPO9qg5EghDr2sqMB8GA1UdIwQY
MBaAFB9TwGynl21zeyO8cnaKIow5f68vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDFQQWJLZVhiWE43STd4eWRvb2lqRGxfcnk4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Y2EzYmMtYTg3NS00NTA3LTkxY2Mt
YmNlZmE0NTY1OGNjLzEvMS1fYWFheV9HV2ZZOG84NzJxRGtTQ0VPdmF5by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjUvOGNhM2JjLWE4NzUtNDUwNy05MWNjLWJjZWZhNDU2NThj
Yy8xL0gxUEFiS2VYYlhON0k3eHlkb29pakRsX3J5OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2EZDAN
BgkqhkiG9w0BAQsFAAOCAQEABIOXIgizwI8C5tkC3/KNLicgXaDec7TiuKuCxlKq
mG+ZIULQTCaiOh6htwCSacq5cg1Era1S6Cl9BQggeybCaE1C4ILkfAgzqivWno9D
765qjdfpSnFVJSJMtwH6s59wAbIWGni8ZE5Eryse0sBb8/Bi0r8OI/cXgRgmnq5h
ztskRx2OgO5HDPIFPbXYvrpzBgQwHzvtkUk5ujGkrWH0BPdrq5XplC8imCNNFqgd
bT/c+7UqEVLXAiOtfQ6AOgcKDHWDAayG6YtMobH8kF4iyPtuqn7tb1t9sSsNcppH
H/EqQDdx5rrvh4YPMDkHA3A++2Ub+vdG+REoZ8G4L2Q/SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org