Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c8605-163e-4245-af12-cdbd556e1749/1/4u7YwjVOG7taUf1Q9C_wPJYwTX8.roa
File: 4u7YwjVOG7taUf1Q9C_wPJYwTX8.roa (raw, json)
Hash identifier: HCcYk+WlmmTGMixhq2xoF5SXn/YLmZKdbVgVcyVh2TU=
Subject key identifier: E2:EE:D8:C2:35:4E:1B:BB:5A:51:FD:50:F4:2F:F0:3C:96:30:4D:7F
Certificate issuer: /CN=ab975db4378dfca7c2953b86d3b18dc8b218ec6b
Certificate serial: 01856D53D6DA93F95BFC0A3A9D7FF3E5F21C
Authority key identifier: AB:97:5D:B4:37:8D:FC:A7:C2:95:3B:86:D3:B1:8D:C8:B2:18:EC:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5ddtDeN_KfClTuG07GNyLIY7Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c8605-163e-4245-af12-cdbd556e1749/1/4u7YwjVOG7taUf1Q9C_wPJYwTX8.roa
Signing time: Sun 01 Jan 2023 12:34:48 +0000
ROA not before: Sun 01 Jan 2023 12:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208338
IP address blocks: 45.144.4.0/23 maxlen: 23
2a0e:e740::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d6:da:93:f9:5b:fc:0a:3a:9d:7f:f3:e5:f2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab975db4378dfca7c2953b86d3b18dc8b218ec6b
Validity
Not Before: Jan 1 12:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2eed8c2354e1bbb5a51fd50f42ff03c96304d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5b:26:e3:bf:17:88:9e:89:52:af:f8:d7:8e:
41:ad:f5:32:8b:c1:9e:38:35:3f:ac:98:01:2c:ff:
95:81:2a:3e:f7:66:3c:1c:3a:bd:ba:45:11:38:87:
12:78:7f:e9:4c:01:21:f5:37:19:7e:fa:7a:a6:c9:
b0:78:3b:9b:24:24:51:86:8b:05:6d:6b:c3:d3:6b:
1f:f6:49:2a:0e:02:91:ad:46:f5:52:36:9c:e2:26:
11:98:cb:bb:a0:06:d7:24:01:69:05:59:48:b9:2f:
32:58:be:32:42:b8:73:c3:63:cf:89:56:3b:ba:81:
74:a0:47:4d:17:4e:2d:9c:9e:e5:ea:83:ed:91:c5:
67:b7:78:69:30:ea:27:d6:18:69:4f:0b:84:46:ff:
a7:87:21:d3:6d:2e:fe:45:9b:ce:39:9a:7b:7c:4b:
e0:6d:f2:05:02:d9:ee:f6:af:76:5d:5c:1d:01:f3:
ca:2f:13:0c:74:7c:27:44:c9:93:c5:6b:f4:f4:52:
1d:1b:f6:45:f5:83:86:97:34:68:c4:d3:71:a6:89:
07:a9:8b:21:4a:ef:28:2d:35:16:6c:da:d0:a8:ac:
97:54:f7:3b:3a:51:7d:f0:e8:d0:c6:6c:78:36:b2:
ae:d9:1f:5c:6a:b2:27:bd:40:b7:2a:6b:5e:0b:a3:
3b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:EE:D8:C2:35:4E:1B:BB:5A:51:FD:50:F4:2F:F0:3C:96:30:4D:7F
X509v3 Authority Key Identifier:
keyid:AB:97:5D:B4:37:8D:FC:A7:C2:95:3B:86:D3:B1:8D:C8:B2:18:EC:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5ddtDeN_KfClTuG07GNyLIY7Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c8605-163e-4245-af12-cdbd556e1749/1/4u7YwjVOG7taUf1Q9C_wPJYwTX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c8605-163e-4245-af12-cdbd556e1749/1/q5ddtDeN_KfClTuG07GNyLIY7Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.4.0/23
IPv6:
2a0e:e740::/30
Signature Algorithm: sha256WithRSAEncryption
20:ea:97:a6:25:a2:94:0a:5d:9a:40:2a:8f:f2:20:91:7e:70:
3a:b2:f6:92:a0:30:86:f3:8e:6d:2f:d9:48:40:60:1e:38:5c:
e1:6d:41:06:6a:80:13:f8:e8:86:ea:83:2d:2f:48:5e:9d:e6:
cd:49:57:20:14:c7:11:ed:bd:d9:02:4e:8f:32:39:a3:27:71:
d0:59:d9:47:88:76:ea:4a:60:7d:c9:d2:16:ba:64:a9:8b:e3:
3f:fd:f1:2f:70:1f:5f:d9:e7:dd:f1:ef:37:e7:84:48:bd:31:
52:1d:4e:e6:73:4b:79:0e:10:96:b8:2b:86:9f:60:0a:d6:a5:
00:f9:73:f7:46:44:bf:1a:57:18:b8:0c:91:39:37:2e:c2:55:
d2:bb:92:7c:0d:37:d4:d8:10:5d:ed:13:10:6c:47:7c:b3:d0:
2b:29:1b:f8:6c:57:8c:e9:81:e7:f3:26:83:eb:7a:f4:8a:f3:
df:cf:79:17:a7:eb:18:20:ce:ea:b9:a2:d3:8d:0b:bf:49:fd:
97:0c:1b:61:d2:6d:89:e3:79:06:7b:f7:71:43:d0:b4:f9:f5:
69:ff:ad:fc:a1:a0:16:1b:18:1c:2e:97:23:8e:6e:51:19:44:
c3:1a:c7:b8:df:5c:34:44:5c:00:7b:c5:5a:9f:47:bb:a0:cd:
86:1e:c5:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU9bak/lb/Ao6nX/z5fIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOTc1ZGI0Mzc4ZGZjYTdjMjk1M2I4NmQzYjE4ZGM4YjIx
OGVjNmIwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmVlZDhjMjM1NGUxYmJiNWE1MWZkNTBmNDJmZjAzYzk2MzA0ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFsm478XiJ6JUq/4145BrfUyi8Ge
ODU/rJgBLP+VgSo+92Y8HDq9ukUROIcSeH/pTAEh9TcZfvp6psmweDubJCRRhosF
bWvD02sf9kkqDgKRrUb1Ujac4iYRmMu7oAbXJAFpBVlIuS8yWL4yQrhzw2PPiVY7
uoF0oEdNF04tnJ7l6oPtkcVnt3hpMOon1hhpTwuERv+nhyHTbS7+RZvOOZp7fEvg
bfIFAtnu9q92XVwdAfPKLxMMdHwnRMmTxWv09FIdG/ZF9YOGlzRoxNNxpokHqYsh
Su8oLTUWbNrQqKyXVPc7OlF98OjQxmx4NrKu2R9carInvUC3KmteC6M73QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOLu2MI1Thu7WlH9UPQv8DyWME1/MB8GA1UdIwQY
MBaAFKuXXbQ3jfynwpU7htOxjciyGOxrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVkZHREZU5fS2ZDbFR1RzA3R055TElZN0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzg2MDUtMTYzZS00MjQ1LWFmMTIt
Y2RiZDU1NmUxNzQ5LzEvNHU3WXdqVk9HN3RhVWYxUTlDX3dQSll3VFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzg2MDUtMTYzZS00MjQ1LWFmMTItY2RiZDU1NmUxNzQ5
LzEvcTVkZHREZU5fS2ZDbFR1RzA3R055TElZN0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZAEMA0E
AgACMAcDBQIqDudAMA0GCSqGSIb3DQEBCwUAA4IBAQAg6pemJaKUCl2aQCqP8iCR
fnA6svaSoDCG845tL9lIQGAeOFzhbUEGaoAT+OiG6oMtL0henebNSVcgFMcR7b3Z
Ak6PMjmjJ3HQWdlHiHbqSmB9ydIWumSpi+M//fEvcB9f2efd8e8354RIvTFSHU7m
c0t5DhCWuCuGn2AK1qUA+XP3RkS/GlcYuAyROTcuwlXSu5J8DTfU2BBd7RMQbEd8
s9ArKRv4bFeM6YHn8yaD63r0ivPfz3kXp+sYIM7quaLTjQu/Sf2XDBth0m2J43kG
e/dxQ9C0+fVp/638oaAWGxgcLpcjjm5RGUTDGse431w0RFwAe8Van0e7oM2GHsUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:27 2024 by rpki-client on console-ams.rpki-client.org