Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/Asz5Uc41FCGp0TfwsyJN9T9ZcQ0.roa
File: Asz5Uc41FCGp0TfwsyJN9T9ZcQ0.roa (raw, json)
Hash identifier: Klq7+Xb1vYTHn6k4z5pzhSGIKCnUZYEoIXn2ASTljV4=
Subject key identifier: 02:CC:F9:51:CE:35:14:21:A9:D1:37:F0:B3:22:4D:F5:3F:59:71:0D
Certificate issuer: /CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Certificate serial: 01856F700D10114433B2842EDA45A16D8FCA
Authority key identifier: 9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/Asz5Uc41FCGp0TfwsyJN9T9ZcQ0.roa
Signing time: Sun 01 Jan 2023 22:24:52 +0000
ROA not before: Sun 01 Jan 2023 22:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57986
IP address blocks: 45.15.201.0/24 maxlen: 24
45.15.202.0/24 maxlen: 24
45.15.203.0/24 maxlen: 24
45.15.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:0d:10:11:44:33:b2:84:2e:da:45:a1:6d:8f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Validity
Not Before: Jan 1 22:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02ccf951ce351421a9d137f0b3224df53f59710d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a5:aa:4d:8f:8c:5d:ed:9f:2a:c4:49:6d:c6:
9f:49:81:b2:7b:96:73:79:88:bf:f2:c1:ae:5c:9c:
37:4f:3d:de:d8:a0:4a:02:2f:3f:f5:ac:37:67:2a:
22:0a:bc:c8:56:4a:16:fb:69:a1:06:81:aa:30:2c:
ea:02:3b:a4:1d:86:27:0e:d3:16:56:7f:67:b7:44:
66:43:17:b4:7e:84:bc:ae:00:46:a3:c8:ad:ab:ab:
fa:49:6c:35:15:ee:90:3f:90:ca:ad:c8:64:87:ca:
4c:08:55:c4:84:f7:e0:37:59:04:26:38:da:5f:a4:
97:c2:6e:f1:67:4a:a1:50:56:08:89:3e:01:65:99:
4e:88:e6:e5:a9:d0:8d:7a:39:05:10:6d:9a:82:aa:
04:d4:46:64:51:03:40:62:f9:40:61:5f:28:2a:61:
e8:b5:fe:6a:1d:35:c3:db:2c:e7:ba:14:4a:36:85:
4a:0a:ee:63:b1:d7:8b:69:5c:0a:d6:8b:9a:bc:f7:
4b:a8:64:b9:8d:fd:13:4b:f7:9f:a7:31:e0:0d:ad:
61:77:b1:e5:d7:28:09:63:b8:d5:a7:fa:9e:80:54:
81:b2:89:ee:56:34:d8:89:f8:8a:03:d7:b0:e8:cd:
7f:05:90:32:97:65:38:03:39:c1:bb:4b:b1:a8:cd:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CC:F9:51:CE:35:14:21:A9:D1:37:F0:B3:22:4D:F5:3F:59:71:0D
X509v3 Authority Key Identifier:
keyid:9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/Asz5Uc41FCGp0TfwsyJN9T9ZcQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:78:8a:38:f0:fa:24:5f:f4:f7:8a:56:1f:b8:3f:65:41:29:
c5:28:b5:32:15:74:3d:df:cb:cb:3c:f2:aa:96:f0:0c:70:2b:
77:ed:83:1b:c7:23:c3:cf:ba:82:15:d6:1c:7b:a4:e3:1a:13:
f3:5d:f4:dc:b4:dd:95:09:94:dc:97:74:28:76:cd:16:aa:95:
84:f1:9f:c0:cc:f3:c4:56:af:1f:03:e1:9c:c7:5a:04:07:8f:
2e:b5:14:98:5b:26:ab:1a:9f:7f:0f:23:36:2d:76:d2:4b:12:
e5:5a:e0:4b:12:2b:74:4b:e0:83:7c:2c:9d:68:b3:e2:59:bd:
f7:c1:73:f0:7a:b1:a3:a6:7c:18:0a:34:42:7a:f6:32:55:0b:
31:0c:01:69:dd:b8:44:9a:67:c5:18:27:76:d5:97:95:d9:37:
35:69:77:a1:2c:71:2d:b0:9d:5b:7c:7b:dc:0e:df:00:3c:da:
e4:32:e4:8e:12:52:62:f3:3a:e2:3c:34:50:9b:48:8e:d2:8a:
d5:c0:35:56:60:53:38:81:b9:26:e8:92:e0:ec:0f:d0:bb:9c:
3d:0d:b4:77:c1:10:38:09:85:49:8b:36:3f:91:d8:d2:b2:4b:
47:1e:0c:3f:fb:60:db:4f:49:e8:e0:bb:33:43:0d:ad:b4:b7:
a6:3d:56:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcA0QEUQzsoQu2kWhbY/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzJhMmU4ZmNiZWVlNjMwMjBiYTkzZGFhYjkwNzZjMzdi
Yzk5OTEwHhcNMjMwMTAxMjIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNjZjk1MWNlMzUxNDIxYTlkMTM3ZjBiMzIyNGRmNTNmNTk3MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqWqTY+MXe2fKsRJbcafSYGye5Zz
eYi/8sGuXJw3Tz3e2KBKAi8/9aw3ZyoiCrzIVkoW+2mhBoGqMCzqAjukHYYnDtMW
Vn9nt0RmQxe0foS8rgBGo8itq6v6SWw1Fe6QP5DKrchkh8pMCFXEhPfgN1kEJjja
X6SXwm7xZ0qhUFYIiT4BZZlOiOblqdCNejkFEG2agqoE1EZkUQNAYvlAYV8oKmHo
tf5qHTXD2yznuhRKNoVKCu5jsdeLaVwK1ouavPdLqGS5jf0TS/efpzHgDa1hd7Hl
1ygJY7jVp/qegFSBsonuVjTYifiKA9ew6M1/BZAyl2U4AznBu0uxqM2+0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFALM+VHONRQhqdE38LMiTfU/WXENMB8GA1UdIwQY
MBaAFJsyouj8vu5jAgupPaq5B2w3vJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQt
ZTNhYjkwODdkNDAzLzEvQXN6NVVjNDFGQ0dwMFRmd3N5Sk45VDlaY1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQtZTNhYjkwODdkNDAz
LzEvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCNeIo48PokX/T3ilYfuD9lQSnFKLUyFXQ938vLPPKq
lvAMcCt37YMbxyPDz7qCFdYce6TjGhPzXfTctN2VCZTcl3Qods0WqpWE8Z/AzPPE
Vq8fA+Gcx1oEB48utRSYWyarGp9/DyM2LXbSSxLlWuBLEit0S+CDfCydaLPiWb33
wXPwerGjpnwYCjRCevYyVQsxDAFp3bhEmmfFGCd21ZeV2Tc1aXehLHEtsJ1bfHvc
Dt8APNrkMuSOElJi8zriPDRQm0iO0orVwDVWYFM4gbkm6JLg7A/Qu5w9DbR3wRA4
CYVJizY/kdjSsktHHgw/+2DbT0no4LszQw2ttLemPVae
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:41 2024 by rpki-client on console-fra.rpki-client.org