Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/RfdQGvHzsWjIYNewjofS41VIc_s.roa
File: RfdQGvHzsWjIYNewjofS41VIc_s.roa (raw, json)
Hash identifier: LdkhSznRv6rxY8JCWQovu1GXShOCjaaYqb8/JOuD8QE=
Subject key identifier: 45:F7:50:1A:F1:F3:B1:68:C8:60:D7:B0:8E:87:D2:E3:55:48:73:FB
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 01856CC17B429B3BD54A0680D9C2EA682A9F
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/RfdQGvHzsWjIYNewjofS41VIc_s.roa
Signing time: Sun 01 Jan 2023 09:54:57 +0000
ROA not before: Sun 01 Jan 2023 09:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33905
IP address blocks: 2.18.48.0/24 maxlen: 24
2.18.49.0/24 maxlen: 24
2.18.50.0/24 maxlen: 24
2.18.51.0/24 maxlen: 24
2.18.52.0/24 maxlen: 24
2.18.53.0/24 maxlen: 24
2.18.54.0/24 maxlen: 24
2.18.55.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:7b:42:9b:3b:d5:4a:06:80:d9:c2:ea:68:2a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 09:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45f7501af1f3b168c860d7b08e87d2e3554873fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9e:ba:74:3d:88:9e:c4:48:c6:6c:9e:74:68:
7c:e7:ed:ff:9d:17:69:c9:51:d9:56:54:ff:6b:bf:
0b:38:1f:1a:c5:1d:95:73:f3:95:a4:ac:f1:4b:2b:
98:8f:50:ea:54:a1:4f:e8:e5:24:69:36:a0:e7:17:
22:1f:3a:54:11:6b:8d:c4:f4:48:cb:4e:a9:54:be:
9a:1b:cf:61:bc:ae:b4:60:7d:ff:d3:ad:7d:c8:e7:
3c:bc:02:73:a4:2a:ca:53:31:a8:6d:31:25:f6:63:
51:13:c2:29:11:3d:7b:32:5b:95:24:d2:48:45:cb:
8a:be:c1:55:98:12:62:3c:ea:f3:e1:9c:5b:26:b7:
eb:6b:ec:7c:80:46:aa:bc:af:43:a0:ea:a4:95:84:
9a:a4:1c:56:90:c0:41:33:fc:37:90:20:3f:0f:d4:
db:b2:84:db:6f:46:c4:44:16:eb:58:74:59:95:3c:
fb:e9:d0:ea:cc:36:bf:a7:ce:15:20:8f:a3:88:ea:
e5:f1:79:8d:6c:97:eb:28:f1:ff:94:48:c9:b2:b9:
fa:d4:a4:fb:1f:ae:1a:e2:59:df:4a:00:74:bc:53:
19:bc:5a:85:2d:c5:e1:51:a7:fc:91:24:ea:ea:24:
9b:10:1b:10:47:84:26:2b:d6:30:49:25:2a:85:3d:
da:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F7:50:1A:F1:F3:B1:68:C8:60:D7:B0:8E:87:D2:E3:55:48:73:FB
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/RfdQGvHzsWjIYNewjofS41VIc_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.48.0/21
Signature Algorithm: sha256WithRSAEncryption
1c:16:b5:a9:27:15:04:ee:fb:d0:6e:71:43:fe:95:e0:fc:50:
15:a4:19:87:08:c6:55:d7:1f:3f:4a:6f:a9:fd:26:c6:ea:47:
30:99:17:05:ef:2d:b5:55:16:3e:c8:3e:6e:30:bf:bf:d2:fb:
d4:ec:1a:5f:97:97:36:bc:42:4d:31:7f:8c:8c:14:8d:f5:8d:
17:b0:97:a1:7f:f4:cb:81:ee:96:86:ed:d7:7b:d2:da:fc:71:
4d:ee:7d:a9:88:a8:ad:f1:e9:18:6c:6a:38:59:36:c2:e3:98:
f3:8d:27:02:42:ad:5c:a4:e4:32:0c:fa:02:ee:21:eb:40:65:
dc:61:3f:c8:5b:e0:1b:90:05:2a:b2:0f:90:5d:d3:1f:78:2b:
03:de:4b:4e:0b:0f:ea:f0:dd:69:68:f1:41:e8:3f:04:de:d6:
d8:81:1a:d7:0c:98:06:c4:fe:5f:23:4c:bc:ba:2f:f4:e3:dd:
6c:48:a5:b7:00:c1:4b:3a:65:7d:2e:79:38:49:9b:3f:9c:e0:
9c:28:04:c8:ed:91:38:d1:06:a7:77:9e:75:e0:b6:7e:f0:be:
96:8b:a7:6f:78:cf:ff:a1:50:73:79:3f:46:bd:0e:70:9a:37:
c3:38:d9:c4:df:68:18:94:c5:ac:d4:03:42:d0:01:eb:95:47:
76:8f:e0:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswXtCmzvVSgaA2cLqaCqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwMTAxMDk1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY3NTAxYWYxZjNiMTY4Yzg2MGQ3YjA4ZTg3ZDJlMzU1NDg3M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg566dD2InsRIxmyedGh85+3/nRdp
yVHZVlT/a78LOB8axR2Vc/OVpKzxSyuYj1DqVKFP6OUkaTag5xciHzpUEWuNxPRI
y06pVL6aG89hvK60YH3/0619yOc8vAJzpCrKUzGobTEl9mNRE8IpET17MluVJNJI
RcuKvsFVmBJiPOrz4ZxbJrfra+x8gEaqvK9DoOqklYSapBxWkMBBM/w3kCA/D9Tb
soTbb0bERBbrWHRZlTz76dDqzDa/p84VII+jiOrl8XmNbJfrKPH/lEjJsrn61KT7
H64a4lnfSgB0vFMZvFqFLcXhUaf8kSTq6iSbEBsQR4QmK9YwSSUqhT3anwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEX3UBrx87FoyGDXsI6H0uNVSHP7MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvUmZkUUd2SHpzV2pJWU5ld2pvZlM0MVZJY19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDAhIwMA0G
CSqGSIb3DQEBCwUAA4IBAQAcFrWpJxUE7vvQbnFD/pXg/FAVpBmHCMZV1x8/Sm+p
/SbG6kcwmRcF7y21VRY+yD5uML+/0vvU7Bpfl5c2vEJNMX+MjBSN9Y0XsJehf/TL
ge6Whu3Xe9La/HFN7n2piKit8ekYbGo4WTbC45jzjScCQq1cpOQyDPoC7iHrQGXc
YT/IW+AbkAUqsg+QXdMfeCsD3ktOCw/q8N1paPFB6D8E3tbYgRrXDJgGxP5fI0y8
ui/0491sSKW3AMFLOmV9Lnk4SZs/nOCcKATI7ZE40Qand5514LZ+8L6Wi6dveM//
oVBzeT9GvQ5wmjfDONnE32gYlMWs1ANC0AHrlUd2j+Am
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:22 2024 by rpki-client on console-ams.rpki-client.org