Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/fzd_sxkdpkxmbnxtMRb58AHdnDo.roa
File: fzd_sxkdpkxmbnxtMRb58AHdnDo.roa (raw, json)
Hash identifier: ESeGIZxbiUgjoFOXq2y5l/IfaPODqSxxKy9JSfFAHDo=
Subject key identifier: 7F:37:7F:B3:19:1D:A6:4C:66:6E:7C:6D:31:16:F9:F0:01:DD:9C:3A
Certificate issuer: /CN=add6d7576cd28245c679f9af3575c035b8a22c9e
Certificate serial: 01856E8B3625C024B68569FD267223B7730F
Authority key identifier: AD:D6:D7:57:6C:D2:82:45:C6:79:F9:AF:35:75:C0:35:B8:A2:2C:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdbXV2zSgkXGefmvNXXANbiiLJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/fzd_sxkdpkxmbnxtMRb58AHdnDo.roa
Signing time: Sun 01 Jan 2023 18:14:55 +0000
ROA not before: Sun 01 Jan 2023 18:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59909
IP address blocks: 45.9.223.0/24 maxlen: 24
45.9.222.0/24 maxlen: 24
45.9.221.0/24 maxlen: 24
45.9.220.0/22 maxlen: 24
45.9.220.0/24 maxlen: 24
2a0e:1500::/29 maxlen: 38
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:36:25:c0:24:b6:85:69:fd:26:72:23:b7:73:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add6d7576cd28245c679f9af3575c035b8a22c9e
Validity
Not Before: Jan 1 18:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f377fb3191da64c666e7c6d3116f9f001dd9c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:7d:1c:a6:00:61:64:bb:71:b0:5c:08:65:
93:d9:e4:c8:c2:37:8c:a1:f6:4e:8b:68:c5:d1:4e:
50:c0:e8:8f:ec:bf:b5:8b:b2:3e:cb:94:9e:95:c4:
21:10:50:be:49:2f:c5:3e:ab:d6:fe:e7:af:2e:ed:
a1:51:97:72:98:92:4b:5d:82:e6:5d:7c:a7:73:b3:
47:c4:a9:6f:68:3f:c1:01:4f:11:82:55:40:ad:06:
09:a9:2f:04:a5:8c:85:75:eb:42:f8:50:d8:80:e7:
0a:b4:34:06:7b:f2:8e:e5:cf:68:e1:17:06:08:96:
d2:df:a6:19:38:51:39:d9:1a:06:ed:49:45:7d:f5:
44:9b:c8:bc:a2:77:64:b6:1a:60:e6:70:fa:92:bd:
37:bb:d9:ea:c4:5b:35:4a:ff:c7:a3:26:02:59:1c:
cd:f3:b2:ee:54:91:ad:a2:b0:82:f3:3d:66:fc:80:
fd:5b:6e:a8:7b:1c:f7:e4:3a:d4:be:06:a8:5b:ec:
2d:6d:a0:3b:25:ac:25:83:40:3c:2e:41:44:46:0f:
5d:47:6c:a2:b1:f6:a2:15:b4:87:a9:d0:47:f0:f5:
37:48:26:35:39:7f:48:2f:61:e6:9c:ec:1f:ef:32:
21:58:85:e4:4e:ae:a9:cd:fd:ba:1e:f8:99:26:5a:
8a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:37:7F:B3:19:1D:A6:4C:66:6E:7C:6D:31:16:F9:F0:01:DD:9C:3A
X509v3 Authority Key Identifier:
keyid:AD:D6:D7:57:6C:D2:82:45:C6:79:F9:AF:35:75:C0:35:B8:A2:2C:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdbXV2zSgkXGefmvNXXANbiiLJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/fzd_sxkdpkxmbnxtMRb58AHdnDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/03c0aa-7f94-40c1-9742-ddb0484a6da2/1/rdbXV2zSgkXGefmvNXXANbiiLJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.220.0/22
IPv6:
2a0e:1500::/29
Signature Algorithm: sha256WithRSAEncryption
3a:61:96:4d:50:94:f9:9a:8f:84:74:a9:a0:a4:b0:8f:23:33:
29:b9:50:94:ee:1e:63:e1:7d:07:3e:bc:7a:36:4a:04:dc:14:
04:6c:15:fb:bb:3d:85:a8:24:85:5d:9e:3d:1f:91:ca:c9:fc:
84:42:f9:01:87:b2:a4:5e:74:6b:82:4f:8e:a3:f1:7c:09:62:
4d:f4:70:92:aa:b0:33:5d:fc:42:5c:b8:ad:74:c2:2f:f0:1d:
b3:a6:8a:1f:cc:59:7d:11:bf:ef:e4:d3:08:ce:d4:1d:32:38:
a6:1d:df:16:36:94:33:e6:98:2c:fd:49:c7:74:da:69:cf:42:
f5:7d:0d:96:74:96:17:6b:ab:16:2c:e2:47:ea:c4:03:8a:63:
f4:a6:76:bc:10:ee:67:af:05:60:99:c8:c2:a2:19:b9:0f:ab:
31:12:f6:bd:e7:63:68:af:c5:5a:b0:f4:a2:8b:7f:ab:7f:91:
e8:b4:83:d4:e9:d8:26:8e:75:e5:25:d4:50:41:19:2d:ca:37:
b7:66:03:34:58:bc:d1:9a:7c:d4:fd:5d:c6:34:ea:12:40:59:
92:56:6e:c7:0c:17:d4:ee:71:d0:51:36:5f:d4:b0:65:90:00:
b0:e5:32:f4:ad:70:3a:95:5b:26:0c:1c:c9:b8:b1:c9:02:98:
51:8e:be:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuizYlwCS2hWn9JnIjt3MPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDZkNzU3NmNkMjgyNDVjNjc5ZjlhZjM1NzVjMDM1Yjhh
MjJjOWUwHhcNMjMwMTAxMTgxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjM3N2ZiMzE5MWRhNjRjNjY2ZTdjNmQzMTE2ZjlmMDAxZGQ5YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDF9HKYAYWS7cbBcCGWT2eTIwjeM
ofZOi2jF0U5QwOiP7L+1i7I+y5SelcQhEFC+SS/FPqvW/uevLu2hUZdymJJLXYLm
XXync7NHxKlvaD/BAU8RglVArQYJqS8EpYyFdetC+FDYgOcKtDQGe/KO5c9o4RcG
CJbS36YZOFE52RoG7UlFffVEm8i8ondkthpg5nD6kr03u9nqxFs1Sv/HoyYCWRzN
87LuVJGtorCC8z1m/ID9W26oexz35DrUvgaoW+wtbaA7Jawlg0A8LkFERg9dR2yi
sfaiFbSHqdBH8PU3SCY1OX9IL2HmnOwf7zIhWIXkTq6pzf26HviZJlqKNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH83f7MZHaZMZm58bTEW+fAB3Zw6MB8GA1UdIwQY
MBaAFK3W11ds0oJFxnn5rzV1wDW4oiyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRiWFYyelNna1hHZWZtdk5YWEFOYmlpTEo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wM2MwYWEtN2Y5NC00MGMxLTk3NDIt
ZGRiMDQ4NGE2ZGEyLzEvZnpkX3N4a2Rwa3htYm54dE1SYjU4QUhkbkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wM2MwYWEtN2Y5NC00MGMxLTk3NDItZGRiMDQ4NGE2ZGEy
LzEvcmRiWFYyelNna1hHZWZtdk5YWEFOYmlpTEo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQncMA0E
AgACMAcDBQMqDhUAMA0GCSqGSIb3DQEBCwUAA4IBAQA6YZZNUJT5mo+EdKmgpLCP
IzMpuVCU7h5j4X0HPrx6NkoE3BQEbBX7uz2FqCSFXZ49H5HKyfyEQvkBh7KkXnRr
gk+Oo/F8CWJN9HCSqrAzXfxCXLitdMIv8B2zpoofzFl9Eb/v5NMIztQdMjimHd8W
NpQz5pgs/UnHdNppz0L1fQ2WdJYXa6sWLOJH6sQDimP0pna8EO5nrwVgmcjCohm5
D6sxEva952Nor8VasPSii3+rf5HotIPU6dgmjnXlJdRQQRktyje3ZgM0WLzRmnzU
/V3GNOoSQFmSVm7HDBfU7nHQUTZf1LBlkACw5TL0rXA6lVsmDBzJuLHJAphRjr47
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:00 2024 by rpki-client on console-ams.rpki-client.org