Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/1-XyIzwnThvCtnwld7kDbT3H6zOg.roa
File: 1-XyIzwnThvCtnwld7kDbT3H6zOg.roa (raw, json)
Hash identifier: 5uMp3bE0XCMfnDquhCBO0pNt5aXJDegpl8QkGeXQTHQ=
Subject key identifier: F9:7C:88:CF:09:D3:86:F0:AD:9F:09:5D:EE:40:DB:4F:71:FA:CC:E8
Certificate issuer: /CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Certificate serial: 018572034BDF652933C4143EB549B850F65A
Authority key identifier: DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/1-XyIzwnThvCtnwld7kDbT3H6zOg.roa
Signing time: Mon 02 Jan 2023 10:24:56 +0000
ROA not before: Mon 02 Jan 2023 10:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 45.154.19.0/24 maxlen: 24
45.154.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:4b:df:65:29:33:c4:14:3e:b5:49:b8:50:f6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Validity
Not Before: Jan 2 10:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97c88cf09d386f0ad9f095dee40db4f71facce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2f:e6:52:f9:0a:3f:84:31:1d:f4:50:f6:e3:
58:d3:09:9b:5d:00:4d:c5:af:3c:d2:90:32:65:1c:
99:6e:41:c9:71:e0:1a:e2:33:0a:25:ef:d5:fe:05:
8c:ad:33:1f:67:c4:63:e8:19:d9:08:95:8f:00:8e:
28:eb:e1:8e:79:19:a6:87:d3:98:03:c2:c5:6d:9f:
76:0e:da:be:02:67:8a:72:72:5f:d3:65:33:3a:cf:
48:92:39:69:ee:30:3c:0a:42:c7:00:13:5d:74:ae:
52:bc:26:77:39:fc:1c:7e:33:4f:73:b8:85:2e:74:
3d:da:62:98:fc:3c:cc:63:d1:55:77:67:25:da:87:
0c:37:b4:8e:51:69:72:0a:66:5d:71:f7:7c:50:48:
73:8c:4f:a7:fc:dc:91:26:3b:27:3b:3f:0b:9e:88:
76:5d:d9:5f:6a:a6:27:7c:c5:7a:21:88:32:2c:bc:
b4:08:0e:82:7b:80:b8:61:ff:bc:73:94:dc:0e:ea:
b6:c7:76:0c:e6:dd:3d:17:d0:8a:81:08:61:f4:cc:
8c:ac:57:87:e3:8f:58:e3:7d:64:3f:c5:e4:f5:10:
9a:6c:1a:a1:25:f2:25:6c:07:ab:00:26:67:3a:3b:
c6:6f:f1:ac:5f:5d:f8:13:94:af:5e:3f:07:93:e3:
21:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7C:88:CF:09:D3:86:F0:AD:9F:09:5D:EE:40:DB:4F:71:FA:CC:E8
X509v3 Authority Key Identifier:
keyid:DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/1-XyIzwnThvCtnwld7kDbT3H6zOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/33jsawuWmqIijxJe2qQZus278ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.18.0/23
Signature Algorithm: sha256WithRSAEncryption
86:78:9d:e6:fa:83:60:a5:7a:d6:b6:7e:80:7e:14:1a:12:53:
07:4f:5d:cf:0c:5e:70:96:b2:66:84:aa:32:62:28:40:3e:51:
07:e6:0a:37:49:53:0e:26:1a:5b:b5:b9:0f:dc:65:41:be:fc:
bf:1a:7c:86:4a:d0:ca:0e:5b:4e:3a:e4:d5:e1:3f:c4:37:64:
4e:c8:fd:a9:2a:b2:69:0a:97:4e:36:51:c5:81:0d:f1:f5:c6:
1e:92:07:53:cf:15:6b:ce:3a:a3:da:a3:90:eb:d8:ad:05:f3:
8a:d7:11:dd:36:3d:9b:05:3d:0a:c1:85:c9:51:9d:42:f7:fe:
94:8e:64:47:bd:aa:a4:00:7f:2c:74:fa:75:36:2a:3c:98:9b:
c1:63:59:03:b2:8d:36:e1:7d:9a:3a:85:be:9e:b6:7d:7c:f5:
eb:d1:22:d0:1d:06:e1:68:4f:af:72:2d:e1:ef:e8:bd:9b:be:
45:66:ca:bd:79:df:b5:a0:f4:e3:7f:be:34:56:a1:98:43:76:
ec:6c:27:c6:e2:50:65:37:83:65:cc:0b:9c:f8:44:c9:77:04:
8c:5d:6e:68:8f:54:52:f4:98:22:1c:ff:af:e1:45:85:56:2c:
d3:de:ad:29:95:dd:69:19:b5:db:96:61:8d:2d:53:bb:d9:8c:
e5:c3:47:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyA0vfZSkzxBQ+tUm4UPZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzhlYzZiMGI5NjlhYTIyMjhmMTI1ZWRhYTQxOWJhY2Ri
YmYyNWIwHhcNMjMwMTAyMTAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdjODhjZjA5ZDM4NmYwYWQ5ZjA5NWRlZTQwZGI0ZjcxZmFjY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly/mUvkKP4QxHfRQ9uNY0wmbXQBN
xa880pAyZRyZbkHJceAa4jMKJe/V/gWMrTMfZ8Rj6BnZCJWPAI4o6+GOeRmmh9OY
A8LFbZ92Dtq+AmeKcnJf02UzOs9Ikjlp7jA8CkLHABNddK5SvCZ3OfwcfjNPc7iF
LnQ92mKY/DzMY9FVd2cl2ocMN7SOUWlyCmZdcfd8UEhzjE+n/NyRJjsnOz8Lnoh2
XdlfaqYnfMV6IYgyLLy0CA6Ce4C4Yf+8c5TcDuq2x3YM5t09F9CKgQhh9MyMrFeH
449Y431kP8Xk9RCabBqhJfIlbAerACZnOjvGb/GsX134E5SvXj8Hk+Mh1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPl8iM8J04bwrZ8JXe5A209x+szoMB8GA1UdIwQY
MBaAFN947GsLlpqiIo8SXtqkGbrNu/JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTIt
N2U4YzU1MjZkZTdlLzEvMS1YeUl6d25UaHZDdG53bGQ3a0RiVDNINnpPZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzkvZGJiMDQzLTM3N2ItNGM0Yi1hMGEyLTdlOGM1NTI2ZGU3
ZS8xLzMzanNhd3VXbXFJaWp4SmUycVFadXMyNzhscy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2aEjAN
BgkqhkiG9w0BAQsFAAOCAQEAhnid5vqDYKV61rZ+gH4UGhJTB09dzwxecJayZoSq
MmIoQD5RB+YKN0lTDiYaW7W5D9xlQb78vxp8hkrQyg5bTjrk1eE/xDdkTsj9qSqy
aQqXTjZRxYEN8fXGHpIHU88Va846o9qjkOvYrQXzitcR3TY9mwU9CsGFyVGdQvf+
lI5kR72qpAB/LHT6dTYqPJibwWNZA7KNNuF9mjqFvp62fXz169Ei0B0G4WhPr3It
4e/ovZu+RWbKvXnftaD043++NFahmEN27GwnxuJQZTeDZcwLnPhEyXcEjF1uaI9U
UvSYIhz/r+FFhVYs096tKZXdaRm125ZhjS1Tu9mM5cNHfw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:00 2024 by rpki-client on console-ams.rpki-client.org