Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/Ajq_HpayZwQ2wgp9V5HIN4FQ6dA.roa
File: Ajq_HpayZwQ2wgp9V5HIN4FQ6dA.roa (raw, json)
Hash identifier: tiebFOEYZjbSuDg6YjXGIhW+zHnmj+SlACRPOBwMVu0=
Subject key identifier: 02:3A:BF:1E:96:B2:67:04:36:C2:0A:7D:57:91:C8:37:81:50:E9:D0
Certificate issuer: /CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Certificate serial: 018572034C5C506E4AE8D6818767F10057D7
Authority key identifier: DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/Ajq_HpayZwQ2wgp9V5HIN4FQ6dA.roa
Signing time: Mon 02 Jan 2023 10:24:56 +0000
ROA not before: Mon 02 Jan 2023 10:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48412
IP address blocks: 45.154.16.0/24 maxlen: 24
45.154.16.0/22 maxlen: 22
45.154.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:4c:5c:50:6e:4a:e8:d6:81:87:67:f1:00:57:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Validity
Not Before: Jan 2 10:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=023abf1e96b2670436c20a7d5791c8378150e9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fb:51:5d:14:4a:2b:08:60:06:9a:00:0f:86:
ed:36:2d:01:23:f5:d9:8b:93:ca:a0:ee:52:5e:46:
e0:db:31:f7:d4:2d:32:dc:0b:2d:ab:66:a5:19:24:
b7:5c:46:bc:46:4d:92:eb:29:44:bb:7f:bb:82:6d:
d1:18:16:4b:9b:1e:9d:8d:17:d2:2b:3f:77:f1:93:
45:4d:52:b3:44:fd:97:51:46:a3:f1:d1:2b:f2:7f:
19:df:8a:cc:cf:cf:91:3c:12:fd:36:45:e5:94:96:
e7:e4:16:ff:82:fd:49:00:58:82:5e:d1:39:fa:2f:
c5:9f:7d:6c:a7:26:5c:d5:44:96:f0:56:7e:c7:83:
b4:b5:bf:46:b3:bc:3a:2e:2d:17:14:bd:46:c8:0f:
c9:bb:42:af:45:d9:4b:7e:cb:8b:2c:c1:ce:12:83:
c7:06:14:6a:32:57:c1:56:9a:0a:a3:13:cd:ce:1e:
e5:d1:05:89:35:92:f4:85:3f:86:20:c9:78:e7:66:
05:a7:34:a5:0a:b1:d3:c6:78:8c:c7:b7:a7:19:46:
83:01:80:d0:d4:bd:45:35:d5:ee:86:c6:ae:42:54:
75:85:70:a4:05:61:04:67:2e:7e:10:19:22:ac:b9:
5f:24:7b:84:08:76:ea:b3:b7:1b:83:b1:27:2e:79:
3c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3A:BF:1E:96:B2:67:04:36:C2:0A:7D:57:91:C8:37:81:50:E9:D0
X509v3 Authority Key Identifier:
keyid:DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/Ajq_HpayZwQ2wgp9V5HIN4FQ6dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/33jsawuWmqIijxJe2qQZus278ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.16.0/22
Signature Algorithm: sha256WithRSAEncryption
86:58:7e:a9:88:6f:77:db:ef:6e:5f:95:5d:cb:25:88:5a:c7:
9b:d2:f4:d1:0d:26:ab:2d:da:d2:38:ff:7f:0c:b7:b3:fc:c0:
0b:34:f0:30:ff:51:3d:60:66:5c:40:38:a2:cd:4b:65:dc:81:
95:c6:44:15:46:9b:61:56:35:05:17:28:b5:ed:4c:40:1e:0a:
5c:91:3e:ba:fb:4c:7c:a2:5b:62:68:9a:46:e6:02:44:22:70:
c5:34:05:89:8b:58:5d:54:bf:11:f1:52:ff:a1:d2:16:85:94:
e1:07:b5:2e:24:35:56:2e:c4:af:6a:68:21:f6:9f:e5:c4:cd:
34:ec:68:f8:7a:3d:fc:1e:40:4b:14:b5:4f:e6:39:63:47:11:
a3:dc:f7:cd:73:73:29:01:c9:9f:c7:7a:78:ac:72:43:d6:d1:
66:f1:4c:a2:e3:1a:2f:2c:3c:4b:40:a3:85:c0:4a:88:f4:ad:
bf:9c:42:c5:d0:2e:89:67:c8:c8:04:04:5a:f2:85:ac:c4:0e:
d5:9a:2d:14:77:ad:01:cf:54:64:c5:a9:6f:75:4b:58:b2:49:
a4:12:18:1b:1d:c4:0a:ea:a8:e1:3c:24:aa:75:01:09:af:2b:
24:f4:5d:da:8f:02:d3:cf:60:90:58:8d:85:40:ae:97:53:88:
c2:ee:5b:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA0xcUG5K6NaBh2fxAFfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzhlYzZiMGI5NjlhYTIyMjhmMTI1ZWRhYTQxOWJhY2Ri
YmYyNWIwHhcNMjMwMTAyMTAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNhYmYxZTk2YjI2NzA0MzZjMjBhN2Q1NzkxYzgzNzgxNTBlOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPtRXRRKKwhgBpoAD4btNi0BI/XZ
i5PKoO5SXkbg2zH31C0y3Astq2alGSS3XEa8Rk2S6ylEu3+7gm3RGBZLmx6djRfS
Kz938ZNFTVKzRP2XUUaj8dEr8n8Z34rMz8+RPBL9NkXllJbn5Bb/gv1JAFiCXtE5
+i/Fn31spyZc1USW8FZ+x4O0tb9Gs7w6Li0XFL1GyA/Ju0KvRdlLfsuLLMHOEoPH
BhRqMlfBVpoKoxPNzh7l0QWJNZL0hT+GIMl452YFpzSlCrHTxniMx7enGUaDAYDQ
1L1FNdXuhsauQlR1hXCkBWEEZy5+EBkirLlfJHuECHbqs7cbg7EnLnk8OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI6vx6WsmcENsIKfVeRyDeBUOnQMB8GA1UdIwQY
MBaAFN947GsLlpqiIo8SXtqkGbrNu/JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTIt
N2U4YzU1MjZkZTdlLzEvQWpxX0hwYXlad1Eyd2dwOVY1SElONEZRNmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTItN2U4YzU1MjZkZTdl
LzEvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZoQMA0G
CSqGSIb3DQEBCwUAA4IBAQCGWH6piG932+9uX5VdyyWIWseb0vTRDSarLdrSOP9/
DLez/MALNPAw/1E9YGZcQDiizUtl3IGVxkQVRpthVjUFFyi17UxAHgpckT66+0x8
oltiaJpG5gJEInDFNAWJi1hdVL8R8VL/odIWhZThB7UuJDVWLsSvamgh9p/lxM00
7Gj4ej38HkBLFLVP5jljRxGj3PfNc3MpAcmfx3p4rHJD1tFm8Uyi4xovLDxLQKOF
wEqI9K2/nELF0C6JZ8jIBARa8oWsxA7Vmi0Ud60Bz1RkxalvdUtYskmkEhgbHcQK
6qjhPCSqdQEJrysk9F3ajwLTz2CQWI2FQK6XU4jC7lsw
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:51 2024 by rpki-client on console-fra.rpki-client.org