Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/son9W5gDrw8jpjLGuk4wWywpJ3Q.roa
File: son9W5gDrw8jpjLGuk4wWywpJ3Q.roa (raw, json)
Hash identifier: 49eVOF7wvpgJGy5rm62Y+wfvL+7BMFuE2ZeL6b5u4KU=
Subject key identifier: B2:89:FD:5B:98:03:AF:0F:23:A6:32:C6:BA:4E:30:5B:2C:29:27:74
Certificate issuer: /CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Certificate serial: 018572034AD76E84D9599C07EF55877B170D
Authority key identifier: DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/son9W5gDrw8jpjLGuk4wWywpJ3Q.roa
Signing time: Mon 02 Jan 2023 10:24:56 +0000
ROA not before: Mon 02 Jan 2023 10:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 45.154.18.0/24 maxlen: 24
45.154.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:4a:d7:6e:84:d9:59:9c:07:ef:55:87:7b:17:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df78ec6b0b969aa2228f125edaa419bacdbbf25b
Validity
Not Before: Jan 2 10:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b289fd5b9803af0f23a632c6ba4e305b2c292774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b6:0b:f0:0b:59:8b:cb:cf:43:80:43:3c:ac:
3c:6c:aa:c4:6e:87:44:4f:a1:22:81:38:9d:31:bb:
f3:92:9b:a0:09:a3:38:ba:3f:31:a4:7c:ad:43:90:
41:f8:a1:6c:0c:1a:45:8e:c9:bc:f2:57:2d:8d:ac:
5b:b6:46:62:b5:cd:e0:2b:56:3a:70:02:9c:3a:9d:
04:7f:e0:93:89:d7:50:e4:46:a9:f2:c1:7d:6f:5b:
2a:f4:9b:37:df:b9:33:da:d5:d1:f8:69:f9:5e:f6:
95:97:85:27:ca:e0:ef:ee:d3:44:a5:89:6f:fb:3c:
71:01:25:67:0f:bb:a3:4c:22:14:fa:2a:a1:48:a3:
0d:91:03:4a:86:3f:d2:21:e8:6d:a1:a7:0a:47:bd:
eb:14:dc:f0:1f:6c:be:07:a1:b1:1b:54:45:9b:30:
05:9f:0e:2a:65:7d:fb:cd:c2:b5:d1:0f:61:73:cc:
17:a8:63:7f:13:a2:2c:df:25:38:27:45:3b:b1:16:
cf:26:5a:7a:8b:1a:51:97:76:56:06:95:a6:9e:de:
52:a6:cb:4e:4d:55:2f:b6:54:8c:d9:46:e0:de:fa:
68:73:3b:e1:2d:4d:ff:23:98:85:f5:91:09:8c:9f:
1d:7d:df:8e:9d:e9:e1:89:d3:c8:61:b7:e0:aa:92:
42:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:89:FD:5B:98:03:AF:0F:23:A6:32:C6:BA:4E:30:5B:2C:29:27:74
X509v3 Authority Key Identifier:
keyid:DF:78:EC:6B:0B:96:9A:A2:22:8F:12:5E:DA:A4:19:BA:CD:BB:F2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/33jsawuWmqIijxJe2qQZus278ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/son9W5gDrw8jpjLGuk4wWywpJ3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/dbb043-377b-4c4b-a0a2-7e8c5526de7e/1/33jsawuWmqIijxJe2qQZus278ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.18.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:c9:af:3b:e6:a6:92:00:10:3e:27:f2:cf:de:3c:6e:ac:e8:
2f:8e:11:b5:b7:c6:21:8b:d3:4b:25:d2:67:29:2b:84:e2:92:
e8:2c:b6:b3:da:33:70:c3:30:b8:d3:3b:02:cb:e9:a9:dd:44:
9b:a0:6e:79:60:14:99:ae:bd:1f:a9:36:fd:4d:cd:c6:0c:0b:
54:7d:e7:81:e3:67:f4:b9:79:c2:1e:01:f6:43:29:f9:55:49:
d4:95:ad:d1:0d:33:ba:d7:fd:e6:73:dc:c8:5d:4b:8e:ba:48:
6a:fe:45:e5:41:5f:ce:bc:3a:b0:ab:7a:63:51:6f:26:a5:e4:
ae:d4:b6:87:5c:8f:26:17:04:0d:85:17:a4:9f:e0:78:04:13:
f4:e7:aa:b4:24:fa:c3:11:fe:a9:9b:2e:59:37:08:29:af:d3:
76:16:97:e0:74:41:62:39:62:46:08:dd:8f:97:6e:12:72:72:
2d:25:20:d8:48:1f:9b:a1:fc:32:72:56:ae:2a:8d:4f:0a:74:
2d:34:bc:50:5c:91:6b:74:e9:1c:23:da:52:1d:39:6b:dc:94:
2e:93:f9:d8:69:83:c1:52:a0:03:42:ee:a2:d0:7b:67:3b:6b:
0d:b4:ab:f1:18:7e:43:43:f1:2a:d7:9c:bd:9d:8d:4b:74:0f:
70:0c:e9:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA0rXboTZWZwH71WHexcNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNzhlYzZiMGI5NjlhYTIyMjhmMTI1ZWRhYTQxOWJhY2Ri
YmYyNWIwHhcNMjMwMTAyMTAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjg5ZmQ1Yjk4MDNhZjBmMjNhNjMyYzZiYTRlMzA1YjJjMjkyNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrYL8AtZi8vPQ4BDPKw8bKrEbodE
T6EigTidMbvzkpugCaM4uj8xpHytQ5BB+KFsDBpFjsm88lctjaxbtkZitc3gK1Y6
cAKcOp0Ef+CTiddQ5Eap8sF9b1sq9Js337kz2tXR+Gn5XvaVl4UnyuDv7tNEpYlv
+zxxASVnD7ujTCIU+iqhSKMNkQNKhj/SIehtoacKR73rFNzwH2y+B6GxG1RFmzAF
nw4qZX37zcK10Q9hc8wXqGN/E6Is3yU4J0U7sRbPJlp6ixpRl3ZWBpWmnt5SpstO
TVUvtlSM2Ubg3vpoczvhLU3/I5iF9ZEJjJ8dfd+OnenhidPIYbfgqpJCTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKJ/VuYA68PI6YyxrpOMFssKSd0MB8GA1UdIwQY
MBaAFN947GsLlpqiIo8SXtqkGbrNu/JbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTIt
N2U4YzU1MjZkZTdlLzEvc29uOVc1Z0RydzhqcGpMR3VrNHdXeXdwSjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kYmIwNDMtMzc3Yi00YzRiLWEwYTItN2U4YzU1MjZkZTdl
LzEvMzNqc2F3dVdtcUlpanhKZTJxUVp1czI3OGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZoSMA0G
CSqGSIb3DQEBCwUAA4IBAQBdya875qaSABA+J/LP3jxurOgvjhG1t8Yhi9NLJdJn
KSuE4pLoLLaz2jNwwzC40zsCy+mp3USboG55YBSZrr0fqTb9Tc3GDAtUfeeB42f0
uXnCHgH2Qyn5VUnUla3RDTO61/3mc9zIXUuOukhq/kXlQV/OvDqwq3pjUW8mpeSu
1LaHXI8mFwQNhRekn+B4BBP056q0JPrDEf6pmy5ZNwgpr9N2FpfgdEFiOWJGCN2P
l24ScnItJSDYSB+bofwyclauKo1PCnQtNLxQXJFrdOkcI9pSHTlr3JQuk/nYaYPB
UqADQu6i0HtnO2sNtKvxGH5DQ/Eq15y9nY1LdA9wDOlR
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:00 2024 by rpki-client on console-ams.rpki-client.org