Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/FxV5r0znsgms3n-9DS20OICzhA4.roa
File: FxV5r0znsgms3n-9DS20OICzhA4.roa (raw, json)
Hash identifier: 74xUkH6YBCxxIckdrU4rFGcQczQHBrZlvznlCmBXkqs=
Subject key identifier: 17:15:79:AF:4C:E7:B2:09:AC:DE:7F:BD:0D:2D:B4:38:80:B3:84:0E
Certificate issuer: /CN=1fc5955940bbd7555df0a2e417379fc447ef0cdc
Certificate serial: 018572311ACB4D25BCCCFFE190D15CB3E0A9
Authority key identifier: 1F:C5:95:59:40:BB:D7:55:5D:F0:A2:E4:17:37:9F:C4:47:EF:0C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H8WVWUC711Vd8KLkFzefxEfvDNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/FxV5r0znsgms3n-9DS20OICzhA4.roa
Signing time: Mon 02 Jan 2023 11:14:58 +0000
ROA not before: Mon 02 Jan 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 45.159.120.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:1a:cb:4d:25:bc:cc:ff:e1:90:d1:5c:b3:e0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fc5955940bbd7555df0a2e417379fc447ef0cdc
Validity
Not Before: Jan 2 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=171579af4ce7b209acde7fbd0d2db43880b3840e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:93:e0:54:3b:ce:e7:25:b3:38:60:fa:f4:34:
c1:62:6c:b3:27:38:99:5f:b1:8f:75:69:63:0b:02:
07:e4:ad:7c:7b:42:1a:74:fe:1f:4b:a9:44:9c:59:
45:ba:04:10:19:28:8b:36:d2:d0:83:e1:2d:af:fc:
07:d7:00:76:0f:26:87:80:8d:f7:c2:e9:31:3b:a7:
b4:92:cd:22:ca:ed:20:65:34:bc:2c:df:7d:46:bd:
ed:e6:be:6b:44:09:e6:2d:97:35:88:2c:89:72:a8:
7d:1c:71:9c:68:43:a6:ce:91:6c:c8:03:ff:17:d6:
bb:ff:1d:23:be:b8:8d:d4:4c:a3:12:67:74:e5:e9:
0f:80:70:92:e3:3f:11:3e:d8:ae:4c:d2:fc:6e:eb:
84:12:2e:6d:ca:0f:bc:45:84:2d:96:76:11:09:cf:
4f:25:2a:b2:c5:a7:3c:68:03:62:93:9b:67:11:b0:
d7:a0:cb:c3:75:75:ab:45:d9:62:11:b3:03:50:65:
3a:fc:e9:96:90:5d:cd:cf:78:c9:91:3d:04:58:92:
f6:5a:01:68:32:f2:37:5c:2a:55:f2:78:4f:5f:d0:
de:ab:ef:3b:45:68:92:36:5a:7c:c1:3c:97:20:a4:
4a:19:49:f6:b8:02:73:d3:2f:b0:1e:52:f7:38:0a:
da:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:15:79:AF:4C:E7:B2:09:AC:DE:7F:BD:0D:2D:B4:38:80:B3:84:0E
X509v3 Authority Key Identifier:
keyid:1F:C5:95:59:40:BB:D7:55:5D:F0:A2:E4:17:37:9F:C4:47:EF:0C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H8WVWUC711Vd8KLkFzefxEfvDNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/FxV5r0znsgms3n-9DS20OICzhA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1c8896-7be2-42cd-911f-2fdb7ab65d52/1/H8WVWUC711Vd8KLkFzefxEfvDNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.120.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:d4:e8:ae:21:c4:4e:c0:34:70:4c:78:2c:7e:60:b1:a3:99:
a5:21:1b:48:53:3d:bf:d9:8f:c4:c6:06:89:f8:a7:a1:bb:54:
90:51:27:0c:f6:08:2a:03:f4:aa:fa:de:fb:cf:88:fc:dc:50:
29:2e:a5:0b:5e:3f:b8:c1:0c:ca:23:69:19:18:16:80:c3:89:
e7:6d:58:3f:a1:d3:35:de:e9:04:8a:70:60:41:a9:d4:fa:a9:
b5:21:16:67:24:68:1e:76:f9:e8:97:1d:12:ef:af:ff:e8:5c:
ef:8b:75:dd:bd:73:f2:90:ff:68:60:b8:72:e3:3c:5f:e0:68:
dd:02:d3:45:df:69:04:50:52:ba:27:c9:4f:e2:14:e7:53:04:
de:34:99:69:4d:90:0b:40:d4:46:64:ef:b4:04:90:6a:55:b4:
be:d3:00:46:5b:22:d5:e9:28:1f:96:96:8b:9f:72:8d:f6:a1:
4b:7e:49:26:90:0b:5b:6f:95:6c:c1:87:5b:cf:1d:e1:fd:ab:
6e:8c:44:61:46:5e:5c:e7:b3:06:2b:41:90:43:4a:c3:ee:94:
a6:14:27:5e:b2:e0:77:26:c9:a6:bc:88:38:44:35:f9:76:78:
40:e9:72:79:0d:99:00:6c:db:63:c2:97:52:6a:6f:48:df:44:
2e:ee:2d:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMRrLTSW8zP/hkNFcs+CpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYzU5NTU5NDBiYmQ3NTU1ZGYwYTJlNDE3Mzc5ZmM0NDdl
ZjBjZGMwHhcNMjMwMTAyMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzE1NzlhZjRjZTdiMjA5YWNkZTdmYmQwZDJkYjQzODgwYjM4NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpPgVDvO5yWzOGD69DTBYmyzJziZ
X7GPdWljCwIH5K18e0IadP4fS6lEnFlFugQQGSiLNtLQg+Etr/wH1wB2DyaHgI33
wukxO6e0ks0iyu0gZTS8LN99Rr3t5r5rRAnmLZc1iCyJcqh9HHGcaEOmzpFsyAP/
F9a7/x0jvriN1EyjEmd05ekPgHCS4z8RPtiuTNL8buuEEi5tyg+8RYQtlnYRCc9P
JSqyxac8aANik5tnEbDXoMvDdXWrRdliEbMDUGU6/OmWkF3Nz3jJkT0EWJL2WgFo
MvI3XCpV8nhPX9Deq+87RWiSNlp8wTyXIKRKGUn2uAJz0y+wHlL3OAraUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcVea9M57IJrN5/vQ0ttDiAs4QOMB8GA1UdIwQY
MBaAFB/FlVlAu9dVXfCi5Bc3n8RH7wzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDhXVldVQzcxMVZkOEtMa0Z6ZWZ4RWZ2RE53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYzg4OTYtN2JlMi00MmNkLTkxMWYt
MmZkYjdhYjY1ZDUyLzEvRnhWNXIwem5zZ21zM24tOURTMjBPSUN6aEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYzg4OTYtN2JlMi00MmNkLTkxMWYtMmZkYjdhYjY1ZDUy
LzEvSDhXVldVQzcxMVZkOEtMa0Z6ZWZ4RWZ2RE53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ94MA0G
CSqGSIb3DQEBCwUAA4IBAQC71OiuIcROwDRwTHgsfmCxo5mlIRtIUz2/2Y/ExgaJ
+Kehu1SQUScM9ggqA/Sq+t77z4j83FApLqULXj+4wQzKI2kZGBaAw4nnbVg/odM1
3ukEinBgQanU+qm1IRZnJGgedvnolx0S76//6Fzvi3XdvXPykP9oYLhy4zxf4Gjd
AtNF32kEUFK6J8lP4hTnUwTeNJlpTZALQNRGZO+0BJBqVbS+0wBGWyLV6SgflpaL
n3KN9qFLfkkmkAtbb5VswYdbzx3h/atujERhRl5c57MGK0GQQ0rD7pSmFCdesuB3
JsmmvIg4RDX5dnhA6XJ5DZkAbNtjwpdSam9I30Qu7i2V
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:43 2024 by rpki-client on console-fra.rpki-client.org