Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/L1S4Knsr8dNbDicthTgiZfc0JGA.roa
File: L1S4Knsr8dNbDicthTgiZfc0JGA.roa (raw, json)
Hash identifier: vX3ICb/GBjjLfuIpPC+21f9/la1x3uhG+ZCgCm7evcg=
Subject key identifier: 2F:54:B8:2A:7B:2B:F1:D3:5B:0E:27:2D:85:38:22:65:F7:34:24:60
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 01856F2FFA9C7BAA099441D808896C042768
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/L1S4Knsr8dNbDicthTgiZfc0JGA.roa
Signing time: Sun 01 Jan 2023 21:14:53 +0000
ROA not before: Sun 01 Jan 2023 21:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209417
IP address blocks: 45.9.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:fa:9c:7b:aa:09:94:41:d8:08:89:6c:04:27:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 21:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f54b82a7b2bf1d35b0e272d85382265f7342460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:f9:c5:45:0e:c1:cf:e8:41:a2:34:a3:68:bc:
a0:bc:1d:ed:97:17:e4:64:fc:72:bb:42:f5:43:13:
ac:b0:eb:be:90:03:49:ab:2d:35:59:ae:2b:ba:c3:
21:66:93:9c:cd:eb:f5:83:14:66:27:d0:34:13:19:
0e:74:33:51:84:a4:d6:cd:0e:0e:35:70:30:c5:89:
71:04:d7:61:18:a2:e9:4a:bf:dd:48:39:29:de:12:
33:6e:44:7b:f5:ce:df:b4:33:26:7d:64:c5:e7:ce:
c8:cb:d9:b9:d8:c1:71:78:39:fd:68:1a:94:2d:54:
b4:a1:63:f3:64:05:69:de:46:8a:35:a1:eb:59:15:
e8:98:e7:56:cf:87:0d:8d:ee:20:8c:bf:81:f8:5c:
39:c1:35:b1:e2:0b:d9:9f:43:75:03:3b:53:48:cd:
32:2a:e5:85:35:a7:2d:cc:7b:60:f7:1e:0a:9b:f1:
95:25:73:d2:68:e4:9a:67:5b:9d:32:cb:71:8a:84:
fd:08:ec:38:33:55:fe:03:ca:94:63:1a:cf:7b:e7:
25:4e:c9:70:b7:91:19:93:1c:c3:0e:ba:00:78:63:
1c:4e:2a:03:ac:16:7d:85:80:87:60:51:4d:78:ef:
75:89:5e:85:a5:7f:4f:0b:66:52:65:9c:ac:76:2d:
d9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:54:B8:2A:7B:2B:F1:D3:5B:0E:27:2D:85:38:22:65:F7:34:24:60
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/L1S4Knsr8dNbDicthTgiZfc0JGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.11.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:00:89:ce:14:f1:b8:cd:72:1d:5d:67:2b:59:74:4d:38:2d:
55:b6:17:a8:6b:55:3e:38:5c:9c:f8:d0:90:46:91:b3:83:d9:
e7:62:fc:c1:3c:e3:04:9c:03:94:96:af:b8:1a:11:0f:8f:55:
e0:4a:81:8e:8c:c8:b6:01:49:43:07:9a:e5:b4:c8:2b:fe:a5:
f9:23:9a:e5:72:db:82:75:5b:d4:25:97:0a:f7:b9:f6:1b:22:
49:d7:0a:39:c9:59:aa:df:d7:64:b8:a7:10:e3:df:95:e7:58:
91:08:ec:14:63:7c:68:ae:7d:79:21:29:21:88:09:6b:2c:6b:
e0:bf:e0:bb:c1:61:66:88:60:06:d1:8d:0a:4b:60:87:a6:1d:
5a:8b:43:eb:ac:c3:cc:0e:25:f0:cd:ca:cc:06:71:83:1a:8b:
f0:b0:59:59:44:b9:c9:90:03:a8:82:4a:5b:dd:09:30:b3:f2:
54:79:3d:66:19:3c:fe:1d:8f:d3:cc:4b:87:e9:56:92:5d:77:
81:48:37:6c:90:87:34:23:2c:c9:b7:96:e3:f0:b9:be:e3:52:
51:b8:a4:f5:be:2d:01:60:63:fe:bf:7d:86:34:82:aa:57:75:
3c:61:9a:53:66:14:48:f6:cb:8a:45:6b:fe:4a:88:c6:5a:38:
11:5d:e4:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL/qce6oJlEHYCIlsBCdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjMwMTAxMjExNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU0YjgyYTdiMmJmMWQzNWIwZTI3MmQ4NTM4MjI2NWY3MzQyNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+/nFRQ7Bz+hBojSjaLygvB3tlxfk
ZPxyu0L1QxOssOu+kANJqy01Wa4rusMhZpOczev1gxRmJ9A0ExkOdDNRhKTWzQ4O
NXAwxYlxBNdhGKLpSr/dSDkp3hIzbkR79c7ftDMmfWTF587Iy9m52MFxeDn9aBqU
LVS0oWPzZAVp3kaKNaHrWRXomOdWz4cNje4gjL+B+Fw5wTWx4gvZn0N1AztTSM0y
KuWFNactzHtg9x4Km/GVJXPSaOSaZ1udMstxioT9COw4M1X+A8qUYxrPe+clTslw
t5EZkxzDDroAeGMcTioDrBZ9hYCHYFFNeO91iV6FpX9PC2ZSZZysdi3ZpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9UuCp7K/HTWw4nLYU4ImX3NCRgMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvTDFTNEtuc3I4ZE5iRGljdGhUZ2laZmMwSkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkLMA0G
CSqGSIb3DQEBCwUAA4IBAQC3AInOFPG4zXIdXWcrWXRNOC1Vtheoa1U+OFyc+NCQ
RpGzg9nnYvzBPOMEnAOUlq+4GhEPj1XgSoGOjMi2AUlDB5rltMgr/qX5I5rlctuC
dVvUJZcK97n2GyJJ1wo5yVmq39dkuKcQ49+V51iRCOwUY3xorn15ISkhiAlrLGvg
v+C7wWFmiGAG0Y0KS2CHph1ai0PrrMPMDiXwzcrMBnGDGovwsFlZRLnJkAOogkpb
3Qkws/JUeT1mGTz+HY/TzEuH6VaSXXeBSDdskIc0IyzJt5bj8Lm+41JRuKT1vi0B
YGP+v32GNIKqV3U8YZpTZhRI9suKRWv+SojGWjgRXeR4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:11 2024 by rpki-client on console-ams.rpki-client.org