Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/irswrlIoOxuTQdHxRSgMeamLG9A.roa
File: irswrlIoOxuTQdHxRSgMeamLG9A.roa (raw, json)
Hash identifier: fZwBDQzl1j1nMcuV6lOSVK7X2qHYTv2hGZt+17Gya+o=
Subject key identifier: 8A:BB:30:AE:52:28:3B:1B:93:41:D1:F1:45:28:0C:79:A9:8B:1B:D0
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018AE13065455E3CB3295C52F66B0F31A863
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/irswrlIoOxuTQdHxRSgMeamLG9A.roa
Signing time: Fri 29 Sep 2023 13:45:59 +0000
ROA not before: Fri 29 Sep 2023 13:45:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 45.130.214.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:30:65:45:5e:3c:b3:29:5c:52:f6:6b:0f:31:a8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Sep 29 13:45:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8abb30ae52283b1b9341d1f145280c79a98b1bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:b0:0f:7e:35:0d:da:d8:aa:22:0d:34:1e:
ca:90:da:af:ad:25:60:fe:e7:8f:81:46:2a:33:d4:
16:bb:bb:82:c2:94:f1:0e:90:b2:85:33:67:48:c8:
65:b7:9f:7d:bd:cb:3c:71:98:a6:f5:df:d5:f5:30:
d8:30:c7:bb:85:12:d5:34:49:9d:b6:03:88:0f:f8:
99:90:6a:da:32:ab:58:ed:4f:e9:22:0d:5a:1b:6d:
88:bf:88:de:03:31:25:fc:3e:56:cc:fa:55:29:98:
ea:ff:ae:e5:5c:02:09:bc:50:cc:5a:55:c0:7d:1b:
cd:47:08:2f:31:5f:22:b2:9d:e9:2f:a1:ae:a6:f1:
fd:5c:ab:94:fb:a6:e3:10:e8:8c:b3:1c:f6:20:2d:
87:da:6c:e9:7d:a5:70:4d:31:35:99:e1:a0:c8:71:
fc:59:86:3e:ad:f5:b3:f6:aa:dc:d5:53:a1:46:02:
dd:d9:6f:bb:5b:74:73:83:35:f4:d0:c7:53:23:b9:
c7:1e:bb:f1:53:ee:2c:e3:6e:e4:05:2c:8e:65:80:
83:cc:fb:ea:48:62:b2:b5:c6:df:c8:db:39:35:48:
e6:ac:d9:d2:de:16:37:e0:d9:d9:c2:bd:ce:40:aa:
7c:1a:9c:96:f0:5c:4d:da:c3:75:92:29:cb:9f:fb:
ee:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BB:30:AE:52:28:3B:1B:93:41:D1:F1:45:28:0C:79:A9:8B:1B:D0
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/irswrlIoOxuTQdHxRSgMeamLG9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.214.0/23
Signature Algorithm: sha256WithRSAEncryption
86:39:6c:bd:51:57:82:60:f3:c5:9e:a1:19:a5:57:83:23:26:
5f:5e:70:4c:c0:44:db:f0:2c:3a:01:9a:9f:49:13:3a:68:de:
48:d7:78:a7:99:bd:20:df:d5:91:7a:55:61:31:ad:c9:7a:f3:
d8:78:c6:cb:ce:34:40:a9:73:20:9b:f2:79:dc:ea:46:68:1a:
63:fc:f4:e7:34:90:4e:ab:65:96:00:2d:86:de:19:0f:13:29:
18:f7:27:a3:3f:aa:dd:ea:09:71:3e:45:5c:e3:08:7d:c0:e3:
17:6b:8d:71:b3:5c:54:85:78:01:83:aa:7a:b0:bb:97:20:66:
fd:b9:53:04:0f:c2:94:03:d1:b7:98:69:39:3f:06:c5:d9:88:
af:96:f4:16:d9:e7:35:f7:e2:75:d6:ad:11:3d:79:4a:a3:ca:
03:cf:63:8a:45:00:8e:6a:05:a6:49:50:c9:7e:b4:a3:97:96:
a6:f8:a8:de:12:ac:38:fe:ee:17:c5:75:92:26:1c:e2:29:a1:
1e:d9:2f:62:ae:b2:6e:2e:92:b7:59:02:44:4f:da:19:0e:e6:
77:ab:d9:c7:fd:89:6c:fd:41:88:d2:b7:90:59:1b:33:c7:7a:
b9:f2:87:17:ec:5c:d4:41:2d:ac:3a:80:a8:f3:2d:8f:a0:99:
aa:6f:8c:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrhMGVFXjyzKVxS9msPMahjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwOTI5MTM0NTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWJiMzBhZTUyMjgzYjFiOTM0MWQxZjE0NTI4MGM3OWE5OGIxYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSuwD341DdrYqiINNB7KkNqvrSVg
/uePgUYqM9QWu7uCwpTxDpCyhTNnSMhlt599vcs8cZim9d/V9TDYMMe7hRLVNEmd
tgOID/iZkGraMqtY7U/pIg1aG22Iv4jeAzEl/D5WzPpVKZjq/67lXAIJvFDMWlXA
fRvNRwgvMV8isp3pL6GupvH9XKuU+6bjEOiMsxz2IC2H2mzpfaVwTTE1meGgyHH8
WYY+rfWz9qrc1VOhRgLd2W+7W3RzgzX00MdTI7nHHrvxU+4s427kBSyOZYCDzPvq
SGKytcbfyNs5NUjmrNnS3hY34NnZwr3OQKp8GpyW8FxN2sN1kinLn/vuEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIq7MK5SKDsbk0HR8UUoDHmpixvQMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvaXJzd3JsSW9PeHVUUWRIeFJTZ01lYW1MRzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYLWMA0G
CSqGSIb3DQEBCwUAA4IBAQCGOWy9UVeCYPPFnqEZpVeDIyZfXnBMwETb8Cw6AZqf
SRM6aN5I13inmb0g39WRelVhMa3JevPYeMbLzjRAqXMgm/J53OpGaBpj/PTnNJBO
q2WWAC2G3hkPEykY9yejP6rd6glxPkVc4wh9wOMXa41xs1xUhXgBg6p6sLuXIGb9
uVMED8KUA9G3mGk5PwbF2YivlvQW2ec19+J11q0RPXlKo8oDz2OKRQCOagWmSVDJ
frSjl5am+KjeEqw4/u4XxXWSJhziKaEe2S9irrJuLpK3WQJET9oZDuZ3q9nH/Yls
/UGI0reQWRszx3q58ocX7FzUQS2sOoCo8y2PoJmqb4wA
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:27 2024 by rpki-client on console-fra.rpki-client.org