Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/8qlsfduUU7YCPvwZ0OMAFUH6v0E.roa
File: 8qlsfduUU7YCPvwZ0OMAFUH6v0E.roa (raw, json)
Hash identifier: Hn9gwl5fX8a9jNfyPiacGbBIDwvhjh65XdqmJx2P4ug=
Subject key identifier: F2:A9:6C:7D:DB:94:53:B6:02:3E:FC:19:D0:E3:00:15:41:FA:BF:41
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 01856F30128B12B8D6AE8805CE3B8DA7CD6E
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/8qlsfduUU7YCPvwZ0OMAFUH6v0E.roa
Signing time: Sun 01 Jan 2023 21:14:59 +0000
ROA not before: Sun 01 Jan 2023 21:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208975
IP address blocks: 45.9.195.0/24 maxlen: 24
2a0e:1107::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:12:8b:12:b8:d6:ae:88:05:ce:3b:8d:a7:cd:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 21:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2a96c7ddb9453b6023efc19d0e3001541fabf41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:68:17:29:7b:35:04:30:04:72:ea:0a:1b:f1:
32:2f:98:0c:5a:2f:b2:ab:7f:54:f7:93:d5:29:85:
b9:f7:f2:9e:78:6f:7d:ad:48:3b:7d:b4:d6:cf:0d:
c8:2f:8c:74:37:e8:d4:87:6b:94:0e:5f:f2:78:bb:
c6:30:ef:78:ed:45:ec:76:75:20:05:97:64:61:8c:
28:59:9a:56:0e:21:3b:0d:f9:e5:76:a6:83:49:e0:
6c:f4:11:fd:98:d8:c1:ce:cd:30:0c:23:88:ff:25:
a0:9d:46:de:47:eb:2d:0f:03:d7:0d:87:5e:ae:c7:
70:5c:93:6f:50:0f:9d:4b:b7:6b:0d:c8:c9:a1:a7:
36:c8:68:cb:3f:14:13:c3:30:0e:75:cd:d9:b3:c0:
56:96:76:e1:03:79:44:d9:f2:10:cc:33:cb:81:71:
ce:80:92:16:bf:1c:61:4f:92:cf:f4:3a:a0:11:63:
1a:8f:f7:57:e2:62:54:0c:4a:ed:d8:37:a3:aa:08:
d2:ad:91:de:7e:f8:23:be:7d:3e:54:54:38:22:f6:
71:38:e8:4c:c9:52:f9:c0:92:92:6e:2b:81:39:53:
01:38:2c:4b:56:27:3f:a3:9f:ca:4b:66:04:71:d9:
8c:00:fb:04:0d:43:ef:76:df:af:1b:cf:40:b8:10:
e3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A9:6C:7D:DB:94:53:B6:02:3E:FC:19:D0:E3:00:15:41:FA:BF:41
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/8qlsfduUU7YCPvwZ0OMAFUH6v0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.195.0/24
IPv6:
2a0e:1107::/48
Signature Algorithm: sha256WithRSAEncryption
cb:80:e0:f6:48:52:76:c0:d8:92:a8:74:d0:79:dd:ef:90:c7:
05:5e:fb:ae:a2:ba:33:95:a3:7c:79:04:a5:d4:52:f7:27:38:
8c:fe:ee:ea:e7:1f:cc:1e:88:db:15:9c:5e:e5:cb:00:3f:ca:
19:d3:86:cc:83:b6:81:05:0c:42:54:78:b4:3f:22:cf:35:84:
15:64:be:aa:b6:6b:ff:db:ce:e1:75:c8:f9:1f:b0:f9:33:d6:
7a:a4:74:0c:46:c0:c9:15:af:71:cb:80:bf:17:ad:6f:be:a8:
c9:53:a4:10:67:39:4b:34:c2:6f:80:7d:ee:0d:7f:16:52:35:
e1:61:d4:e0:9b:f2:68:9b:76:fe:bd:6b:25:af:0b:97:4e:f9:
d5:cb:89:47:46:2f:2a:5f:48:e5:91:0c:17:cc:f0:0d:63:9c:
aa:2d:49:94:15:d5:e8:b1:8d:6a:29:6e:fe:5a:78:38:ec:72:
08:1d:54:0c:73:50:60:6d:f1:c1:02:4f:d6:db:30:c9:7f:33:
c1:69:5e:22:9c:b5:80:9b:4e:09:d6:cd:7e:17:70:c5:dc:de:
5b:57:f8:fe:9d:3c:9e:51:d0:97:e9:34:d2:87:eb:67:99:c3:
be:cb:da:b2:e7:ea:57:dc:22:1c:32:52:32:95:e4:ec:c4:de:
93:77:76:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvMBKLErjWrogFzjuNp81uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjMwMTAxMjExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE5NmM3ZGRiOTQ1M2I2MDIzZWZjMTlkMGUzMDAxNTQxZmFiZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GgXKXs1BDAEcuoKG/EyL5gMWi+y
q39U95PVKYW59/KeeG99rUg7fbTWzw3IL4x0N+jUh2uUDl/yeLvGMO947UXsdnUg
BZdkYYwoWZpWDiE7DfnldqaDSeBs9BH9mNjBzs0wDCOI/yWgnUbeR+stDwPXDYde
rsdwXJNvUA+dS7drDcjJoac2yGjLPxQTwzAOdc3Zs8BWlnbhA3lE2fIQzDPLgXHO
gJIWvxxhT5LP9DqgEWMaj/dX4mJUDErt2DejqgjSrZHefvgjvn0+VFQ4IvZxOOhM
yVL5wJKSbiuBOVMBOCxLVic/o5/KS2YEcdmMAPsEDUPvdt+vG89AuBDjQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPKpbH3blFO2Aj78GdDjABVB+r9BMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvOHFsc2ZkdVVVN1lDUHZ3WjBPTUFGVUg2djBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQnDMA8E
AgACMAkDBwAqDhEHAAAwDQYJKoZIhvcNAQELBQADggEBAMuA4PZIUnbA2JKodNB5
3e+QxwVe+66iujOVo3x5BKXUUvcnOIz+7urnH8weiNsVnF7lywA/yhnThsyDtoEF
DEJUeLQ/Is81hBVkvqq2a//bzuF1yPkfsPkz1nqkdAxGwMkVr3HLgL8XrW++qMlT
pBBnOUs0wm+Afe4NfxZSNeFh1OCb8mibdv69ayWvC5dO+dXLiUdGLypfSOWRDBfM
8A1jnKotSZQV1eixjWopbv5aeDjscggdVAxzUGBt8cECT9bbMMl/M8FpXiKctYCb
TgnWzX4XcMXc3ltX+P6dPJ5R0JfpNNKH62eZw77L2rLn6lfcIhwyUjKV5OzE3pN3
djU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:06 2024 by rpki-client on console-fra.rpki-client.org