Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/3Y3AxbZkkjrNNGwKHce8wtNBpQA.roa
File: 3Y3AxbZkkjrNNGwKHce8wtNBpQA.roa (raw, json)
Hash identifier: aLWZ2lF/iF0i71UqaBgEPsfxo7aUHZV0SpVwFrfI+BY=
Subject key identifier: DD:8D:C0:C5:B6:64:92:3A:CD:34:6C:0A:1D:C7:BC:C2:D3:41:A5:00
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 01856FA717D51AB97890E806FB6DEAD17A6A
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/3Y3AxbZkkjrNNGwKHce8wtNBpQA.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64473
IP address blocks: 45.92.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:17:d5:1a:b9:78:90:e8:06:fb:6d:ea:d1:7a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd8dc0c5b664923acd346c0a1dc7bcc2d341a500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3a:d4:4c:d2:9e:8f:a9:6e:58:c3:19:73:97:
f4:bc:bb:9d:4f:67:ad:5d:d6:ab:a3:e0:14:97:d5:
d6:3c:4e:21:c9:35:88:95:6f:7b:64:e8:2d:06:fd:
99:9c:05:6d:ce:37:88:b6:03:af:3d:d0:ab:29:8c:
a7:50:a9:4e:9d:cd:2c:59:bd:71:5b:b6:ae:a8:1e:
88:7d:b5:36:71:32:ad:d1:e6:96:74:54:45:eb:df:
de:1c:76:58:3b:de:81:05:9b:12:ed:7f:a7:4c:3b:
1a:fb:44:8c:b3:9e:eb:e3:d7:f9:69:bd:a1:e9:57:
02:16:00:38:5f:78:49:f0:91:74:0e:76:63:49:e5:
ac:a4:cb:f4:8e:92:11:3d:21:f8:e2:52:e2:8f:96:
db:9a:be:31:e0:62:19:4e:a0:d2:60:4e:b5:de:3e:
d1:94:f0:30:e4:2d:d3:66:b5:07:54:7c:ec:3b:93:
48:a0:d9:39:d6:54:1b:5b:67:f3:cd:ad:42:96:a8:
6f:72:d0:01:9c:e2:bf:72:78:51:4a:67:0a:24:3a:
f2:e1:a0:50:4d:16:6b:9e:1f:29:47:04:94:da:de:
1a:77:41:34:e7:5e:fc:19:2f:9e:16:1b:ff:06:1e:
17:96:be:dd:7b:68:7f:71:29:9b:94:e6:e5:53:28:
87:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:8D:C0:C5:B6:64:92:3A:CD:34:6C:0A:1D:C7:BC:C2:D3:41:A5:00
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/3Y3AxbZkkjrNNGwKHce8wtNBpQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.40.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:64:1d:64:29:80:19:98:4d:3e:3f:a6:32:5c:a2:2f:5e:fc:
08:8d:d8:a1:39:e9:ea:e5:bb:35:18:f1:9f:0b:80:97:7f:ac:
c8:25:39:f9:78:75:57:8f:05:8a:c5:a0:45:3a:dc:1b:8d:0e:
8b:2f:00:55:75:d7:c6:d9:0b:a2:74:e6:15:e5:80:a8:3c:1c:
87:9c:b5:dc:48:9e:e6:1e:58:f7:e3:6c:26:f2:2b:e5:d5:a9:
a5:d0:93:b7:fc:ef:43:b0:c5:38:c2:d0:ab:1d:37:33:e2:3f:
fb:d4:43:19:4e:07:50:63:7c:e2:84:d0:eb:98:b4:3e:13:81:
b9:bb:14:72:fa:17:de:5f:f2:27:09:64:eb:2f:86:5c:84:b9:
4f:bd:fd:2b:1f:a0:6b:9a:be:66:4b:a9:99:d1:fb:11:64:32:
61:19:ad:78:de:2b:8a:90:4e:d5:6c:17:f6:91:72:56:e1:a1:
a6:54:7a:6e:7a:31:39:fc:50:c9:72:b1:c3:51:7d:a3:a2:93:
00:2b:e4:08:df:8e:40:bd:8d:1f:e7:5a:fc:35:ce:cb:e6:c1:
9c:fc:a3:42:cd:c2:34:b3:40:78:39:b7:ac:a7:19:e7:8c:f8:
cc:b6:8e:c8:c8:46:ca:a1:1f:bf:e4:8f:ae:bb:b4:58:ea:33:
74:0a:42:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpxfVGrl4kOgG+23q0XpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDhkYzBjNWI2NjQ5MjNhY2QzNDZjMGExZGM3YmNjMmQzNDFhNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTrUTNKej6luWMMZc5f0vLudT2et
Xdaro+AUl9XWPE4hyTWIlW97ZOgtBv2ZnAVtzjeItgOvPdCrKYynUKlOnc0sWb1x
W7auqB6IfbU2cTKt0eaWdFRF69/eHHZYO96BBZsS7X+nTDsa+0SMs57r49f5ab2h
6VcCFgA4X3hJ8JF0DnZjSeWspMv0jpIRPSH44lLij5bbmr4x4GIZTqDSYE613j7R
lPAw5C3TZrUHVHzsO5NIoNk51lQbW2fzza1ClqhvctABnOK/cnhRSmcKJDry4aBQ
TRZrnh8pRwSU2t4ad0E05178GS+eFhv/Bh4Xlr7de2h/cSmblOblUyiHcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2NwMW2ZJI6zTRsCh3HvMLTQaUAMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvM1kzQXhiWmtranJOTkd3S0hjZTh3dE5CcFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVwoMA0G
CSqGSIb3DQEBCwUAA4IBAQDSZB1kKYAZmE0+P6YyXKIvXvwIjdihOenq5bs1GPGf
C4CXf6zIJTn5eHVXjwWKxaBFOtwbjQ6LLwBVddfG2QuidOYV5YCoPByHnLXcSJ7m
Hlj342wm8ivl1aml0JO3/O9DsMU4wtCrHTcz4j/71EMZTgdQY3zihNDrmLQ+E4G5
uxRy+hfeX/InCWTrL4ZchLlPvf0rH6Brmr5mS6mZ0fsRZDJhGa143iuKkE7VbBf2
kXJW4aGmVHpuejE5/FDJcrHDUX2jopMAK+QI345AvY0f51r8Nc7L5sGc/KNCzcI0
s0B4ObespxnnjPjMto7IyEbKoR+/5I+uu7RY6jN0CkLQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:28 2024 by rpki-client on console-fra.rpki-client.org