Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/t_nBCYnpI7FexLGpzpbgkInlMQg.roa
File: t_nBCYnpI7FexLGpzpbgkInlMQg.roa (raw, json)
Hash identifier: fjtfsJIpESNuYIvNle0lWMWoLLykWrzpGgCr7iTMdjY=
Subject key identifier: B7:F9:C1:09:89:E9:23:B1:5E:C4:B1:A9:CE:96:E0:90:89:E5:31:08
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 01856FA71D00473CA3F3262D3A61D0870209
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/t_nBCYnpI7FexLGpzpbgkInlMQg.roa
Signing time: Sun 01 Jan 2023 23:25:00 +0000
ROA not before: Sun 01 Jan 2023 23:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208634
IP address blocks: 45.92.40.0/22 maxlen: 24
2a0e:1cc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:1d:00:47:3c:a3:f3:26:2d:3a:61:d0:87:02:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 23:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7f9c10989e923b15ec4b1a9ce96e09089e53108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1b:9a:60:86:43:68:99:21:ee:43:6a:bf:46:
70:e7:72:98:34:28:4e:c5:ad:7d:e3:2c:bd:9d:ba:
9c:ee:94:6d:b9:87:48:a6:70:d8:1e:83:85:49:f1:
a9:21:e3:8a:5d:93:ca:6c:ba:cb:61:b7:8f:f0:70:
a4:b5:42:56:d1:ac:9d:77:f4:da:29:a7:36:db:4e:
66:d5:67:b5:07:ca:1c:13:ca:b8:30:2c:f9:ff:28:
55:6a:40:5c:d5:97:43:f6:e7:7b:b9:58:7e:57:70:
db:bd:2f:b5:2b:04:fe:49:25:0f:17:41:37:bc:25:
0d:28:98:f7:90:98:b7:ba:63:3f:3f:e6:cc:24:30:
ed:de:df:c8:48:77:e2:34:86:1a:28:89:0b:64:40:
96:84:27:bf:7f:44:ab:26:24:30:81:7e:b3:40:79:
2d:aa:28:d6:a3:81:ae:49:e6:a4:24:5a:e5:8f:99:
e1:4c:a3:b3:35:0e:83:68:0d:b2:dc:f5:bd:fe:94:
ee:bc:81:6a:40:a4:a4:d7:26:83:81:f8:b1:10:94:
8a:0f:43:c8:9e:27:0c:2d:75:cc:d6:70:e1:b8:32:
a6:7d:71:a2:07:19:97:5e:cb:fd:d2:df:9a:2a:42:
d6:d9:a1:3c:92:d4:4d:06:60:98:f6:e1:1d:9e:8b:
93:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:F9:C1:09:89:E9:23:B1:5E:C4:B1:A9:CE:96:E0:90:89:E5:31:08
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/t_nBCYnpI7FexLGpzpbgkInlMQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.40.0/22
IPv6:
2a0e:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
bc:9d:dc:dc:47:2e:a7:f9:bb:c9:45:77:6f:9e:6e:36:6e:89:
9a:bc:1f:ce:ad:11:8a:e0:da:1f:a6:bd:b8:51:0b:e7:af:e9:
05:fe:ef:38:4c:6d:ce:04:8c:18:cf:60:f5:45:26:8e:04:98:
a8:b2:59:98:04:ec:0f:45:b5:33:32:12:66:1b:74:c6:3b:2d:
55:fd:d8:cd:70:37:d0:f9:d7:95:8f:dd:af:c2:fd:84:07:29:
38:05:cc:f7:a7:ca:dc:9b:18:ec:93:f1:12:3d:d7:2f:a5:96:
a9:fa:ff:65:00:4c:fb:15:1b:0e:6c:6a:b6:b0:ef:0f:7c:e6:
68:62:c2:b4:78:17:18:f9:11:18:d3:b3:bc:eb:cf:44:ab:23:
39:95:67:cd:7f:ed:6e:39:b8:df:d7:0d:7c:ca:51:5c:24:a2:
ab:d2:b7:00:19:85:9f:c8:eb:5d:49:87:a6:f8:ed:c4:0b:61:
c7:f5:2b:20:4c:6a:8f:06:42:37:eb:8f:e4:dc:81:18:42:f8:
81:40:9f:e0:b7:e8:24:e8:f5:26:35:87:df:d5:10:9d:d0:60:
18:15:f1:04:52:a1:af:e2:2c:3b:50:49:29:88:66:7e:9c:ef:
7f:5b:1d:87:81:fa:86:15:92:fb:dd:69:66:c8:d5:bf:7a:7e:
c5:4f:f4:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvpx0ARzyj8yYtOmHQhwIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjMwMTAxMjMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Y5YzEwOTg5ZTkyM2IxNWVjNGIxYTljZTk2ZTA5MDg5ZTUzMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBuaYIZDaJkh7kNqv0Zw53KYNChO
xa194yy9nbqc7pRtuYdIpnDYHoOFSfGpIeOKXZPKbLrLYbeP8HCktUJW0aydd/Ta
Kac2205m1We1B8ocE8q4MCz5/yhVakBc1ZdD9ud7uVh+V3DbvS+1KwT+SSUPF0E3
vCUNKJj3kJi3umM/P+bMJDDt3t/ISHfiNIYaKIkLZECWhCe/f0SrJiQwgX6zQHkt
qijWo4GuSeakJFrlj5nhTKOzNQ6DaA2y3PW9/pTuvIFqQKSk1yaDgfixEJSKD0PI
nicMLXXM1nDhuDKmfXGiBxmXXsv90t+aKkLW2aE8ktRNBmCY9uEdnouTfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLf5wQmJ6SOxXsSxqc6W4JCJ5TEIMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvdF9uQkNZbnBJN0ZleExHcHpwYmdrSW5sTVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVwoMA0E
AgACMAcDBQMqDhzAMA0GCSqGSIb3DQEBCwUAA4IBAQC8ndzcRy6n+bvJRXdvnm42
bomavB/OrRGK4Nofpr24UQvnr+kF/u84TG3OBIwYz2D1RSaOBJioslmYBOwPRbUz
MhJmG3TGOy1V/djNcDfQ+deVj92vwv2EByk4Bcz3p8rcmxjsk/ESPdcvpZap+v9l
AEz7FRsObGq2sO8PfOZoYsK0eBcY+REY07O8689EqyM5lWfNf+1uObjf1w18ylFc
JKKr0rcAGYWfyOtdSYem+O3EC2HH9SsgTGqPBkI364/k3IEYQviBQJ/gt+gk6PUm
NYff1RCd0GAYFfEEUqGv4iw7UEkpiGZ+nO9/Wx2HgfqGFZL73WlmyNW/en7FT/QH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org