Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/z8jwTdJnrObwsnJy6gvXiLv7_o4.roa
File: z8jwTdJnrObwsnJy6gvXiLv7_o4.roa (raw, json)
Hash identifier: A69mHvl7CPhNrFiyL5c+OO3A1axApGdTqcQi5ukakMQ=
Subject key identifier: CF:C8:F0:4D:D2:67:AC:E6:F0:B2:72:72:EA:0B:D7:88:BB:FB:FE:8E
Certificate issuer: /CN=a4a37beb7fd65caa9afc46d9f24273cd27c0f960
Certificate serial: 01856ECB714289943E03B1F1C081A828CCD4
Authority key identifier: A4:A3:7B:EB:7F:D6:5C:AA:9A:FC:46:D9:F2:42:73:CD:27:C0:F9:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/z8jwTdJnrObwsnJy6gvXiLv7_o4.roa
Signing time: Sun 01 Jan 2023 19:25:04 +0000
ROA not before: Sun 01 Jan 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20810
IP address blocks: 45.138.56.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:71:42:89:94:3e:03:b1:f1:c0:81:a8:28:cc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4a37beb7fd65caa9afc46d9f24273cd27c0f960
Validity
Not Before: Jan 1 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfc8f04dd267ace6f0b27272ea0bd788bbfbfe8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:54:3c:17:ce:d5:b5:9e:8b:ea:88:e6:a6:
b6:89:92:50:84:9c:04:db:08:82:61:ee:f6:3c:6f:
81:30:a7:d7:1d:9f:66:b6:06:5c:ff:f7:e1:fc:68:
e6:70:81:00:85:3f:5c:bd:50:5f:72:6d:ce:43:dc:
f1:d5:38:6b:96:ce:be:04:f3:c3:62:1b:fd:b5:a7:
02:ba:16:42:63:5f:06:e4:2c:1b:a8:d6:7f:bf:83:
15:d7:a0:2f:2c:1f:6b:7c:b5:84:59:e1:61:5c:36:
18:69:d1:9a:5a:bb:5e:2e:01:ba:76:5e:41:f8:fb:
03:29:53:be:62:6c:32:d7:9f:e1:c4:ad:32:fb:64:
13:8c:25:f9:f2:ca:30:8a:ab:27:a6:3d:a0:7e:d6:
6c:32:e3:46:56:a6:46:37:a5:0a:f4:c9:19:af:8c:
02:3a:79:71:6e:b7:bb:11:92:49:09:a1:94:03:26:
2c:43:5a:27:c0:b6:fe:cd:3f:67:0d:20:f6:59:ab:
be:aa:d7:f1:70:f0:f8:2e:b0:92:a2:fc:f3:27:e1:
9e:98:80:63:f1:5d:c3:58:7b:e5:42:78:56:ca:fb:
17:b2:72:ae:3b:9e:b7:6f:d2:ab:1a:5d:20:72:44:
03:5e:4f:97:58:e8:12:bb:cd:0d:f7:e1:a0:26:dc:
08:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C8:F0:4D:D2:67:AC:E6:F0:B2:72:72:EA:0B:D7:88:BB:FB:FE:8E
X509v3 Authority Key Identifier:
keyid:A4:A3:7B:EB:7F:D6:5C:AA:9A:FC:46:D9:F2:42:73:CD:27:C0:F9:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKN763_WXKqa_EbZ8kJzzSfA-WA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/z8jwTdJnrObwsnJy6gvXiLv7_o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/f440de-1592-458c-aaa3-7c47241c0a84/1/pKN763_WXKqa_EbZ8kJzzSfA-WA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:2f:fb:ff:10:ca:8f:20:bd:24:05:f9:6f:9e:73:2f:25:6d:
8a:76:34:42:cc:0a:63:b9:e7:c2:69:4c:e8:98:7a:8d:0c:38:
2b:09:10:37:a1:8d:f9:80:25:5e:66:88:70:ee:fe:d6:89:c8:
21:5e:29:1a:80:2b:3b:8e:bc:67:84:1b:30:4f:6f:f2:c8:a6:
f6:ae:53:4e:94:ca:d6:aa:19:cf:39:eb:ac:45:c5:de:ca:c6:
d2:b1:f7:d9:b1:d4:52:78:78:a3:6d:8a:1a:c7:98:f1:4b:b4:
43:1f:9f:79:b3:4f:71:0b:6b:df:d1:c4:fa:63:bd:ff:3e:df:
40:bc:a7:61:cb:bd:0a:a7:30:d7:14:e7:42:0c:a3:b4:76:7b:
24:14:83:0a:76:b0:1c:90:be:60:a9:45:31:0e:13:b3:8b:17:
2a:41:df:9d:aa:bd:52:14:78:22:4a:3e:89:28:1d:55:c2:d7:
bd:16:c3:ce:e6:e0:36:e6:62:0c:fd:61:9e:e4:06:be:6a:77:
28:00:39:09:ea:ac:c4:58:6e:a8:8d:82:26:a2:91:af:9f:66:
b0:3c:a4:f3:72:66:9f:54:0d:85:b2:75:23:bc:8d:9d:53:1f:
81:6f:c5:f5:5a:46:87:b3:8e:78:91:65:e7:1d:09:bc:9e:a3:
dc:89:24:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3FCiZQ+A7HxwIGoKMzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTM3YmViN2ZkNjVjYWE5YWZjNDZkOWYyNDI3M2NkMjdj
MGY5NjAwHhcNMjMwMTAxMTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmM4ZjA0ZGQyNjdhY2U2ZjBiMjcyNzJlYTBiZDc4OGJiZmJmZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9UPBfO1bWei+qI5qa2iZJQhJwE
2wiCYe72PG+BMKfXHZ9mtgZc//fh/GjmcIEAhT9cvVBfcm3OQ9zx1Thrls6+BPPD
Yhv9tacCuhZCY18G5CwbqNZ/v4MV16AvLB9rfLWEWeFhXDYYadGaWrteLgG6dl5B
+PsDKVO+Ymwy15/hxK0y+2QTjCX58sowiqsnpj2gftZsMuNGVqZGN6UK9MkZr4wC
Onlxbre7EZJJCaGUAyYsQ1onwLb+zT9nDSD2Wau+qtfxcPD4LrCSovzzJ+GemIBj
8V3DWHvlQnhWyvsXsnKuO563b9KrGl0gckQDXk+XWOgSu80N9+GgJtwI4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/I8E3SZ6zm8LJycuoL14i7+/6OMB8GA1UdIwQY
MBaAFKSje+t/1lyqmvxG2fJCc80nwPlgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtONzYzX1dYS3FhX0ViWjhrSnp6U2ZBLVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9mNDQwZGUtMTU5Mi00NThjLWFhYTMt
N2M0NzI0MWMwYTg0LzEvejhqd1RkSm5yT2J3c25KeTZndlhpTHY3X280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9mNDQwZGUtMTU5Mi00NThjLWFhYTMtN2M0NzI0MWMwYTg0
LzEvcEtONzYzX1dYS3FhX0ViWjhrSnp6U2ZBLVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYo4MA0G
CSqGSIb3DQEBCwUAA4IBAQBsL/v/EMqPIL0kBflvnnMvJW2KdjRCzApjuefCaUzo
mHqNDDgrCRA3oY35gCVeZohw7v7WicghXikagCs7jrxnhBswT2/yyKb2rlNOlMrW
qhnPOeusRcXeysbSsffZsdRSeHijbYoax5jxS7RDH595s09xC2vf0cT6Y73/Pt9A
vKdhy70KpzDXFOdCDKO0dnskFIMKdrAckL5gqUUxDhOzixcqQd+dqr1SFHgiSj6J
KB1Vwte9FsPO5uA25mIM/WGe5Aa+ancoADkJ6qzEWG6ojYImopGvn2awPKTzcmaf
VA2FsnUjvI2dUx+Bb8X1WkaHs454kWXnHQm8nqPciSSq
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:25 2024 by rpki-client on console-fra.rpki-client.org