Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/4FZpLrZcKvFHkbHzMTTunw9uga8.roa
File: 4FZpLrZcKvFHkbHzMTTunw9uga8.roa (raw, json)
Hash identifier: pCEE0UI2Lha0AMFN+iwUePUVlBqIJ1fPZsJLTLkp4WU=
Subject key identifier: E0:56:69:2E:B6:5C:2A:F1:47:91:B1:F3:31:34:EE:9F:0F:6E:81:AF
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01879530939034B0ABB113C4B12305BA7BA0
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/4FZpLrZcKvFHkbHzMTTunw9uga8.roa
Signing time: Tue 18 Apr 2023 16:26:41 +0000
ROA not before: Tue 18 Apr 2023 16:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:30:93:90:34:b0:ab:b1:13:c4:b1:23:05:ba:7b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Apr 18 16:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e056692eb65c2af14791b1f33134ee9f0f6e81af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:ef:5b:51:0b:66:eb:eb:46:db:e0:aa:ba:
ac:6d:5b:55:c3:b5:41:68:c0:6b:6f:90:54:ad:6a:
56:00:02:a9:4e:a8:4e:22:4b:70:ad:bd:26:9c:43:
b2:8e:45:f5:a8:15:f6:1e:4d:9b:f3:0b:10:a5:02:
0a:50:7b:a3:13:57:a0:96:1e:3b:25:c9:cb:a6:3b:
4e:9b:0c:6d:02:b6:12:16:76:b2:c0:b7:63:e1:a7:
ec:4e:7a:d3:88:ad:8c:75:46:b6:83:e0:b6:c0:48:
88:0c:b4:65:9a:0b:97:b3:1a:17:59:a2:95:35:2a:
79:71:55:41:3d:45:32:88:19:49:54:d8:a0:90:b1:
89:ed:12:e6:5a:8e:8a:01:0c:32:5f:7a:9f:40:ee:
b6:dc:1a:95:36:51:f3:63:86:8b:60:fa:54:e9:55:
db:7a:73:6b:c1:35:98:68:6d:c5:f2:06:c8:6c:e5:
ab:92:cd:5d:12:c2:62:23:89:33:8c:90:0b:20:0f:
52:47:9a:47:a3:33:66:40:d6:95:3c:b8:c5:78:c4:
d4:6d:c8:ee:66:b5:52:28:6b:76:71:8e:ac:c5:81:
f3:2c:df:6f:0c:d5:d0:f4:c0:69:d8:51:4b:fe:74:
4e:93:ea:4f:a6:3e:6c:62:68:5a:c6:04:5f:26:28:
6a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:56:69:2E:B6:5C:2A:F1:47:91:B1:F3:31:34:EE:9F:0F:6E:81:AF
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/4FZpLrZcKvFHkbHzMTTunw9uga8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:5e:02:2f:c2:43:44:6a:45:50:69:bc:f1:3f:62:a5:ea:89:
62:81:ee:97:7c:9c:7f:f9:47:c6:1a:ff:bf:76:1b:fc:ca:1f:
78:c0:ac:43:7a:36:fb:d5:ba:45:1f:71:2b:c6:b6:85:84:39:
4c:85:0c:68:5a:43:e7:40:40:0c:4c:a4:4c:db:5e:59:a0:db:
64:a5:08:ba:f7:d5:ee:0b:36:d2:5f:b3:fc:d0:5c:20:f1:71:
1b:81:d3:a6:ba:35:9a:1e:c4:e6:c9:19:85:96:84:97:00:07:
ca:fb:b7:13:83:ae:9a:63:e6:79:6c:33:93:41:44:62:85:0e:
85:0e:b4:c3:1c:a2:e8:d9:ee:1a:dd:2c:62:9d:41:5d:c4:f6:
6c:61:e9:70:b6:50:57:f4:b4:86:00:c8:18:a0:c5:e8:f2:4f:
14:13:aa:28:96:8c:74:22:2d:dc:29:d4:05:f1:de:5d:9a:41:
cf:83:3c:fc:66:e1:2c:11:72:85:fa:a5:3c:94:b3:62:26:cd:
9d:be:b1:8a:5a:48:dd:cd:50:7f:f0:2b:44:de:bf:88:67:fb:
50:c6:b7:58:08:f7:34:47:f6:37:cf:b1:cf:bc:e2:06:8f:82:
39:d8:0a:d6:de:72:85:ec:cd:6a:c5:a1:22:db:8f:d3:18:23:
17:e3:72:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeVMJOQNLCrsRPEsSMFunugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwNDE4MTYyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDU2NjkyZWI2NWMyYWYxNDc5MWIxZjMzMTM0ZWU5ZjBmNmU4MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV3vW1ELZuvrRtvgqrqsbVtVw7VB
aMBrb5BUrWpWAAKpTqhOIktwrb0mnEOyjkX1qBX2Hk2b8wsQpQIKUHujE1eglh47
JcnLpjtOmwxtArYSFnaywLdj4afsTnrTiK2MdUa2g+C2wEiIDLRlmguXsxoXWaKV
NSp5cVVBPUUyiBlJVNigkLGJ7RLmWo6KAQwyX3qfQO623BqVNlHzY4aLYPpU6VXb
enNrwTWYaG3F8gbIbOWrks1dEsJiI4kzjJALIA9SR5pHozNmQNaVPLjFeMTUbcju
ZrVSKGt2cY6sxYHzLN9vDNXQ9MBp2FFL/nROk+pPpj5sYmhaxgRfJihqZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOBWaS62XCrxR5Gx8zE07p8PboGvMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvNEZacExyWmNLdkZIa2JIek1UVHVudzl1Z2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLULgMA0E
AgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQCeXgIvwkNEakVQabzxP2Kl
6olige6XfJx/+UfGGv+/dhv8yh94wKxDejb71bpFH3ErxraFhDlMhQxoWkPnQEAM
TKRM215ZoNtkpQi699XuCzbSX7P80Fwg8XEbgdOmujWaHsTmyRmFloSXAAfK+7cT
g66aY+Z5bDOTQURihQ6FDrTDHKLo2e4a3SxinUFdxPZsYelwtlBX9LSGAMgYoMXo
8k8UE6oolox0Ii3cKdQF8d5dmkHPgzz8ZuEsEXKF+qU8lLNiJs2dvrGKWkjdzVB/
8CtE3r+IZ/tQxrdYCPc0R/Y3z7HPvOIGj4I52ArW3nKF7M1qxaEi24/TGCMX43In
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org