Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Saa4jk4MFzdlqUyHCe-zTwcef80.roa
File: Saa4jk4MFzdlqUyHCe-zTwcef80.roa (raw, json)
Hash identifier: FgleO+PQgqEN9rgrxPsr/aALnw4ZWuEHvEj4rW9/lG8=
Subject key identifier: 49:A6:B8:8E:4E:0C:17:37:65:A9:4C:87:09:EF:B3:4F:07:1E:7F:CD
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0189F28B3D51441BB8A57D7DC8474C4FEB40
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Saa4jk4MFzdlqUyHCe-zTwcef80.roa
Signing time: Mon 14 Aug 2023 05:35:58 +0000
ROA not before: Mon 14 Aug 2023 05:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:8b:3d:51:44:1b:b8:a5:7d:7d:c8:47:4c:4f:eb:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Aug 14 05:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49a6b88e4e0c173765a94c8709efb34f071e7fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:15:59:1d:17:65:af:89:c9:12:22:e9:ee:82:
9a:25:ed:68:7b:f0:e3:69:4d:6e:b2:af:6f:6f:96:
d6:26:1f:cb:fb:a3:27:f6:f8:b6:db:8e:d2:97:29:
5e:a6:b6:ce:ae:02:30:7f:0c:5e:ae:d5:32:ea:e6:
e7:df:e6:ea:db:1f:28:42:74:e0:65:79:1d:bc:ad:
6a:e3:45:90:3b:25:b4:e5:9e:d5:b5:1f:1a:74:f6:
eb:b6:3a:fa:4d:96:d7:8f:92:9d:cf:2e:06:92:06:
f6:9a:40:1d:9a:27:6e:b2:14:19:6d:6a:db:12:1f:
fd:cf:81:d4:b3:3d:80:0c:b3:8f:c8:8c:1a:54:31:
e8:4e:8a:c8:e5:b0:c2:67:63:ed:8b:9d:b5:3d:8d:
3d:ea:42:37:f1:03:0e:f8:19:31:dd:66:8a:82:22:
88:20:d0:bb:95:0a:2f:ca:2a:e3:17:d9:99:a7:f3:
97:24:37:eb:7d:59:0a:8e:01:49:ed:11:39:dd:a7:
f5:db:0d:77:ae:be:17:f8:96:45:2e:3b:5c:41:f4:
7a:1d:59:a4:47:e1:42:c4:6d:b0:57:08:23:f2:3b:
6e:86:ca:07:1e:20:fe:0d:73:7e:fc:76:e4:9a:c7:
aa:8b:1d:5c:61:7a:38:46:f0:42:de:24:e2:c0:bc:
2f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A6:B8:8E:4E:0C:17:37:65:A9:4C:87:09:EF:B3:4F:07:1E:7F:CD
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/Saa4jk4MFzdlqUyHCe-zTwcef80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
04:55:79:b1:15:6a:44:7f:c3:58:b3:4f:5a:d6:2c:0c:c1:b9:
71:e7:99:a9:b2:ec:32:79:8c:ef:fe:ed:8b:75:29:07:97:36:
f9:2d:1b:5a:0f:c8:5a:5c:b3:51:98:4c:38:a9:69:ac:5a:9d:
b1:8a:5b:24:5f:ee:25:73:a9:c4:28:27:70:16:7c:9e:ca:53:
f5:4b:7a:33:49:65:a2:50:77:1b:83:30:ca:eb:4c:e2:fc:3a:
18:78:6c:23:75:32:3e:e8:8d:01:29:d1:e8:ad:a5:83:c8:13:
33:24:c9:0d:b0:4c:ce:48:70:4a:ca:04:91:f3:21:c6:ec:02:
8f:2e:a5:0a:a0:82:1a:86:21:95:1b:06:df:ac:61:38:a5:80:
3b:ab:9c:e0:f7:e7:11:d9:1b:fd:cf:f0:fd:62:e2:9a:06:a5:
59:a9:ce:fc:b2:5f:8f:75:89:36:9c:d0:33:f1:cb:e9:92:d7:
74:a9:f6:92:6d:6d:3f:96:ed:0d:eb:db:8b:11:c5:e6:bf:fe:
5f:df:83:eb:cd:36:66:3a:f1:62:84:a7:cf:25:25:10:c9:14:
c9:ac:3f:a6:9b:fa:df:ce:21:83:4e:eb:dc:d1:3e:e0:83:9f:
1e:93:a4:2a:18:cc:26:c8:d5:53:58:4d:3c:88:6b:57:4a:93:
68:9b:62:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnyiz1RRBu4pX19yEdMT+tAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwODE0MDUzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWE2Yjg4ZTRlMGMxNzM3NjVhOTRjODcwOWVmYjM0ZjA3MWU3ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxVZHRdlr4nJEiLp7oKaJe1oe/Dj
aU1usq9vb5bWJh/L+6Mn9vi2247SlyleprbOrgIwfwxertUy6ubn3+bq2x8oQnTg
ZXkdvK1q40WQOyW05Z7VtR8adPbrtjr6TZbXj5Kdzy4Gkgb2mkAdmidushQZbWrb
Eh/9z4HUsz2ADLOPyIwaVDHoTorI5bDCZ2Pti521PY096kI38QMO+Bkx3WaKgiKI
INC7lQovyirjF9mZp/OXJDfrfVkKjgFJ7RE53af12w13rr4X+JZFLjtcQfR6HVmk
R+FCxG2wVwgj8jtuhsoHHiD+DXN+/Hbkmseqix1cYXo4RvBC3iTiwLwvfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEmmuI5ODBc3ZalMhwnvs08HHn/NMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvU2FhNGprNE1GemRscVV5SENlLXpUd2NlZjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLULgMA0E
AgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IBAQAEVXmxFWpEf8NYs09a1iwM
wblx55mpsuwyeYzv/u2LdSkHlzb5LRtaD8haXLNRmEw4qWmsWp2xilskX+4lc6nE
KCdwFnyeylP1S3ozSWWiUHcbgzDK60zi/DoYeGwjdTI+6I0BKdHoraWDyBMzJMkN
sEzOSHBKygSR8yHG7AKPLqUKoIIahiGVGwbfrGE4pYA7q5zg9+cR2Rv9z/D9YuKa
BqVZqc78sl+PdYk2nNAz8cvpktd0qfaSbW0/lu0N69uLEcXmv/5f34PrzTZmOvFi
hKfPJSUQyRTJrD+mm/rfziGDTuvc0T7gg58ek6QqGMwmyNVTWE08iGtXSpNom2IY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org