Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/g0Jt-bwEsbSj1I7JslZ49XvRRZg.roa
File: g0Jt-bwEsbSj1I7JslZ49XvRRZg.roa (raw, json)
Hash identifier: wDUb6FO8mzcDOGBCFNBdXG+pAinw2ALGZWNndUoz7Xw=
Subject key identifier: 83:42:6D:F9:BC:04:B1:B4:A3:D4:8E:C9:B2:56:78:F5:7B:D1:45:98
Certificate issuer: /CN=f7cb14a41f8d9e628dae88f4752822fc77dfec02
Certificate serial: 0185708CA1A5A2C8D0E086A85A1DE55F6485
Authority key identifier: F7:CB:14:A4:1F:8D:9E:62:8D:AE:88:F4:75:28:22:FC:77:DF:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/g0Jt-bwEsbSj1I7JslZ49XvRRZg.roa
Signing time: Mon 02 Jan 2023 03:35:42 +0000
ROA not before: Mon 02 Jan 2023 03:35:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 45.157.132.0/22 maxlen: 24
2a0f:4280::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a1:a5:a2:c8:d0:e0:86:a8:5a:1d:e5:5f:64:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7cb14a41f8d9e628dae88f4752822fc77dfec02
Validity
Not Before: Jan 2 03:35:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83426df9bc04b1b4a3d48ec9b25678f57bd14598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2b:bd:24:f7:37:2d:58:ec:df:78:a0:c1:19:
30:63:af:54:17:3c:35:27:f5:8e:b4:9d:18:63:97:
5d:0a:47:fa:da:f5:3e:58:c3:dd:63:80:e7:de:d7:
61:6d:c5:d1:df:3f:e5:e4:25:1c:7a:b9:35:cf:fd:
21:06:4d:75:ba:63:05:5b:19:82:29:d8:b3:c9:24:
81:3c:da:9a:88:eb:0c:06:f1:cc:1b:5a:b7:50:05:
50:cc:c1:96:d4:0e:af:52:a6:26:b5:1e:09:ef:e0:
b0:66:ac:5c:0b:73:aa:b7:f1:73:f5:f2:d1:12:91:
c5:c1:5b:8b:42:5d:46:9c:3e:77:50:30:a5:c5:6d:
91:76:b8:a7:5a:23:48:ef:8b:36:4a:bd:58:5f:85:
af:ae:49:3e:6b:d7:dd:a4:11:39:c6:98:ff:83:87:
3a:9f:58:8f:de:20:32:8c:ef:2b:4b:05:2f:33:be:
b5:db:97:ea:d6:eb:81:2c:f3:62:ee:43:1c:e5:ca:
47:4c:b5:de:ab:57:f8:23:2e:7e:e7:0e:2c:6e:33:
4d:44:dd:2e:38:f0:e1:52:b3:75:16:5e:70:6b:55:
7d:4a:7c:b2:df:e8:79:4d:49:a9:9f:14:de:ab:3d:
e1:f0:08:b0:76:17:22:e4:cb:c1:be:4c:35:f0:f8:
28:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:42:6D:F9:BC:04:B1:B4:A3:D4:8E:C9:B2:56:78:F5:7B:D1:45:98
X509v3 Authority Key Identifier:
keyid:F7:CB:14:A4:1F:8D:9E:62:8D:AE:88:F4:75:28:22:FC:77:DF:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/g0Jt-bwEsbSj1I7JslZ49XvRRZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/98sUpB-NnmKNroj0dSgi_Hff7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.132.0/22
IPv6:
2a0f:4280::/29
Signature Algorithm: sha256WithRSAEncryption
56:db:e1:f2:43:ee:83:b1:e7:78:16:3c:5a:53:15:2c:40:e6:
be:d4:6a:c2:37:f2:d0:bd:4b:b9:d2:f5:a1:d5:e0:28:36:f4:
33:91:56:a1:b4:f2:ff:d0:0a:ff:a5:2d:2e:f4:e7:b6:f5:a6:
c1:7f:84:43:59:68:cf:12:30:03:1b:70:cb:5e:b1:15:d0:c3:
ca:ef:53:73:5e:91:a2:c0:13:76:cc:81:47:73:75:c7:d0:f8:
de:7a:40:1b:37:5c:0f:25:0d:ee:2e:6b:e4:ab:a7:7a:28:42:
51:f5:33:bd:ab:13:ad:bd:90:e8:81:e4:bb:3a:b2:55:0d:6f:
02:77:4c:d4:f9:da:75:cb:1e:e2:74:02:e1:6d:77:6d:19:3d:
58:a6:87:87:47:87:22:a5:b4:0b:86:1f:97:2a:3a:5c:42:8b:
45:15:34:49:60:fc:b8:4f:b9:e3:cc:89:32:86:af:6b:3a:15:
8a:e0:c0:a0:b0:85:b7:c7:86:9b:b8:de:28:2d:ee:85:27:f9:
2b:bd:a5:2a:9e:4d:81:4e:85:bd:70:5a:34:a8:9a:96:57:a6:
68:19:03:d6:b0:e7:43:5e:d4:08:19:9b:df:59:34:40:9f:74:
90:67:7d:88:31:2c:7c:d3:09:54:9a:6b:2b:94:92:b0:e6:ae:
d5:ad:83:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjKGlosjQ4IaoWh3lX2SFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2IxNGE0MWY4ZDllNjI4ZGFlODhmNDc1MjgyMmZjNzdk
ZmVjMDIwHhcNMjMwMTAyMDMzNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQyNmRmOWJjMDRiMWI0YTNkNDhlYzliMjU2NzhmNTdiZDE0NTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiu9JPc3LVjs33igwRkwY69UFzw1
J/WOtJ0YY5ddCkf62vU+WMPdY4Dn3tdhbcXR3z/l5CUcerk1z/0hBk11umMFWxmC
KdizySSBPNqaiOsMBvHMG1q3UAVQzMGW1A6vUqYmtR4J7+CwZqxcC3Oqt/Fz9fLR
EpHFwVuLQl1GnD53UDClxW2RdrinWiNI74s2Sr1YX4Wvrkk+a9fdpBE5xpj/g4c6
n1iP3iAyjO8rSwUvM76125fq1uuBLPNi7kMc5cpHTLXeq1f4Iy5+5w4sbjNNRN0u
OPDhUrN1Fl5wa1V9Snyy3+h5TUmpnxTeqz3h8Aiwdhci5MvBvkw18Pgo3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFINCbfm8BLG0o9SOybJWePV70UWYMB8GA1UdIwQY
MBaAFPfLFKQfjZ5ija6I9HUoIvx33+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThzVXBCLU5ubUtOcm9qMGRTZ2lfSGZmN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84OTAzMTEtNDhlZS00ODZkLTkzNTkt
ZTdlZTRlNzVkM2FmLzEvZzBKdC1id0VzYlNqMUk3SnNsWjQ5WHZSUlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84OTAzMTEtNDhlZS00ODZkLTkzNTktZTdlZTRlNzVkM2Fm
LzEvOThzVXBCLU5ubUtOcm9qMGRTZ2lfSGZmN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ2EMA0E
AgACMAcDBQMqD0KAMA0GCSqGSIb3DQEBCwUAA4IBAQBW2+HyQ+6Dsed4FjxaUxUs
QOa+1GrCN/LQvUu50vWh1eAoNvQzkVahtPL/0Ar/pS0u9Oe29abBf4RDWWjPEjAD
G3DLXrEV0MPK71NzXpGiwBN2zIFHc3XH0PjeekAbN1wPJQ3uLmvkq6d6KEJR9TO9
qxOtvZDogeS7OrJVDW8Cd0zU+dp1yx7idALhbXdtGT1YpoeHR4cipbQLhh+XKjpc
QotFFTRJYPy4T7njzIkyhq9rOhWK4MCgsIW3x4abuN4oLe6FJ/krvaUqnk2BToW9
cFo0qJqWV6ZoGQPWsOdDXtQIGZvfWTRAn3SQZ32IMSx80wlUmmsrlJKw5q7VrYNn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:54 2024 by rpki-client on console-ams.rpki-client.org