Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/tKnN_4rN5FNx028yIn9EbVf4H6Y.roa
File: tKnN_4rN5FNx028yIn9EbVf4H6Y.roa (raw, json)
Hash identifier: WXOadULMHoKfwlDyu5TEAKSvLmf123JSUlKfb0RGlWE=
Subject key identifier: B4:A9:CD:FF:8A:CD:E4:53:71:D3:6F:32:22:7F:44:6D:57:F8:1F:A6
Certificate issuer: /CN=f7cb14a41f8d9e628dae88f4752822fc77dfec02
Certificate serial: 0185708CA38ADD55F9B437270C7353DB09D2
Authority key identifier: F7:CB:14:A4:1F:8D:9E:62:8D:AE:88:F4:75:28:22:FC:77:DF:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/tKnN_4rN5FNx028yIn9EbVf4H6Y.roa
Signing time: Mon 02 Jan 2023 03:35:43 +0000
ROA not before: Mon 02 Jan 2023 03:35:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208064
IP address blocks: 45.157.132.0/22 maxlen: 24
2a0f:4280::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a3:8a:dd:55:f9:b4:37:27:0c:73:53:db:09:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7cb14a41f8d9e628dae88f4752822fc77dfec02
Validity
Not Before: Jan 2 03:35:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4a9cdff8acde45371d36f32227f446d57f81fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:78:9d:6b:24:9d:41:6a:40:da:58:5d:9a:
d8:15:4e:c1:95:77:bd:a8:0e:bc:76:73:5a:63:cf:
c8:74:00:5f:9b:38:9e:ce:06:b0:bd:62:13:3f:13:
67:ac:0b:70:69:34:98:70:7d:c3:77:a9:f6:5b:74:
8a:2b:ef:5b:f8:e0:d9:d3:93:22:02:86:01:30:02:
76:c5:05:68:ad:46:67:e2:39:5d:4e:07:6c:86:2c:
0e:ac:43:bd:7c:84:b9:6c:da:0a:0c:64:6b:f4:05:
c9:6a:d9:9f:7a:99:a1:b0:f8:34:58:98:92:32:0f:
01:f7:8a:b9:44:2b:32:e0:00:8e:eb:4e:83:00:54:
15:76:6f:b1:38:8c:b8:ea:55:8d:c8:04:6c:94:8c:
f0:10:a3:4a:d9:56:52:7d:72:11:f9:63:dc:68:dc:
ab:4f:48:24:97:09:e1:07:cd:62:e4:6b:bf:aa:02:
82:a2:96:fa:3d:39:af:29:11:47:70:c4:5a:ed:37:
ac:bb:97:ab:dc:80:e5:37:58:f9:f8:d2:6b:9a:ab:
04:b2:15:67:03:38:3c:0c:c8:fc:d2:19:c9:f9:3e:
e2:3d:40:02:e3:7a:59:78:cd:f8:c2:02:90:04:27:
1e:58:c9:35:41:15:ec:ce:ac:4b:8d:63:72:ba:2b:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A9:CD:FF:8A:CD:E4:53:71:D3:6F:32:22:7F:44:6D:57:F8:1F:A6
X509v3 Authority Key Identifier:
keyid:F7:CB:14:A4:1F:8D:9E:62:8D:AE:88:F4:75:28:22:FC:77:DF:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98sUpB-NnmKNroj0dSgi_Hff7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/tKnN_4rN5FNx028yIn9EbVf4H6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/890311-48ee-486d-9359-e7ee4e75d3af/1/98sUpB-NnmKNroj0dSgi_Hff7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.132.0/22
IPv6:
2a0f:4280::/29
Signature Algorithm: sha256WithRSAEncryption
2e:79:92:44:61:23:73:37:62:23:e8:47:24:c4:1d:a0:b1:00:
76:8e:f5:c5:96:72:8d:97:43:ca:d3:1e:ae:1e:e6:c3:72:5c:
8b:ae:1b:c7:a7:bf:c7:39:4f:c4:e6:26:8e:3f:eb:76:c5:03:
b6:d8:06:ec:2f:0b:ea:ff:01:28:7e:b2:a8:3e:ab:58:49:66:
ce:00:6d:61:42:9a:5a:39:0c:83:e6:ea:28:04:cf:ca:e1:22:
80:c6:b3:a1:d7:fb:fe:f0:f7:bd:4b:7a:31:50:73:3a:c1:88:
e0:8c:5e:7c:5a:cc:a3:1c:55:44:05:06:b6:05:4f:4d:08:35:
0f:4c:9d:24:ca:45:ce:6f:24:29:7a:91:77:e7:00:08:d4:8f:
70:51:ff:3c:48:1f:f5:02:76:ab:5d:4b:58:07:1a:c9:3e:87:
a8:ac:e9:7b:92:0f:b9:bd:9d:b6:64:80:70:f9:7f:4f:de:1e:
c3:be:4c:b5:a1:53:f0:dd:2e:f2:b5:ac:ff:0f:16:42:5b:d5:
86:68:0c:71:a9:76:5c:a3:da:ae:4e:05:38:92:37:6d:d1:b4:
af:15:b4:9e:f5:e6:17:68:7b:de:51:3d:2b:ce:a2:eb:1a:5e:
34:96:48:8c:7c:12:2b:33:4e:7b:c9:f7:b0:84:2e:a0:1d:1e:
c9:c1:30:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjKOK3VX5tDcnDHNT2wnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3Y2IxNGE0MWY4ZDllNjI4ZGFlODhmNDc1MjgyMmZjNzdk
ZmVjMDIwHhcNMjMwMTAyMDMzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE5Y2RmZjhhY2RlNDUzNzFkMzZmMzIyMjdmNDQ2ZDU3ZjgxZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTV4nWsknUFqQNpYXZrYFU7BlXe9
qA68dnNaY8/IdABfmziezgawvWITPxNnrAtwaTSYcH3Dd6n2W3SKK+9b+ODZ05Mi
AoYBMAJ2xQVorUZn4jldTgdshiwOrEO9fIS5bNoKDGRr9AXJatmfepmhsPg0WJiS
Mg8B94q5RCsy4ACO606DAFQVdm+xOIy46lWNyARslIzwEKNK2VZSfXIR+WPcaNyr
T0gklwnhB81i5Gu/qgKCopb6PTmvKRFHcMRa7Tesu5er3IDlN1j5+NJrmqsEshVn
Azg8DMj80hnJ+T7iPUAC43pZeM34wgKQBCceWMk1QRXszqxLjWNyuis+zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLSpzf+KzeRTcdNvMiJ/RG1X+B+mMB8GA1UdIwQY
MBaAFPfLFKQfjZ5ija6I9HUoIvx33+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThzVXBCLU5ubUtOcm9qMGRTZ2lfSGZmN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84OTAzMTEtNDhlZS00ODZkLTkzNTkt
ZTdlZTRlNzVkM2FmLzEvdEtuTl80ck41Rk54MDI4eUluOUViVmY0SDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84OTAzMTEtNDhlZS00ODZkLTkzNTktZTdlZTRlNzVkM2Fm
LzEvOThzVXBCLU5ubUtOcm9qMGRTZ2lfSGZmN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ2EMA0E
AgACMAcDBQMqD0KAMA0GCSqGSIb3DQEBCwUAA4IBAQAueZJEYSNzN2Ij6EckxB2g
sQB2jvXFlnKNl0PK0x6uHubDclyLrhvHp7/HOU/E5iaOP+t2xQO22AbsLwvq/wEo
frKoPqtYSWbOAG1hQppaOQyD5uooBM/K4SKAxrOh1/v+8Pe9S3oxUHM6wYjgjF58
WsyjHFVEBQa2BU9NCDUPTJ0kykXObyQpepF35wAI1I9wUf88SB/1AnarXUtYBxrJ
PoeorOl7kg+5vZ22ZIBw+X9P3h7Dvky1oVPw3S7ytaz/DxZCW9WGaAxxqXZco9qu
TgU4kjdt0bSvFbSe9eYXaHveUT0rzqLrGl40lkiMfBIrM057yfewhC6gHR7JwTAW
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:20 2024 by rpki-client on console-fra.rpki-client.org