Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/86XYVk_ZbiOx__qdUWQknmY2xik.roa
File: 86XYVk_ZbiOx__qdUWQknmY2xik.roa (raw, json)
Hash identifier: kVBK4PfoXV3nqNgHWPNK852ThJC5p3/oGJXsI2gdqJc=
Subject key identifier: F3:A5:D8:56:4F:D9:6E:23:B1:FF:FA:9D:51:64:24:9E:66:36:C6:29
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018C53D7C9A7FCE00A2626F18F874198D0C6
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/86XYVk_ZbiOx__qdUWQknmY2xik.roa
Signing time: Sun 10 Dec 2023 13:08:19 +0000
ROA not before: Sun 10 Dec 2023 13:08:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.145.154.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:53:d7:c9:a7:fc:e0:0a:26:26:f1:8f:87:41:98:d0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Dec 10 13:08:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3a5d8564fd96e23b1fffa9d5164249e6636c629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:30:e8:66:63:7d:c3:b7:1a:c2:c2:0f:40:8a:
58:43:dd:9e:f0:38:51:d3:86:2a:9d:18:f7:8e:9f:
e7:aa:e8:3a:68:c2:e2:dd:55:9c:d6:dc:fa:0a:fe:
af:26:95:ce:ed:8f:3b:1f:1c:d0:22:cb:71:53:f2:
d3:70:2c:e9:5b:6e:24:79:17:0c:c2:e5:c1:4e:11:
f7:eb:4f:37:44:f8:73:7f:70:dc:da:45:77:94:16:
84:ef:53:66:07:5b:96:dc:de:a5:24:63:ab:e6:1f:
6b:56:65:e7:fb:96:f4:62:19:af:7d:46:55:d9:d5:
db:92:eb:60:fe:fd:ed:c7:37:67:42:50:c2:82:b7:
25:29:82:5a:8a:3a:e5:0b:2a:b0:68:77:c9:b5:12:
59:5d:9e:13:f2:a9:d7:50:7b:a0:85:15:54:09:6d:
1b:26:b2:99:3a:fd:39:38:94:f6:1f:8f:4d:55:a6:
51:a1:1a:40:38:69:c2:22:ee:16:25:7a:3e:cf:0e:
66:ce:c8:fc:8f:7e:50:d8:95:ec:34:a8:a0:94:a3:
0c:5e:76:ff:2b:af:3c:1b:80:d4:2c:d5:cb:de:c4:
c3:00:51:62:cb:f8:ab:e5:d6:68:d9:5e:63:2a:d2:
ad:f4:e6:e1:a2:4b:3c:93:3e:1e:6c:6e:ee:2b:bb:
9e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A5:D8:56:4F:D9:6E:23:B1:FF:FA:9D:51:64:24:9E:66:36:C6:29
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/86XYVk_ZbiOx__qdUWQknmY2xik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.154.0/23
Signature Algorithm: sha256WithRSAEncryption
04:26:ba:1f:11:51:90:18:91:a9:c2:09:0a:67:fe:7e:e2:7f:
f4:91:82:ab:c8:d6:25:78:c3:4b:8d:e6:57:3a:60:66:3d:a9:
f0:5c:a5:0c:e5:80:cf:83:66:11:f3:fa:50:f0:5e:d2:c8:7c:
86:1f:db:05:8d:24:d6:51:93:0d:ed:59:ba:02:b1:d2:da:28:
66:f2:df:82:f6:9d:7b:d3:0d:f7:e4:c3:25:10:9a:26:74:ce:
c4:b2:9a:bf:39:9e:da:e3:99:27:56:65:a6:fc:aa:60:01:96:
2b:e1:cb:82:66:b8:fc:03:a5:ba:f6:ab:30:29:81:b1:9a:6d:
f2:f2:a9:8f:63:03:6d:de:08:d2:b3:f9:f1:4d:5e:3d:85:4f:
98:a8:3d:84:67:4e:b0:3f:32:15:82:a0:9a:21:31:04:39:bd:
0a:c7:74:a2:71:fe:6c:dc:2f:c2:e3:af:31:1e:42:c3:57:53:
29:66:de:7c:d9:73:89:2e:d5:0b:10:9c:d3:59:11:ff:df:cf:
c8:c6:d6:85:29:42:3a:15:b5:ab:72:e5:2c:ce:3b:26:7b:0a:
58:49:8a:75:fe:5c:b9:30:e0:5d:69:a3:dd:e2:2a:ec:20:26:
77:63:fd:b7:81:bf:9e:cb:e9:a5:7a:8a:63:e8:48:d3:bd:ba:
fb:7b:b0:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxT18mn/OAKJibxj4dBmNDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMxMjEwMTMwODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E1ZDg1NjRmZDk2ZTIzYjFmZmZhOWQ1MTY0MjQ5ZTY2MzZjNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzDoZmN9w7cawsIPQIpYQ92e8DhR
04YqnRj3jp/nqug6aMLi3VWc1tz6Cv6vJpXO7Y87HxzQIstxU/LTcCzpW24keRcM
wuXBThH36083RPhzf3Dc2kV3lBaE71NmB1uW3N6lJGOr5h9rVmXn+5b0YhmvfUZV
2dXbkutg/v3txzdnQlDCgrclKYJaijrlCyqwaHfJtRJZXZ4T8qnXUHughRVUCW0b
JrKZOv05OJT2H49NVaZRoRpAOGnCIu4WJXo+zw5mzsj8j35Q2JXsNKiglKMMXnb/
K688G4DULNXL3sTDAFFiy/ir5dZo2V5jKtKt9Obhoks8kz4ebG7uK7ueMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOl2FZP2W4jsf/6nVFkJJ5mNsYpMB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvODZYWVZrX1piaU94X19xZFVXUWtubVkyeGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAEJrofEVGQGJGpwgkKZ/5+4n/0kYKryNYleMNLjeZX
OmBmPanwXKUM5YDPg2YR8/pQ8F7SyHyGH9sFjSTWUZMN7Vm6ArHS2ihm8t+C9p17
0w335MMlEJomdM7Espq/OZ7a45knVmWm/KpgAZYr4cuCZrj8A6W69qswKYGxmm3y
8qmPYwNt3gjSs/nxTV49hU+YqD2EZ06wPzIVgqCaITEEOb0Kx3Sicf5s3C/C468x
HkLDV1MpZt582XOJLtULEJzTWRH/38/IxtaFKUI6FbWrcuUszjsmewpYSYp1/ly5
MOBdaaPd4irsICZ3Y/23gb+ey+mleopj6EjTvbr7e7Bc
-----END CERTIFICATE-----
Generated at Thu Dec 28 01:03:05 2023 by rpki-client on console-fra.rpki-client.org