Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/afaq7txb-JSdn9V7vgBABOcGJPk.roa
File: afaq7txb-JSdn9V7vgBABOcGJPk.roa (raw, json)
Hash identifier: koiAZj6jbqRI6zPSzBwb6BNw4GUsPFuEU2gbbEhtHP0=
Subject key identifier: 69:F6:AA:EE:DC:5B:F8:94:9D:9F:D5:7B:BE:00:40:04:E7:06:24:F9
Certificate issuer: /CN=cec5afe769b94346e1cd362eb85f875b23b17277
Certificate serial: 018B7C5A9FF856E259F1D7F7FD74C5826AB3
Authority key identifier: CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/afaq7txb-JSdn9V7vgBABOcGJPk.roa
Signing time: Sun 29 Oct 2023 16:53:15 +0000
ROA not before: Sun 29 Oct 2023 16:53:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.145.154.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:5a:9f:f8:56:e2:59:f1:d7:f7:fd:74:c5:82:6a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec5afe769b94346e1cd362eb85f875b23b17277
Validity
Not Before: Oct 29 16:53:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69f6aaeedc5bf8949d9fd57bbe004004e70624f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b8:4d:c9:7b:db:30:2e:95:60:7f:b8:78:99:
16:da:d2:39:08:68:4a:76:64:8f:fa:29:1b:9a:8f:
1b:24:37:95:f7:3f:33:00:1d:de:30:49:d2:ed:be:
6c:4a:d3:f5:da:26:3d:e3:ac:3d:94:4b:9c:24:55:
ec:2f:ff:16:5a:d7:fc:b1:d0:39:ec:7b:37:d3:27:
a4:99:ec:27:1d:f4:8f:bb:32:b7:13:a7:a1:fe:1d:
9f:29:38:4b:4b:70:83:bf:71:40:fc:09:fe:00:33:
b4:33:62:09:53:2d:fb:88:d9:d0:d9:93:73:4f:a5:
54:1d:fe:c8:41:25:03:b0:20:8e:01:fb:2d:fc:22:
46:7d:b7:e8:5b:60:50:ad:ac:97:9c:51:c7:02:26:
13:c3:a0:92:1e:ac:3f:4d:db:45:e3:8b:99:b7:bc:
56:05:25:22:1e:a8:d5:22:2f:0c:5a:8b:8d:c0:1c:
04:d9:1e:51:d7:69:99:58:8a:00:75:a6:67:00:cc:
ca:fd:6a:2e:0a:65:22:e6:8f:83:cc:49:97:67:7a:
5a:ce:e2:77:c2:5b:05:09:4a:8c:cf:63:30:c4:05:
e7:32:11:7d:70:c5:87:a9:af:a3:2c:2a:ee:85:cc:
08:f9:58:72:3e:fa:4d:c6:b6:77:9f:0c:3f:33:0f:
f9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F6:AA:EE:DC:5B:F8:94:9D:9F:D5:7B:BE:00:40:04:E7:06:24:F9
X509v3 Authority Key Identifier:
keyid:CE:C5:AF:E7:69:B9:43:46:E1:CD:36:2E:B8:5F:87:5B:23:B1:72:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsWv52m5Q0bhzTYuuF-HWyOxcnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/afaq7txb-JSdn9V7vgBABOcGJPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d569c-1907-4d2c-aced-33247c8e1c1f/1/zsWv52m5Q0bhzTYuuF-HWyOxcnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.154.0/23
Signature Algorithm: sha256WithRSAEncryption
31:02:9f:94:d3:45:79:de:a6:3e:4f:87:b6:6c:7b:70:bd:f2:
55:61:d0:30:f5:93:f5:1a:aa:a0:3a:db:d7:76:80:83:1d:ad:
7e:d1:6d:7c:c9:6a:a7:be:fe:83:36:9a:27:17:54:e3:c6:4a:
15:2e:6d:bc:15:20:d2:e4:02:82:4a:0f:0b:a4:1a:ac:a9:61:
a5:da:2b:92:0a:56:1b:4a:29:22:59:1f:af:b3:17:7e:c3:1e:
df:74:40:5a:57:7f:72:ad:f7:7b:53:23:9e:bb:e9:6c:10:ab:
68:d8:4f:3d:31:ef:05:ba:ef:82:75:19:4a:0a:5d:e6:2e:3a:
3a:20:8a:dc:ab:e5:07:75:33:c4:bc:83:63:d0:4d:63:87:75:
07:d9:14:9c:3f:0b:f6:e1:87:fd:25:88:2f:91:39:c3:e4:1a:
1b:c2:7d:b9:b0:42:cc:1e:42:2a:1e:d3:4c:f7:5d:cf:00:b2:
0a:4f:d2:36:fc:1e:70:1d:46:0d:24:a4:b6:b0:ce:f3:2b:22:
cf:9c:74:0e:b2:89:37:4e:46:2b:ad:45:b9:6d:9c:1b:0f:81:
49:46:7f:10:26:7c:de:68:b0:e4:7b:07:30:c9:d0:d4:8f:41:
f6:07:f7:2f:92:83:03:b9:70:f7:74:06:66:78:a6:49:13:66:
0f:2d:c7:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt8Wp/4VuJZ8df3/XTFgmqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzVhZmU3NjliOTQzNDZlMWNkMzYyZWI4NWY4NzViMjNi
MTcyNzcwHhcNMjMxMDI5MTY1MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY2YWFlZWRjNWJmODk0OWQ5ZmQ1N2JiZTAwNDAwNGU3MDYyNGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrhNyXvbMC6VYH+4eJkW2tI5CGhK
dmSP+ikbmo8bJDeV9z8zAB3eMEnS7b5sStP12iY946w9lEucJFXsL/8WWtf8sdA5
7Hs30yekmewnHfSPuzK3E6eh/h2fKThLS3CDv3FA/An+ADO0M2IJUy37iNnQ2ZNz
T6VUHf7IQSUDsCCOAfst/CJGfbfoW2BQrayXnFHHAiYTw6CSHqw/TdtF44uZt7xW
BSUiHqjVIi8MWouNwBwE2R5R12mZWIoAdaZnAMzK/WouCmUi5o+DzEmXZ3pazuJ3
wlsFCUqMz2MwxAXnMhF9cMWHqa+jLCruhcwI+VhyPvpNxrZ3nww/Mw/5iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGn2qu7cW/iUnZ/Ve74AQATnBiT5MB8GA1UdIwQY
MBaAFM7Fr+dpuUNG4c02Lrhfh1sjsXJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQt
MzMyNDdjOGUxYzFmLzEvYWZhcTd0eGItSlNkbjlWN3ZnQkFCT2NHSlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDU2OWMtMTkwNy00ZDJjLWFjZWQtMzMyNDdjOGUxYzFm
LzEvenNXdjUybTVRMGJoelRZdXVGLUhXeU94Y25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZGaMA0G
CSqGSIb3DQEBCwUAA4IBAQAxAp+U00V53qY+T4e2bHtwvfJVYdAw9ZP1GqqgOtvX
doCDHa1+0W18yWqnvv6DNponF1TjxkoVLm28FSDS5AKCSg8LpBqsqWGl2iuSClYb
SikiWR+vsxd+wx7fdEBaV39yrfd7UyOeu+lsEKto2E89Me8Fuu+CdRlKCl3mLjo6
IIrcq+UHdTPEvINj0E1jh3UH2RScPwv24Yf9JYgvkTnD5Bobwn25sELMHkIqHtNM
913PALIKT9I2/B5wHUYNJKS2sM7zKyLPnHQOsok3TkYrrUW5bZwbD4FJRn8QJnze
aLDkewcwydDUj0H2B/cvkoMDuXD3dAZmeKZJE2YPLccG
-----END CERTIFICATE-----
Generated at Sun Nov 5 17:37:23 2023 by rpki-client on console-ams.rpki-client.org