Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/ALWXehMl6zh-iAztx1voxaRPc-8.roa
File: ALWXehMl6zh-iAztx1voxaRPc-8.roa (raw, json)
Hash identifier: uCW5l/pZk3sBlssOcrdtkB/E/+/pprr5eefP/qqNBxg=
Subject key identifier: 00:B5:97:7A:13:25:EB:38:7E:88:0C:ED:C7:5B:E8:C5:A4:4F:73:EF
Certificate issuer: /CN=c76a265ca8ad7273a8a130a1763283d2ff1b4dda
Certificate serial: 01856C37EB8246A4A1A7F3C6542607575399
Authority key identifier: C7:6A:26:5C:A8:AD:72:73:A8:A1:30:A1:76:32:83:D2:FF:1B:4D:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2omXKitcnOooTChdjKD0v8bTdo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/ALWXehMl6zh-iAztx1voxaRPc-8.roa
Signing time: Sun 01 Jan 2023 07:24:42 +0000
ROA not before: Sun 01 Jan 2023 07:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208016
IP address blocks: 45.85.48.0/22 maxlen: 22
2a0e:b680::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:37:eb:82:46:a4:a1:a7:f3:c6:54:26:07:57:53:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76a265ca8ad7273a8a130a1763283d2ff1b4dda
Validity
Not Before: Jan 1 07:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b5977a1325eb387e880cedc75be8c5a44f73ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:52:6b:e3:82:41:92:02:7b:e9:c4:99:09:a7:
9c:21:68:ea:4b:2d:f4:fe:f4:f8:e0:d6:9b:a6:a9:
ae:c2:4d:38:fe:94:35:3f:07:36:be:37:61:75:7b:
59:34:db:3e:c7:9c:81:50:ca:7f:79:f3:dc:5b:ed:
3a:ca:25:3d:78:1e:d7:86:44:9f:aa:4d:85:95:57:
cc:61:04:10:56:13:48:1c:ee:36:b0:5f:77:12:9c:
6c:2a:18:4f:4b:4e:5f:d8:01:e1:f8:2c:3c:80:27:
02:58:df:38:2f:7c:ed:01:34:1f:5a:a8:72:48:29:
0d:69:b1:a9:ef:36:7b:99:a0:66:4e:79:b0:fb:d3:
d1:8d:ee:79:14:4a:38:72:10:8e:ba:e0:1c:56:e6:
06:db:d7:b7:43:f7:c2:48:04:1f:34:eb:8f:eb:14:
4f:ae:83:2d:d7:bf:41:6d:7a:76:17:8f:bd:9b:c5:
79:f1:79:2d:8e:2c:2b:0f:e7:e0:9c:64:31:7e:f5:
5a:3b:d5:3d:e2:fb:40:7e:8f:fb:06:05:71:f6:67:
0d:93:2f:a1:49:82:c7:0d:9a:a9:94:74:e5:93:7a:
66:13:c2:73:79:a4:67:18:16:ad:59:2e:1c:4e:c6:
a2:c4:a5:56:e8:f2:59:f3:0c:e4:42:f7:a0:7a:92:
1b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B5:97:7A:13:25:EB:38:7E:88:0C:ED:C7:5B:E8:C5:A4:4F:73:EF
X509v3 Authority Key Identifier:
keyid:C7:6A:26:5C:A8:AD:72:73:A8:A1:30:A1:76:32:83:D2:FF:1B:4D:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2omXKitcnOooTChdjKD0v8bTdo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/ALWXehMl6zh-iAztx1voxaRPc-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/02c254-36bf-4c8c-98d9-7e9837a9228c/1/x2omXKitcnOooTChdjKD0v8bTdo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.48.0/22
IPv6:
2a0e:b680::/29
Signature Algorithm: sha256WithRSAEncryption
89:01:67:bf:91:0d:27:0f:79:fb:df:1f:e8:8f:b3:ec:d2:5d:
9d:bd:75:a9:e8:dc:91:c2:da:c8:61:3a:19:57:ae:f2:2f:c1:
92:9b:9b:ea:8c:35:d1:96:c2:ea:40:66:42:f6:f3:45:be:3b:
b8:70:c7:4d:79:6d:93:34:08:2e:35:50:69:0b:b6:e0:c9:c7:
93:0f:93:08:fe:67:74:a7:d3:d6:2d:68:f1:e4:2e:36:c0:8d:
50:aa:02:b4:5a:1a:c8:b2:ec:e6:b4:a2:f0:76:a1:a0:d4:f0:
33:b1:fe:92:25:05:82:b4:f5:47:18:7f:1f:50:c4:c9:16:05:
12:1d:95:b9:a2:69:49:2c:51:54:4a:bb:79:83:15:ea:8a:ff:
d2:5b:51:2f:98:1b:58:07:0c:70:72:79:be:ad:fb:d8:8d:00:
61:4b:1c:71:cc:4c:3e:8a:21:a3:da:e8:01:e5:f2:6c:18:44:
eb:7b:87:f7:b2:8b:c6:b0:86:7a:03:34:bf:94:63:ee:e7:fa:
73:f5:7b:8b:c2:a8:77:0b:61:a5:39:82:7e:44:61:e5:b0:0c:
78:70:61:2a:c5:de:48:f4:7b:73:d9:26:9b:2e:ca:2c:e2:be:
a9:b7:cd:4f:bb:70:a6:8c:7d:b9:1c:ec:95:7f:a1:fb:18:54:
d4:37:b0:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsN+uCRqShp/PGVCYHV1OZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmEyNjVjYThhZDcyNzNhOGExMzBhMTc2MzI4M2QyZmYx
YjRkZGEwHhcNMjMwMTAxMDcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI1OTc3YTEzMjVlYjM4N2U4ODBjZWRjNzViZThjNWE0NGY3M2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllJr44JBkgJ76cSZCaecIWjqSy30
/vT44Nabpqmuwk04/pQ1Pwc2vjdhdXtZNNs+x5yBUMp/efPcW+06yiU9eB7XhkSf
qk2FlVfMYQQQVhNIHO42sF93EpxsKhhPS05f2AHh+Cw8gCcCWN84L3ztATQfWqhy
SCkNabGp7zZ7maBmTnmw+9PRje55FEo4chCOuuAcVuYG29e3Q/fCSAQfNOuP6xRP
roMt179BbXp2F4+9m8V58XktjiwrD+fgnGQxfvVaO9U94vtAfo/7BgVx9mcNky+h
SYLHDZqplHTlk3pmE8JzeaRnGBatWS4cTsaixKVW6PJZ8wzkQvegepIbhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAC1l3oTJes4fogM7cdb6MWkT3PvMB8GA1UdIwQY
MBaAFMdqJlyorXJzqKEwoXYyg9L/G03aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJvbVhLaXRjbk9vb1RDaGRqS0QwdjhiVGRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wMmMyNTQtMzZiZi00YzhjLTk4ZDkt
N2U5ODM3YTkyMjhjLzEvQUxXWGVoTWw2emgtaUF6dHgxdm94YVJQYy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wMmMyNTQtMzZiZi00YzhjLTk4ZDktN2U5ODM3YTkyMjhj
LzEveDJvbVhLaXRjbk9vb1RDaGRqS0QwdjhiVGRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVUwMA0E
AgACMAcDBQMqDraAMA0GCSqGSIb3DQEBCwUAA4IBAQCJAWe/kQ0nD3n73x/oj7Ps
0l2dvXWp6NyRwtrIYToZV67yL8GSm5vqjDXRlsLqQGZC9vNFvju4cMdNeW2TNAgu
NVBpC7bgyceTD5MI/md0p9PWLWjx5C42wI1QqgK0WhrIsuzmtKLwdqGg1PAzsf6S
JQWCtPVHGH8fUMTJFgUSHZW5omlJLFFUSrt5gxXqiv/SW1EvmBtYBwxwcnm+rfvY
jQBhSxxxzEw+iiGj2ugB5fJsGETre4f3sovGsIZ6AzS/lGPu5/pz9XuLwqh3C2Gl
OYJ+RGHlsAx4cGEqxd5I9Htz2SabLsos4r6pt81Pu3CmjH25HOyVf6H7GFTUN7Am
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:55 2024 by rpki-client on console-ams.rpki-client.org