Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/q4sdnfPkzOe50PPnfDbLn5LwzS0.roa
File: q4sdnfPkzOe50PPnfDbLn5LwzS0.roa (raw, json)
Hash identifier: rGSRaCML3td1ki0TU3vzzxYea3P7zzspskDYR31bqvE=
Subject key identifier: AB:8B:1D:9D:F3:E4:CC:E7:B9:D0:F3:E7:7C:36:CB:9F:92:F0:CD:2D
Certificate issuer: /CN=72ca1a5cff52ebe2f22b669dcc2c9027cea0b81c
Certificate serial: 0185725595167C1647B16D9F3B1856CAADAB
Authority key identifier: 72:CA:1A:5C:FF:52:EB:E2:F2:2B:66:9D:CC:2C:90:27:CE:A0:B8:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csoaXP9S6-LyK2adzCyQJ86guBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/q4sdnfPkzOe50PPnfDbLn5LwzS0.roa
Signing time: Mon 02 Jan 2023 11:54:49 +0000
ROA not before: Mon 02 Jan 2023 11:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35120
IP address blocks: 45.8.8.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:95:16:7c:16:47:b1:6d:9f:3b:18:56:ca:ad:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ca1a5cff52ebe2f22b669dcc2c9027cea0b81c
Validity
Not Before: Jan 2 11:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab8b1d9df3e4cce7b9d0f3e77c36cb9f92f0cd2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e0:91:ea:70:c5:03:38:b8:af:bf:c5:ec:f8:
d1:06:61:ae:64:c3:f3:da:8c:ab:08:1a:16:1f:94:
e8:95:0d:ca:6e:54:96:c9:b4:9b:56:04:c8:2f:7e:
0b:ea:3d:c8:e0:3f:ee:96:0d:5d:f5:5a:8a:ce:63:
3b:fb:06:3a:c5:a6:5b:c3:cb:ca:4e:cc:33:97:f4:
e9:d5:15:14:11:23:bc:a0:bc:55:68:7d:19:9f:bf:
b9:b1:23:f0:fa:9b:62:60:d2:48:c6:e0:2a:f3:46:
c8:f5:1d:30:6a:6d:68:90:67:97:f1:35:30:63:39:
fe:78:5a:e7:ab:29:34:01:6a:0b:63:63:19:60:8b:
ca:2f:c5:85:cb:95:4a:0d:8d:2f:85:18:97:ad:3f:
c3:45:2b:0d:ef:a4:b6:60:9e:43:26:cd:52:d2:a9:
c2:86:40:44:6d:6f:c6:9e:57:c9:3d:c8:64:70:11:
ad:16:b3:09:f5:d5:cb:f8:2c:69:93:ab:d9:2a:25:
7c:57:3f:53:5f:46:78:e3:42:28:ac:5c:f5:88:a9:
de:93:cc:f6:4e:60:39:a9:98:9c:f6:89:1c:e9:c0:
59:54:c2:06:bc:83:14:ef:20:d6:13:98:5e:86:22:
b8:17:6e:f8:67:ea:bf:53:7b:16:14:8e:92:4e:25:
1b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8B:1D:9D:F3:E4:CC:E7:B9:D0:F3:E7:7C:36:CB:9F:92:F0:CD:2D
X509v3 Authority Key Identifier:
keyid:72:CA:1A:5C:FF:52:EB:E2:F2:2B:66:9D:CC:2C:90:27:CE:A0:B8:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csoaXP9S6-LyK2adzCyQJ86guBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/q4sdnfPkzOe50PPnfDbLn5LwzS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/12ac0e-5474-45d5-8def-6a414f184706/1/csoaXP9S6-LyK2adzCyQJ86guBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.8.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:5d:53:87:ae:71:db:b1:c0:c2:b0:26:ea:49:7e:1b:91:cb:
16:93:f5:ed:68:71:67:44:ee:d4:ad:ed:71:bf:d4:c9:85:77:
96:47:4f:10:f4:64:72:fa:23:82:34:a0:96:e0:88:c4:0a:3f:
07:b3:67:95:f3:ba:9c:c8:fe:ca:78:43:5e:81:6c:01:5e:05:
8e:37:10:77:c2:ae:d2:98:42:1e:7d:46:ef:13:a9:a8:ac:0a:
35:c8:f4:1d:2c:13:b0:23:8b:39:d8:1b:4b:a9:fc:f2:41:39:
a7:14:4c:4d:e6:18:38:f7:fe:14:9a:69:83:a8:14:e6:fa:1e:
84:c8:dd:35:e4:47:80:50:de:ad:1e:3d:d5:eb:f8:bd:78:28:
bb:3b:67:8a:47:e9:9a:48:86:1c:c9:b2:bd:64:5e:46:96:67:
97:3a:98:43:47:be:9a:51:1a:e5:72:07:10:c3:00:fa:0b:72:
ca:68:14:a1:3b:ed:e4:3b:a2:98:25:45:66:b0:d5:79:36:0c:
82:2f:96:c9:6e:c4:ac:9f:1a:df:fd:c0:dd:18:96:b7:83:e9:
e7:1d:02:2b:bb:f9:68:0e:54:87:ec:09:4e:9c:82:57:2e:f6:
f3:c1:58:5f:2a:b8:d6:c7:1c:73:77:86:1c:d8:f3:bc:c1:7b:
7a:6d:42:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVZUWfBZHsW2fOxhWyq2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyY2ExYTVjZmY1MmViZTJmMjJiNjY5ZGNjMmM5MDI3Y2Vh
MGI4MWMwHhcNMjMwMTAyMTE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhiMWQ5ZGYzZTRjY2U3YjlkMGYzZTc3YzM2Y2I5ZjkyZjBjZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreCR6nDFAzi4r7/F7PjRBmGuZMPz
2oyrCBoWH5TolQ3KblSWybSbVgTIL34L6j3I4D/ulg1d9VqKzmM7+wY6xaZbw8vK
Tswzl/Tp1RUUESO8oLxVaH0Zn7+5sSPw+ptiYNJIxuAq80bI9R0wam1okGeX8TUw
Yzn+eFrnqyk0AWoLY2MZYIvKL8WFy5VKDY0vhRiXrT/DRSsN76S2YJ5DJs1S0qnC
hkBEbW/GnlfJPchkcBGtFrMJ9dXL+Cxpk6vZKiV8Vz9TX0Z440IorFz1iKnek8z2
TmA5qZic9okc6cBZVMIGvIMU7yDWE5hehiK4F274Z+q/U3sWFI6STiUbLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuLHZ3z5MznudDz53w2y5+S8M0tMB8GA1UdIwQY
MBaAFHLKGlz/Uuvi8itmncwskCfOoLgcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NvYVhQOVM2LUx5SzJhZHpDeVFKODZndUJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8xMmFjMGUtNTQ3NC00NWQ1LThkZWYt
NmE0MTRmMTg0NzA2LzEvcTRzZG5mUGt6T2U1MFBQbmZEYkxuNUx3elMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8xMmFjMGUtNTQ3NC00NWQ1LThkZWYtNmE0MTRmMTg0NzA2
LzEvY3NvYVhQOVM2LUx5SzJhZHpDeVFKODZndUJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQgIMA0G
CSqGSIb3DQEBCwUAA4IBAQAdXVOHrnHbscDCsCbqSX4bkcsWk/XtaHFnRO7Ure1x
v9TJhXeWR08Q9GRy+iOCNKCW4IjECj8Hs2eV87qcyP7KeENegWwBXgWONxB3wq7S
mEIefUbvE6morAo1yPQdLBOwI4s52BtLqfzyQTmnFExN5hg49/4UmmmDqBTm+h6E
yN015EeAUN6tHj3V6/i9eCi7O2eKR+maSIYcybK9ZF5GlmeXOphDR76aURrlcgcQ
wwD6C3LKaBShO+3kO6KYJUVmsNV5NgyCL5bJbsSsnxrf/cDdGJa3g+nnHQIru/lo
DlSH7AlOnIJXLvbzwVhfKrjWxxxzd4Yc2PO8wXt6bUKi
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:11 2024 by rpki-client on console-fra.rpki-client.org