Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/45f60f-0fac-40ef-a30e-1e0ed9f344fc/1/al2WmsUQAjdYpqTH3p7r31cNpxo.roa
File: al2WmsUQAjdYpqTH3p7r31cNpxo.roa (raw, json)
Hash identifier: 2iwQgLB9RrQRMWb+3cQLFsTBn0zAGTStGeL/S8c3VOU=
Subject key identifier: 6A:5D:96:9A:C5:10:02:37:58:A6:A4:C7:DE:9E:EB:DF:57:0D:A7:1A
Certificate issuer: /CN=42a1f96f91c4a09f979c5b185c26cb00ae0f86bf
Certificate serial: 01856C135E347F52703F3308F31FAD81857C
Authority key identifier: 42:A1:F9:6F:91:C4:A0:9F:97:9C:5B:18:5C:26:CB:00:AE:0F:86:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QqH5b5HEoJ-XnFsYXCbLAK4Phr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/45f60f-0fac-40ef-a30e-1e0ed9f344fc/1/al2WmsUQAjdYpqTH3p7r31cNpxo.roa
Signing time: Sun 01 Jan 2023 06:44:46 +0000
ROA not before: Sun 01 Jan 2023 06:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58197
IP address blocks: 45.128.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:5e:34:7f:52:70:3f:33:08:f3:1f:ad:81:85:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42a1f96f91c4a09f979c5b185c26cb00ae0f86bf
Validity
Not Before: Jan 1 06:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a5d969ac510023758a6a4c7de9eebdf570da71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:96:df:c4:46:4c:89:df:c6:ac:17:37:54:7b:
70:14:1d:68:20:1e:52:fd:19:16:e5:c6:17:ea:41:
11:d3:94:4c:3c:e8:fc:a2:c5:d5:42:a7:91:42:17:
4f:29:53:0c:4a:f4:d1:d8:de:75:b8:e8:f9:13:68:
fe:86:7f:5b:b5:9f:c0:7e:3b:fe:d7:dd:b1:cf:bf:
c1:b8:a0:38:73:82:5d:6a:f8:8b:fb:ee:ca:0b:35:
bf:28:92:ef:c7:81:27:74:a6:fd:e6:81:83:4a:41:
02:b4:2b:d1:fe:e9:45:5f:16:c9:c3:a8:bc:8d:b3:
81:4a:4e:69:b7:bb:95:ce:1d:46:a7:fa:a5:1d:19:
32:09:5f:df:7f:5d:0f:81:cf:41:cc:7b:96:ae:1a:
e3:59:10:06:11:2d:47:77:00:1d:ff:23:7f:ff:4b:
78:de:75:ab:9e:78:ce:9d:b2:57:0d:53:9d:2c:b6:
d4:c5:cb:b8:00:7a:a0:fd:b7:95:09:03:ad:50:d7:
dd:38:26:58:b5:e6:9b:d7:bb:01:f2:97:e5:50:51:
d4:db:04:9e:55:60:ac:24:3c:b4:b3:7d:19:3f:a1:
6a:8d:d4:d4:ef:f4:34:ac:59:1a:2f:06:e0:cf:01:
14:14:fa:2c:c3:f7:9b:40:a6:10:02:c4:c3:33:b7:
c2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5D:96:9A:C5:10:02:37:58:A6:A4:C7:DE:9E:EB:DF:57:0D:A7:1A
X509v3 Authority Key Identifier:
keyid:42:A1:F9:6F:91:C4:A0:9F:97:9C:5B:18:5C:26:CB:00:AE:0F:86:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QqH5b5HEoJ-XnFsYXCbLAK4Phr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/45f60f-0fac-40ef-a30e-1e0ed9f344fc/1/al2WmsUQAjdYpqTH3p7r31cNpxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/45f60f-0fac-40ef-a30e-1e0ed9f344fc/1/QqH5b5HEoJ-XnFsYXCbLAK4Phr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:6f:21:00:fb:98:f0:c8:8e:15:e0:78:d2:7e:d2:1f:76:bf:
cc:b3:71:58:e1:af:92:34:b9:fe:36:65:2b:55:3c:32:b6:bf:
69:70:38:b4:7e:50:2c:67:b5:5c:ab:d6:c0:18:19:73:32:88:
cc:e6:62:ac:bd:c0:7a:93:09:54:af:cf:2a:c3:b4:50:25:5f:
73:a1:3e:71:f2:2b:55:28:ac:b4:cd:12:04:d6:a5:99:23:6d:
80:50:b9:d9:4f:73:4b:e0:80:53:f0:8c:0e:a2:c0:4e:7b:75:
c5:9c:eb:ec:5b:f7:b6:64:e4:93:16:29:ec:a1:5b:0d:91:5c:
7a:85:04:4f:ef:33:1b:9d:bf:8a:2b:7b:61:54:44:f1:55:a0:
d0:5f:e8:07:bd:99:4b:f8:73:08:0f:a5:d3:e3:06:05:8e:77:
71:d4:97:90:c3:20:1b:00:a8:32:31:21:48:b2:31:84:2a:84:
fb:26:5b:a5:13:d2:14:df:1d:3c:ae:e0:4c:13:11:74:cc:aa:
14:ad:81:5b:78:2e:97:33:c6:64:e7:6f:eb:66:b3:8e:52:67:
75:7c:9e:50:9c:fa:19:4f:ce:a3:19:f2:9c:dc:f9:94:47:cb:
c0:4b:c1:90:48:15:e6:30:47:ca:cd:60:1f:c2:5f:3e:00:4e:
e9:75:ff:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE140f1JwPzMI8x+tgYV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYTFmOTZmOTFjNGEwOWY5NzljNWIxODVjMjZjYjAwYWUw
Zjg2YmYwHhcNMjMwMTAxMDY0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVkOTY5YWM1MTAwMjM3NThhNmE0YzdkZTllZWJkZjU3MGRhNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJbfxEZMid/GrBc3VHtwFB1oIB5S
/RkW5cYX6kER05RMPOj8osXVQqeRQhdPKVMMSvTR2N51uOj5E2j+hn9btZ/Afjv+
192xz7/BuKA4c4JdaviL++7KCzW/KJLvx4EndKb95oGDSkECtCvR/ulFXxbJw6i8
jbOBSk5pt7uVzh1Gp/qlHRkyCV/ff10Pgc9BzHuWrhrjWRAGES1HdwAd/yN//0t4
3nWrnnjOnbJXDVOdLLbUxcu4AHqg/beVCQOtUNfdOCZYteab17sB8pflUFHU2wSe
VWCsJDy0s30ZP6FqjdTU7/Q0rFkaLwbgzwEUFPosw/ebQKYQAsTDM7fCEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpdlprFEAI3WKakx96e699XDacaMB8GA1UdIwQY
MBaAFEKh+W+RxKCfl5xbGFwmywCuD4a/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXFINWI1SEVvSi1YbkZzWVhDYkxBSzRQaHI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS80NWY2MGYtMGZhYy00MGVmLWEzMGUt
MWUwZWQ5ZjM0NGZjLzEvYWwyV21zVVFBamRZcHFUSDNwN3IzMWNOcHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS80NWY2MGYtMGZhYy00MGVmLWEzMGUtMWUwZWQ5ZjM0NGZj
LzEvUXFINWI1SEVvSi1YbkZzWVhDYkxBSzRQaHI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYCoMA0G
CSqGSIb3DQEBCwUAA4IBAQBNbyEA+5jwyI4V4HjSftIfdr/Ms3FY4a+SNLn+NmUr
VTwytr9pcDi0flAsZ7Vcq9bAGBlzMojM5mKsvcB6kwlUr88qw7RQJV9zoT5x8itV
KKy0zRIE1qWZI22AULnZT3NL4IBT8IwOosBOe3XFnOvsW/e2ZOSTFinsoVsNkVx6
hQRP7zMbnb+KK3thVETxVaDQX+gHvZlL+HMID6XT4wYFjndx1JeQwyAbAKgyMSFI
sjGEKoT7JlulE9IU3x08ruBMExF0zKoUrYFbeC6XM8Zk52/rZrOOUmd1fJ5QnPoZ
T86jGfKc3PmUR8vAS8GQSBXmMEfKzWAfwl8+AE7pdf+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:35 2024 by rpki-client on console-ams.rpki-client.org