Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa
File: ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa (raw, json)
Hash identifier: 2aTYYmFr8naYSdi8kVySUwKAO8sdMc9d2T2QxYaQP5k=
Subject key identifier: 66:A1:17:62:23:83:57:D7:9A:49:B6:6F:A7:0A:34:61:F4:32:67:A1
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 018B2A83646AD7C90BA11D52E4E4CB5605D6
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa
Signing time: Fri 13 Oct 2023 19:28:55 +0000
ROA not before: Fri 13 Oct 2023 19:28:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202945
IP address blocks: 45.154.60.0/24 maxlen: 24
2a0f:b100:2::/48 maxlen: 48
2a0f:b100::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2a:83:64:6a:d7:c9:0b:a1:1d:52:e4:e4:cb:56:05:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Oct 13 19:28:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66a11762238357d79a49b66fa70a3461f43267a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7b:aa:bf:77:b9:84:30:fa:59:cb:19:72:6d:
99:56:67:8e:f7:6f:54:de:80:31:cd:2b:2c:b1:f5:
d9:92:e1:2e:e9:0d:2f:5f:ee:a3:88:00:a5:c1:c6:
2b:e8:05:e4:03:81:54:ce:a2:c0:1a:d8:f2:ae:a4:
9b:09:e6:14:0d:b5:89:b3:92:9d:e9:29:5b:1b:47:
56:c3:29:37:1d:6b:4d:04:9f:84:91:32:d8:dd:23:
d2:65:c8:b0:02:bb:2d:c0:9c:05:1e:66:49:b2:7a:
43:8a:09:1a:32:51:07:2b:37:62:b3:e6:85:63:31:
54:64:1e:2d:74:5a:67:2b:ca:1c:e8:cd:4d:b1:ed:
7f:97:d8:03:89:3e:59:5a:25:e5:85:2b:a2:28:ac:
5d:c0:e6:a8:3d:31:23:d7:03:f7:ac:cf:30:98:b6:
9b:4c:e8:b3:26:a5:e4:d2:2a:d7:fb:62:78:1d:63:
94:30:8d:09:1f:13:ed:c5:81:61:3e:52:df:18:a9:
c9:b5:ba:21:39:b9:c3:b8:4a:a2:25:88:56:91:7b:
e6:9b:66:48:7f:75:4e:f0:76:ed:d0:cb:4a:99:9f:
9a:2b:2b:4b:82:b3:92:3c:44:63:7c:62:c6:f3:5f:
10:fa:46:26:a0:4c:c0:12:c4:ea:88:ac:a1:c4:84:
7a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A1:17:62:23:83:57:D7:9A:49:B6:6F:A7:0A:34:61:F4:32:67:A1
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/ZqEXYiODV9eaSbZvpwo0YfQyZ6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.60.0/24
IPv6:
2a0f:b100::/44
Signature Algorithm: sha256WithRSAEncryption
4c:d3:0f:0e:68:83:b3:cb:d2:f9:61:18:b7:af:70:51:1b:25:
07:13:cd:32:74:96:51:5b:1c:9c:a8:72:f8:c7:f2:bc:90:30:
50:a6:48:7b:4f:35:7e:2b:aa:8f:95:bb:df:ca:75:ea:12:a4:
0c:d7:a4:ec:b1:df:6b:ab:5e:1c:3d:62:09:dd:37:92:35:ee:
b9:e4:95:bc:3a:ce:05:1e:60:0c:b4:61:60:a3:fe:23:72:69:
72:41:58:7b:e0:13:92:2f:dd:14:b4:bc:6d:6d:4c:c7:c6:5c:
a6:65:12:01:88:71:c8:61:92:b9:41:7f:37:0d:ad:38:9d:28:
ae:86:45:27:f2:89:9f:68:ed:0b:d3:94:ae:42:9f:b0:9c:15:
df:fd:21:41:f4:83:89:3e:38:ec:fa:b4:a8:fe:2a:47:46:2a:
d8:43:50:2e:7c:6f:fe:42:1f:ba:20:9f:1e:b7:84:d8:9e:a6:
02:e6:6a:21:e6:2f:3c:01:2f:7b:ab:eb:67:d6:c8:7f:e7:8f:
1f:60:fe:c9:20:1c:33:c4:0f:69:31:82:5f:39:a1:ac:6a:07:
39:89:9b:8d:8f:85:a4:87:42:ad:c4:d3:53:f3:eb:85:0d:18:
31:48:d3:ad:bf:98:36:59:4c:e0:aa:a5:0d:6c:30:f6:60:b1:
db:46:61:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsqg2Rq18kLoR1S5OTLVgXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMxMDEzMTkyODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmExMTc2MjIzODM1N2Q3OWE0OWI2NmZhNzBhMzQ2MWY0MzI2N2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnuqv3e5hDD6WcsZcm2ZVmeO929U
3oAxzSsssfXZkuEu6Q0vX+6jiAClwcYr6AXkA4FUzqLAGtjyrqSbCeYUDbWJs5Kd
6SlbG0dWwyk3HWtNBJ+EkTLY3SPSZciwArstwJwFHmZJsnpDigkaMlEHKzdis+aF
YzFUZB4tdFpnK8oc6M1Nse1/l9gDiT5ZWiXlhSuiKKxdwOaoPTEj1wP3rM8wmLab
TOizJqXk0irX+2J4HWOUMI0JHxPtxYFhPlLfGKnJtbohObnDuEqiJYhWkXvmm2ZI
f3VO8Hbt0MtKmZ+aKytLgrOSPERjfGLG818Q+kYmoEzAEsTqiKyhxIR6UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGahF2Ijg1fXmkm2b6cKNGH0MmehMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvWnFFWFlpT0RWOWVhU2JadnB3bzBZZlF5WjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBAEzTDw5og7PL0vlhGLev
cFEbJQcTzTJ0llFbHJyocvjH8ryQMFCmSHtPNX4rqo+Vu9/KdeoSpAzXpOyx32ur
Xhw9YgndN5I17rnklbw6zgUeYAy0YWCj/iNyaXJBWHvgE5Iv3RS0vG1tTMfGXKZl
EgGIcchhkrlBfzcNrTidKK6GRSfyiZ9o7QvTlK5Cn7CcFd/9IUH0g4k+OOz6tKj+
KkdGKthDUC58b/5CH7ognx63hNiepgLmaiHmLzwBL3ur62fWyH/njx9g/skgHDPE
D2kxgl85oaxqBzmJm42PhaSHQq3E01Pz64UNGDFI062/mDZZTOCqpQ1sMPZgsdtG
YbI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:50 2024 by rpki-client on console-ams.rpki-client.org