Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/33o7uZOixUStvTF_4cSyqwoxKHo.roa
File: 33o7uZOixUStvTF_4cSyqwoxKHo.roa (raw, json)
Hash identifier: p0zZYX840LuIBHRIS+qUazywE6Wi5PTI2iq7Csi9tH8=
Subject key identifier: DF:7A:3B:B9:93:A2:C5:44:AD:BD:31:7F:E1:C4:B2:AB:0A:31:28:7A
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 01856FD50FB74FDE1CB33A5FBB44B6A8BCF5
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/33o7uZOixUStvTF_4cSyqwoxKHo.roa
Signing time: Mon 02 Jan 2023 00:15:12 +0000
ROA not before: Mon 02 Jan 2023 00:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58145
IP address blocks: 45.157.8.0/22 maxlen: 22
2a0f:3780::/32 maxlen: 32
2a0f:3780::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:0f:b7:4f:de:1c:b3:3a:5f:bb:44:b6:a8:bc:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Jan 2 00:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df7a3bb993a2c544adbd317fe1c4b2ab0a31287a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:35:cc:b2:d9:2d:05:ef:d1:ef:73:28:bc:
62:08:6c:95:f1:8e:43:98:8e:d7:52:b8:90:4b:0a:
b1:c4:1a:d4:bd:28:3c:30:17:1e:b6:12:5f:28:2f:
bf:ec:bc:df:9d:1a:ce:0f:64:71:b5:57:be:cb:6b:
7e:15:3e:16:7f:e0:b9:93:15:82:c2:26:82:1a:1a:
bb:d4:9f:19:b1:81:80:d2:4c:6f:f6:75:83:6c:25:
1d:3e:a5:dd:21:c3:8c:f4:18:c7:ef:a1:ea:3f:4c:
57:7c:f7:af:a5:a9:54:b3:eb:92:27:f7:a4:31:5a:
be:ee:66:38:09:72:d4:72:49:91:02:70:04:75:3e:
90:58:d6:86:dd:37:af:4f:c1:f7:ad:a8:60:f1:65:
3d:7c:e4:e7:2b:aa:e6:0e:1f:d3:e1:2b:a6:29:1f:
88:fc:db:a5:32:30:74:b6:82:71:a7:59:73:9e:f7:
59:46:6a:c9:be:91:ee:b5:c0:d9:ec:bf:1d:a2:d9:
6a:9d:47:0f:4f:7e:d0:5e:33:04:20:1b:b4:76:94:
2b:5c:4e:f9:bc:e0:ee:9f:1c:33:11:f9:e5:30:cb:
bb:f7:64:de:1d:2b:7a:19:68:c0:bc:d6:8c:45:79:
44:d8:4d:2a:28:a6:ae:a7:0e:d8:9f:de:1c:10:5d:
4e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7A:3B:B9:93:A2:C5:44:AD:BD:31:7F:E1:C4:B2:AB:0A:31:28:7A
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/33o7uZOixUStvTF_4cSyqwoxKHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.8.0/22
IPv6:
2a0f:3780::/29
Signature Algorithm: sha256WithRSAEncryption
12:16:ae:ec:4e:04:a3:6a:97:7f:d5:24:7f:03:19:30:91:0a:
b1:72:51:bb:05:38:97:5c:ad:f8:e5:d3:75:c1:18:59:6d:69:
6c:03:dd:c1:a8:79:49:21:59:20:48:fc:2f:81:ab:73:27:c5:
73:91:ea:24:21:48:e9:fe:64:6c:ef:29:75:e0:5c:4a:d8:4b:
f5:7a:b7:ff:f2:a3:fe:0e:02:21:83:b1:b5:26:bd:9f:29:ea:
f5:0c:08:43:c3:6f:30:da:8e:78:07:83:6a:16:51:2c:4b:75:
70:29:23:89:83:36:7d:58:88:9a:84:fb:41:68:ef:1b:d8:b3:
f3:cf:d3:b1:f4:5e:2f:3c:b9:31:07:73:1f:b5:81:7e:7c:aa:
89:9c:d3:bd:21:0a:ab:ac:27:0b:14:f0:39:97:54:6b:cb:b8:
58:08:64:ee:d4:6f:69:0e:82:35:10:6e:cd:fe:d4:9c:80:8c:
a8:13:ad:75:ba:d0:c2:ab:31:21:00:ea:de:3d:b0:98:b4:f0:
18:05:0e:f9:19:31:d6:15:24:46:fa:66:fe:99:ce:91:50:8b:
6e:e3:31:ba:ff:30:33:73:f5:63:a5:21:b2:3f:84:b5:e0:73:
10:20:06:75:d6:b3:ef:6c:d5:4b:43:49:97:84:38:29:ae:50:
e8:62:3d:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv1Q+3T94cszpfu0S2qLz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjMwMTAyMDAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdhM2JiOTkzYTJjNTQ0YWRiZDMxN2ZlMWM0YjJhYjBhMzEyODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC81zLLZLQXv0e9zKLxiCGyV8Y5D
mI7XUriQSwqxxBrUvSg8MBcethJfKC+/7LzfnRrOD2RxtVe+y2t+FT4Wf+C5kxWC
wiaCGhq71J8ZsYGA0kxv9nWDbCUdPqXdIcOM9BjH76HqP0xXfPevpalUs+uSJ/ek
MVq+7mY4CXLUckmRAnAEdT6QWNaG3TevT8H3rahg8WU9fOTnK6rmDh/T4SumKR+I
/NulMjB0toJxp1lznvdZRmrJvpHutcDZ7L8dotlqnUcPT37QXjMEIBu0dpQrXE75
vODunxwzEfnlMMu792TeHSt6GWjAvNaMRXlE2E0qKKaupw7Yn94cEF1OswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN96O7mTosVErb0xf+HEsqsKMSh6MB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvMzNvN3VaT2l4VVN0dlRGXzRjU3lxd294S0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ0IMA0E
AgACMAcDBQMqDzeAMA0GCSqGSIb3DQEBCwUAA4IBAQASFq7sTgSjapd/1SR/Axkw
kQqxclG7BTiXXK345dN1wRhZbWlsA93BqHlJIVkgSPwvgatzJ8VzkeokIUjp/mRs
7yl14FxK2Ev1erf/8qP+DgIhg7G1Jr2fKer1DAhDw28w2o54B4NqFlEsS3VwKSOJ
gzZ9WIiahPtBaO8b2LPzz9Ox9F4vPLkxB3MftYF+fKqJnNO9IQqrrCcLFPA5l1Rr
y7hYCGTu1G9pDoI1EG7N/tScgIyoE611utDCqzEhAOrePbCYtPAYBQ75GTHWFSRG
+mb+mc6RUItu4zG6/zAzc/VjpSGyP4S14HMQIAZ11rPvbNVLQ0mXhDgprlDoYj2s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:14 2024 by rpki-client on console-fra.rpki-client.org