Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4953ee-910f-4b8e-b464-2650edd3013f/1/oCaNb2sh7pd5kk5JR6YyMyS1ot8.roa
File: oCaNb2sh7pd5kk5JR6YyMyS1ot8.roa (raw, json)
Hash identifier: y8JClBEdbjdaR5hXQMszyUmqFV9074YZBi2dODUaZls=
Subject key identifier: A0:26:8D:6F:6B:21:EE:97:79:92:4E:49:47:A6:32:33:24:B5:A2:DF
Certificate issuer: /CN=f8d7213f3585b7112dff0cb43c192b1caf307d18
Certificate serial: 01856D0A80ACC1412A4BB1E23E4E2DC14509
Authority key identifier: F8:D7:21:3F:35:85:B7:11:2D:FF:0C:B4:3C:19:2B:1C:AF:30:7D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-NchPzWFtxEt_wy0PBkrHK8wfRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4953ee-910f-4b8e-b464-2650edd3013f/1/oCaNb2sh7pd5kk5JR6YyMyS1ot8.roa
Signing time: Sun 01 Jan 2023 11:14:42 +0000
ROA not before: Sun 01 Jan 2023 11:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 45.140.216.0/22 maxlen: 22
2a0f:1b00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:80:ac:c1:41:2a:4b:b1:e2:3e:4e:2d:c1:45:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8d7213f3585b7112dff0cb43c192b1caf307d18
Validity
Not Before: Jan 1 11:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0268d6f6b21ee9779924e4947a6323324b5a2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:75:dc:54:37:fc:b7:fc:4d:09:09:51:33:12:
63:40:dd:dd:35:e2:05:6c:93:79:8a:71:6c:31:47:
d5:af:23:78:00:b4:e4:db:59:77:89:fc:a5:70:03:
ce:85:a8:ed:9b:76:48:97:32:cf:28:d9:cb:e6:69:
ca:5d:ba:62:89:8b:36:a5:21:df:ea:72:e5:57:91:
5f:79:a7:35:22:1a:19:3f:93:75:c1:98:b0:00:ec:
57:09:49:67:c6:12:84:0c:40:bf:84:35:a1:86:03:
a8:17:89:73:13:c9:81:1d:29:be:d3:0a:a3:b9:d0:
ff:9c:bc:56:aa:51:e1:d1:9e:6d:61:9f:d7:40:bc:
a6:af:c8:cb:26:95:16:f7:21:10:7e:20:f3:12:c7:
e2:c2:0a:35:57:5a:11:50:74:41:fa:3c:c6:22:f4:
5a:fe:ff:7f:8c:15:9a:d2:bd:41:e4:48:0c:80:52:
2b:84:bd:3a:f3:d0:ff:57:14:1c:92:b5:38:97:d3:
95:ee:df:ac:a6:73:f4:1e:6d:65:46:88:23:51:01:
5d:4d:9f:01:4e:87:09:2b:8d:11:96:31:a2:99:4f:
c4:54:38:6a:f8:13:05:e6:df:cf:6c:fe:ff:b3:73:
93:54:b0:d0:5a:0c:ec:7d:99:62:19:60:1c:8e:a5:
21:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:26:8D:6F:6B:21:EE:97:79:92:4E:49:47:A6:32:33:24:B5:A2:DF
X509v3 Authority Key Identifier:
keyid:F8:D7:21:3F:35:85:B7:11:2D:FF:0C:B4:3C:19:2B:1C:AF:30:7D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-NchPzWFtxEt_wy0PBkrHK8wfRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4953ee-910f-4b8e-b464-2650edd3013f/1/oCaNb2sh7pd5kk5JR6YyMyS1ot8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4953ee-910f-4b8e-b464-2650edd3013f/1/1-NchPzWFtxEt_wy0PBkrHK8wfRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.216.0/22
IPv6:
2a0f:1b00::/29
Signature Algorithm: sha256WithRSAEncryption
59:cb:1f:3b:94:cd:a7:2e:ed:e5:e7:4e:d2:96:cf:82:9c:9f:
2d:74:9a:41:91:a4:73:82:00:95:bb:90:32:ec:fc:8b:b7:b7:
a1:f6:60:3f:41:e0:50:65:bb:92:de:65:f7:9a:b3:51:14:b4:
db:41:2a:4b:4d:a6:37:e3:e3:85:4a:7f:23:b7:77:12:8f:d9:
b3:00:ea:91:f6:a9:6a:ab:16:1f:57:64:f2:92:72:ab:2e:32:
ce:cc:5c:c1:50:ed:dd:3f:12:9d:25:70:e3:1f:4d:b3:03:cd:
f1:e7:06:27:c5:f6:d4:fe:b4:19:dd:b1:03:58:20:5c:6f:90:
99:11:ea:fe:bc:28:62:c5:b9:8b:e7:8a:2c:0a:7e:ea:18:76:
bd:f6:94:55:e2:b5:69:b2:b2:ce:39:32:b8:b0:20:d1:31:46:
af:6c:a4:57:6b:e3:3d:f8:4c:99:fa:80:03:b1:a3:e4:e8:43:
54:23:e5:8f:18:9c:66:61:d7:63:c8:ae:77:03:04:a8:b3:a1:
54:37:8a:35:0f:05:fa:2b:91:14:7a:d6:d6:3b:7d:b2:d4:0e:
db:c8:15:4a:00:54:18:53:5a:8c:da:4d:74:05:d7:d0:ea:07:
4e:16:26:50:28:bb:27:05:72:25:23:65:9e:2e:3c:9a:24:2c:
77:b8:00:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtCoCswUEqS7HiPk4twUUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZDcyMTNmMzU4NWI3MTEyZGZmMGNiNDNjMTkyYjFjYWYz
MDdkMTgwHhcNMjMwMTAxMTExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI2OGQ2ZjZiMjFlZTk3Nzk5MjRlNDk0N2E2MzIzMzI0YjVhMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3XcVDf8t/xNCQlRMxJjQN3dNeIF
bJN5inFsMUfVryN4ALTk21l3ifylcAPOhajtm3ZIlzLPKNnL5mnKXbpiiYs2pSHf
6nLlV5Ffeac1IhoZP5N1wZiwAOxXCUlnxhKEDEC/hDWhhgOoF4lzE8mBHSm+0wqj
udD/nLxWqlHh0Z5tYZ/XQLymr8jLJpUW9yEQfiDzEsfiwgo1V1oRUHRB+jzGIvRa
/v9/jBWa0r1B5EgMgFIrhL0689D/VxQckrU4l9OV7t+spnP0Hm1lRogjUQFdTZ8B
TocJK40RljGimU/EVDhq+BMF5t/PbP7/s3OTVLDQWgzsfZliGWAcjqUh5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKAmjW9rIe6XeZJOSUemMjMktaLfMB8GA1UdIwQY
MBaAFPjXIT81hbcRLf8MtDwZKxyvMH0YMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OY2hQeldGdHhFdF93eTBQQmtySEs4d2ZSZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkvNDk1M2VlLTkxMGYtNGI4ZS1iNDY0
LTI2NTBlZGQzMDEzZi8xL29DYU5iMnNoN3BkNWtrNUpSNll5TXlTMW90OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTkvNDk1M2VlLTkxMGYtNGI4ZS1iNDY0LTI2NTBlZGQzMDEz
Zi8xLzEtTmNoUHpXRnR4RXRfd3kwUEJrckhLOHdmUmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAItjNgw
DQQCAAIwBwMFAyoPGwAwDQYJKoZIhvcNAQELBQADggEBAFnLHzuUzacu7eXnTtKW
z4Kcny10mkGRpHOCAJW7kDLs/Iu3t6H2YD9B4FBlu5LeZfeas1EUtNtBKktNpjfj
44VKfyO3dxKP2bMA6pH2qWqrFh9XZPKScqsuMs7MXMFQ7d0/Ep0lcOMfTbMDzfHn
BifF9tT+tBndsQNYIFxvkJkR6v68KGLFuYvniiwKfuoYdr32lFXitWmyss45Mriw
INExRq9spFdr4z34TJn6gAOxo+ToQ1Qj5Y8YnGZh12PIrncDBKizoVQ3ijUPBfor
kRR61tY7fbLUDtvIFUoAVBhTWozaTXQF19DqB04WJlAouycFciUjZZ4uPJokLHe4
AHY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:35 2023 by rpki-client on console-ams.rpki-client.org