Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/D-LXocw7srtzwJ1DPhsMEnrqTDI.roa
File: D-LXocw7srtzwJ1DPhsMEnrqTDI.roa (raw, json)
Hash identifier: v/YM4vUIX5jR6PLIN7uoCTWevPASokYptdU6bz9qZOU=
Subject key identifier: 0F:E2:D7:A1:CC:3B:B2:BB:73:C0:9D:43:3E:1B:0C:12:7A:EA:4C:32
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018D3696D73CA0CD3659C4A724D5852A29F5
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/D-LXocw7srtzwJ1DPhsMEnrqTDI.roa
Signing time: Tue 23 Jan 2024 13:51:11 +0000
ROA not before: Tue 23 Jan 2024 13:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 45.138.28.0/22 maxlen: 22
212.60.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 10:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:96:d7:3c:a0:cd:36:59:c4:a7:24:d5:85:2a:29:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 23 13:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fe2d7a1cc3bb2bb73c09d433e1b0c127aea4c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8a:ba:5b:19:68:af:be:aa:24:64:09:8c:da:
c6:50:48:33:f9:1a:b0:1d:af:60:6c:b5:c1:6e:2d:
34:67:04:3b:2c:5d:c9:de:90:98:4a:8a:7e:b8:e8:
5c:62:f4:2d:29:82:6a:7e:1f:e1:04:f1:0b:56:39:
e3:fb:11:c8:64:a6:5e:e9:90:27:8d:70:db:79:fb:
61:21:c2:a7:c2:26:a7:18:c7:6e:43:89:aa:65:af:
aa:38:11:35:fd:50:2a:db:e8:95:5e:f3:b9:a1:be:
ce:69:92:46:c7:a8:eb:16:4a:18:04:c0:2f:b3:3d:
b8:9f:77:59:03:d6:a4:92:e9:0e:0c:a2:1d:c2:8c:
8a:ae:c3:1a:1b:2c:19:ea:5c:15:2b:6a:24:58:3a:
02:5c:41:7a:de:24:5a:c2:d4:c1:16:01:2b:e3:6c:
08:4e:d4:92:8f:f8:35:55:f1:6d:11:ac:6b:64:80:
77:e7:ff:7d:be:11:8f:c3:75:72:a3:7b:22:36:cb:
60:d7:50:25:9e:1b:99:c1:59:50:af:85:e2:d9:1f:
ab:9a:ad:ec:62:cf:3c:26:de:89:a4:36:35:93:a9:
47:10:d3:87:6f:db:43:89:c9:00:a9:26:32:b0:aa:
7e:0f:79:cb:6c:dd:4c:e9:9d:75:eb:11:ea:04:6f:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E2:D7:A1:CC:3B:B2:BB:73:C0:9D:43:3E:1B:0C:12:7A:EA:4C:32
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/D-LXocw7srtzwJ1DPhsMEnrqTDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.28.0/22
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:b0:8c:e5:12:d4:4f:de:2b:fb:0c:ef:36:f7:fb:d4:3d:57:
f5:d8:b5:d0:22:b8:85:b0:f2:93:32:43:8e:f1:b3:58:ec:25:
3d:32:f6:4d:bb:40:3e:8b:31:25:9f:b9:39:23:29:fd:2c:ca:
42:6c:1b:b2:cc:46:ef:64:cb:5f:9e:50:8c:12:cb:30:f9:d8:
cf:31:5f:d9:cd:d5:31:2d:7a:88:06:c3:f5:23:df:8a:8c:e6:
fe:17:c2:ac:f8:29:45:c3:1b:8f:75:30:d4:49:d9:09:51:a6:
52:7e:ed:09:a1:a5:55:c3:42:c9:85:e4:90:aa:b3:5c:5b:26:
3c:1b:24:1c:77:ad:b4:3b:91:5d:46:e5:e1:86:e4:0f:00:f1:
a3:ab:29:ff:b5:59:8e:66:33:b0:70:c3:fb:2c:69:63:e7:f4:
da:72:30:5a:4b:ce:8c:76:c0:49:2c:03:ab:0a:29:b5:53:1b:
4f:af:2a:a5:88:08:d4:69:1e:93:25:bb:9b:fa:34:c3:f8:53:
7f:8e:bd:0f:24:42:5b:4c:22:97:68:67:15:08:36:4f:ad:68:
ba:e0:d4:61:1a:92:1f:94:4c:5c:53:71:4f:10:6d:16:6e:54:
5f:e1:35:7a:12:18:cc:28:e3:83:bb:f1:68:b2:e1:55:86:86:
03:48:67:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY02ltc8oM02WcSnJNWFKin1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTIzMTM1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmUyZDdhMWNjM2JiMmJiNzNjMDlkNDMzZTFiMGMxMjdhZWE0YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIq6Wxlor76qJGQJjNrGUEgz+Rqw
Ha9gbLXBbi00ZwQ7LF3J3pCYSop+uOhcYvQtKYJqfh/hBPELVjnj+xHIZKZe6ZAn
jXDbefthIcKnwianGMduQ4mqZa+qOBE1/VAq2+iVXvO5ob7OaZJGx6jrFkoYBMAv
sz24n3dZA9akkukODKIdwoyKrsMaGywZ6lwVK2okWDoCXEF63iRawtTBFgEr42wI
TtSSj/g1VfFtEaxrZIB35/99vhGPw3Vyo3siNstg11AlnhuZwVlQr4Xi2R+rmq3s
Ys88Jt6JpDY1k6lHENOHb9tDickAqSYysKp+D3nLbN1M6Z116xHqBG+HUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA/i16HMO7K7c8CdQz4bDBJ66kwyMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvRC1MWG9jdzdzcnR6d0oxRFBoc01FbnJxVERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYocAwQC
1DwAMA0GCSqGSIb3DQEBCwUAA4IBAQBKsIzlEtRP3iv7DO829/vUPVf12LXQIriF
sPKTMkOO8bNY7CU9MvZNu0A+izEln7k5Iyn9LMpCbBuyzEbvZMtfnlCMEssw+djP
MV/ZzdUxLXqIBsP1I9+KjOb+F8Ks+ClFwxuPdTDUSdkJUaZSfu0JoaVVw0LJheSQ
qrNcWyY8GyQcd620O5FdRuXhhuQPAPGjqyn/tVmOZjOwcMP7LGlj5/TacjBaS86M
dsBJLAOrCim1UxtPryqliAjUaR6TJbub+jTD+FN/jr0PJEJbTCKXaGcVCDZPrWi6
4NRhGpIflExcU3FPEG0WblRf4TV6EhjMKOODu/FosuFVhoYDSGc8
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:05:13 2024 by rpki-client on console-ams.rpki-client.org