Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sPnBJ7EvuiLYcmyIwdyQBl_1S-o.roa
File: sPnBJ7EvuiLYcmyIwdyQBl_1S-o.roa (raw, json)
Hash identifier: IxP4qjN+tJgTKAALcxs8EkJcA4mGAU7frQ6ZTIRz1Rw=
Subject key identifier: B0:F9:C1:27:B1:2F:BA:22:D8:72:6C:88:C1:DC:90:06:5F:F5:4B:EA
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01856CAF119F363C45E143FAB486CC69593D
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sPnBJ7EvuiLYcmyIwdyQBl_1S-o.roa
Signing time: Sun 01 Jan 2023 09:34:50 +0000
ROA not before: Sun 01 Jan 2023 09:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 45.67.228.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:11:9f:36:3c:45:e1:43:fa:b4:86:cc:69:59:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 1 09:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0f9c127b12fba22d8726c88c1dc90065ff54bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:bd:6e:6b:81:62:79:30:67:2f:df:a2:fa:
f3:de:3b:5d:a9:79:d0:b4:22:f9:8c:13:9d:05:f0:
4d:73:06:14:0a:0e:b1:4a:80:45:56:13:e8:03:16:
ed:e5:e3:3f:05:fe:fc:42:4b:a8:2d:22:4f:29:a8:
4a:57:3a:6b:34:20:ad:40:aa:14:72:e9:7a:67:47:
c2:03:0e:61:15:10:26:cc:9b:9e:8b:47:c7:25:59:
77:1b:9f:00:b8:bf:2c:5d:7e:a9:d8:af:db:c2:28:
92:6d:86:80:b6:10:bc:cd:ff:3f:16:d7:f3:85:94:
3b:2f:36:79:d3:42:d5:d7:25:54:41:41:c4:26:a1:
91:e7:78:86:ea:17:71:a5:69:98:67:3b:ad:72:7d:
31:fb:c1:11:35:2f:03:11:10:e8:55:3e:2b:2d:93:
77:63:2b:e4:c3:12:4b:ff:6f:e4:73:d9:85:3d:66:
cd:72:4b:25:90:8f:9f:a5:f7:1f:82:75:4a:0e:a4:
ec:ee:c2:7e:7a:73:73:bf:33:88:01:91:64:9b:36:
7a:4f:be:3d:9c:bd:56:b5:f1:59:a8:0d:7a:b8:e6:
b1:01:cd:52:3c:83:76:3f:fb:fc:31:29:98:a0:2d:
51:41:f8:46:ff:be:f8:8f:66:e2:f8:ee:07:e9:57:
52:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F9:C1:27:B1:2F:BA:22:D8:72:6C:88:C1:DC:90:06:5F:F5:4B:EA
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/sPnBJ7EvuiLYcmyIwdyQBl_1S-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/24
45.67.231.0/24
IPv6:
2a09:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
61:1a:98:74:bc:79:d7:7f:40:24:c8:8f:08:83:72:39:db:ea:
01:0c:b6:54:02:94:89:aa:e4:31:7e:a1:2d:56:59:c5:07:e4:
10:15:f4:e7:ca:42:12:1d:f9:3c:60:67:1e:53:eb:81:71:47:
aa:f0:8e:85:be:41:31:10:c7:f9:6a:11:dd:bc:fe:77:27:56:
f1:d4:b6:01:eb:73:9e:f5:f6:7e:fe:a4:e3:e1:21:7b:4b:e2:
47:19:11:95:99:64:c4:0f:2c:e6:56:b3:3a:ca:b1:44:f8:34:
70:31:42:7d:d9:2b:2f:d8:c2:a6:b8:4c:b4:c8:cd:73:5f:e0:
06:9b:22:0d:6d:2d:9b:06:a8:ea:e6:5b:3b:c6:38:3e:5d:fc:
72:f8:b7:fd:c3:f1:e2:d9:19:ce:77:d9:35:4e:ff:8c:b4:ef:
aa:dd:ea:ee:9e:1a:3c:16:2f:a2:f7:dd:0d:25:54:d3:92:8c:
46:27:00:e9:08:34:ba:97:90:ed:45:cd:70:f1:88:a3:e8:0b:
de:1f:0c:89:04:7e:d6:bb:0e:1a:14:ea:3e:f4:bb:65:ef:c2:
70:ed:2e:04:5e:44:a8:02:58:64:f9:68:42:65:58:f3:67:00:
39:ad:b6:fc:32:d9:bd:fe:b8:b4:73:57:94:1a:f7:39:07:1c:
55:05:7d:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrxGfNjxF4UP6tIbMaVk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwMTAxMDkzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY5YzEyN2IxMmZiYTIyZDg3MjZjODhjMWRjOTAwNjVmZjU0YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOq9bmuBYnkwZy/fovrz3jtdqXnQ
tCL5jBOdBfBNcwYUCg6xSoBFVhPoAxbt5eM/Bf78QkuoLSJPKahKVzprNCCtQKoU
cul6Z0fCAw5hFRAmzJuei0fHJVl3G58AuL8sXX6p2K/bwiiSbYaAthC8zf8/Ftfz
hZQ7LzZ500LV1yVUQUHEJqGR53iG6hdxpWmYZzutcn0x+8ERNS8DERDoVT4rLZN3
YyvkwxJL/2/kc9mFPWbNckslkI+fpfcfgnVKDqTs7sJ+enNzvzOIAZFkmzZ6T749
nL1WtfFZqA16uOaxAc1SPIN2P/v8MSmYoC1RQfhG/774j2bi+O4H6VdSrwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLD5wSexL7oi2HJsiMHckAZf9UvqMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvc1BuQko3RXZ1aUxZY215SXdkeVFCbF8xUy1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUPkAwQA
LUPnMA0EAgACMAcDBQAqCXxAMA0GCSqGSIb3DQEBCwUAA4IBAQBhGph0vHnXf0Ak
yI8Ig3I52+oBDLZUApSJquQxfqEtVlnFB+QQFfTnykISHfk8YGceU+uBcUeq8I6F
vkExEMf5ahHdvP53J1bx1LYB63Oe9fZ+/qTj4SF7S+JHGRGVmWTEDyzmVrM6yrFE
+DRwMUJ92Ssv2MKmuEy0yM1zX+AGmyINbS2bBqjq5ls7xjg+Xfxy+Lf9w/Hi2RnO
d9k1Tv+MtO+q3erunho8Fi+i990NJVTTkoxGJwDpCDS6l5DtRc1w8Yij6AveHwyJ
BH7Wuw4aFOo+9Ltl78Jw7S4EXkSoAlhk+WhCZVjzZwA5rbb8Mtm9/ri0c1eUGvc5
BxxVBX37
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:41 2024 by rpki-client on console-ams.rpki-client.org