Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/2zzQ-i3SrG2BnQEAImE8qb809Ig.roa
File: 2zzQ-i3SrG2BnQEAImE8qb809Ig.roa (raw, json)
Hash identifier: E9DWI/xMAYDMMemAzml/jZsBZr77mJ8cfoQJWlvhNY4=
Subject key identifier: DB:3C:D0:FA:2D:D2:AC:6D:81:9D:01:00:22:61:3C:A9:BF:34:F4:88
Certificate issuer: /CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Certificate serial: 018DA75A7D41ACB484A9595D299C493DBE1D
Authority key identifier: AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/2zzQ-i3SrG2BnQEAImE8qb809Ig.roa
Signing time: Wed 14 Feb 2024 11:22:21 +0000
ROA not before: Wed 14 Feb 2024 11:22:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134450
IP address blocks: 45.83.186.0/23 maxlen: 23
45.86.28.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:5a:7d:41:ac:b4:84:a9:59:5d:29:9c:49:3d:be:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff6f85aad101c456c1ac9a01a7192fc5788e92c
Validity
Not Before: Feb 14 11:22:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db3cd0fa2dd2ac6d819d010022613ca9bf34f488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:a7:d6:f8:f0:26:1a:99:f2:bb:fb:87:da:
0d:65:9f:7a:74:95:3d:3d:bd:a2:89:59:0f:4f:4c:
1d:54:26:83:61:23:c7:15:4a:b4:24:ff:e7:03:a9:
b0:df:b3:92:eb:61:af:1c:53:2a:60:3b:85:42:9d:
02:11:41:9b:d0:04:dc:29:af:01:05:e1:96:42:f0:
15:e3:07:95:7b:f1:0f:10:35:1f:c9:6b:22:d3:5b:
c2:05:06:4f:b6:b3:0f:a1:a6:fe:d5:fc:74:9c:68:
e6:47:a8:04:12:46:e9:fa:47:98:67:d8:76:2f:ed:
32:26:b0:98:59:a9:01:da:14:6f:a1:ec:fa:00:f8:
14:0e:b9:05:4d:70:64:ae:f7:65:6a:24:08:94:4d:
bd:41:39:2f:82:42:eb:a1:a7:f5:6d:96:1a:dd:83:
45:11:c2:ea:78:ec:6c:5a:c6:56:c4:8e:d4:cc:f0:
c9:1a:ae:60:e5:5e:18:9e:59:d7:38:51:20:07:99:
80:cf:a5:2c:c0:c9:78:1c:a1:56:71:08:78:0e:df:
64:a3:75:55:6f:58:0a:d7:73:fb:1c:84:c7:04:62:
07:a9:c7:ff:18:2e:9f:82:c6:9b:06:86:5d:82:42:
6a:3f:1d:50:e5:88:a4:d9:85:4f:45:78:95:a9:49:
d6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3C:D0:FA:2D:D2:AC:6D:81:9D:01:00:22:61:3C:A9:BF:34:F4:88
X509v3 Authority Key Identifier:
keyid:AF:F6:F8:5A:AD:10:1C:45:6C:1A:C9:A0:1A:71:92:FC:57:88:E9:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/2zzQ-i3SrG2BnQEAImE8qb809Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df719a-492f-47cb-9212-644bd0fc7f80/1/r_b4Wq0QHEVsGsmgGnGS_FeI6Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.186.0/23
45.86.28.0/22
Signature Algorithm: sha256WithRSAEncryption
20:d2:77:c4:cb:f4:43:bb:1a:a1:b9:ba:ac:c5:c5:fc:80:a2:
d6:29:54:8a:5d:72:83:5a:2f:de:36:bc:37:66:dc:22:ca:05:
a6:1f:d5:95:f2:be:0c:fb:e8:c8:7a:fe:5c:74:4c:26:41:85:
b2:b7:43:6b:10:26:1a:6b:b1:31:08:5e:07:d9:79:2d:3e:08:
ae:8d:bd:1b:c1:d6:4c:28:af:93:8d:dc:7d:c7:1d:bc:6b:14:
f7:77:89:c6:b0:ca:fd:e1:0d:c1:f3:cb:c1:c1:e1:30:cb:e5:
a0:d6:9e:53:22:84:bb:2b:64:9d:fb:2a:52:16:84:e9:65:c8:
17:4b:ab:1e:7e:a8:01:b1:9e:99:c9:4b:ce:35:c1:9a:74:5b:
df:d5:f5:3f:cb:70:c2:9c:4c:2b:3e:b5:bc:1b:09:bc:05:9e:
c6:9e:65:e5:36:43:48:a7:86:02:71:69:55:a5:e3:dc:95:f4:
b8:25:34:69:2a:41:92:48:85:5d:81:96:c1:5d:33:0e:11:28:
55:db:99:cc:30:c2:bc:13:c5:9d:1a:a5:dd:45:2e:ad:a2:82:
cc:7f:b8:e2:c5:c6:6b:5e:01:48:78:ee:f2:35:d5:e4:74:cf:
ef:21:36:77:58:67:de:ec:f5:9d:b9:4a:b4:a1:3a:c8:27:b2:
98:85:88:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2nWn1BrLSEqVldKZxJPb4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjZmODVhYWQxMDFjNDU2YzFhYzlhMDFhNzE5MmZjNTc4
OGU5MmMwHhcNMjQwMjE0MTEyMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNjZDBmYTJkZDJhYzZkODE5ZDAxMDAyMjYxM2NhOWJmMzRmNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPmn1vjwJhqZ8rv7h9oNZZ96dJU9
Pb2iiVkPT0wdVCaDYSPHFUq0JP/nA6mw37OS62GvHFMqYDuFQp0CEUGb0ATcKa8B
BeGWQvAV4weVe/EPEDUfyWsi01vCBQZPtrMPoab+1fx0nGjmR6gEEkbp+keYZ9h2
L+0yJrCYWakB2hRvoez6APgUDrkFTXBkrvdlaiQIlE29QTkvgkLroaf1bZYa3YNF
EcLqeOxsWsZWxI7UzPDJGq5g5V4YnlnXOFEgB5mAz6UswMl4HKFWcQh4Dt9ko3VV
b1gK13P7HITHBGIHqcf/GC6fgsabBoZdgkJqPx1Q5Yik2YVPRXiVqUnWBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNs80Pot0qxtgZ0BACJhPKm/NPSIMB8GA1UdIwQY
MBaAFK/2+FqtEBxFbBrJoBpxkvxXiOksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTIt
NjQ0YmQwZmM3ZjgwLzEvMnp6US1pM1NyRzJCblFFQUltRThxYjgwOUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjcxOWEtNDkyZi00N2NiLTkyMTItNjQ0YmQwZmM3Zjgw
LzEvcl9iNFdxMFFIRVZzR3NtZ0duR1NfRmVJNlN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVO6AwQC
LVYcMA0GCSqGSIb3DQEBCwUAA4IBAQAg0nfEy/RDuxqhubqsxcX8gKLWKVSKXXKD
Wi/eNrw3ZtwiygWmH9WV8r4M++jIev5cdEwmQYWyt0NrECYaa7ExCF4H2XktPgiu
jb0bwdZMKK+Tjdx9xx28axT3d4nGsMr94Q3B88vBweEwy+Wg1p5TIoS7K2Sd+ypS
FoTpZcgXS6sefqgBsZ6ZyUvONcGadFvf1fU/y3DCnEwrPrW8Gwm8BZ7GnmXlNkNI
p4YCcWlVpePclfS4JTRpKkGSSIVdgZbBXTMOEShV25nMMMK8E8WdGqXdRS6tooLM
f7jixcZrXgFIeO7yNdXkdM/vITZ3WGfe7PWduUq0oTrIJ7KYhYgH
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:33:50 2025 by rpki-client