Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/amifkrbsh0LYMxueoSr6stkz5O0.roa
File: amifkrbsh0LYMxueoSr6stkz5O0.roa (raw, json)
Hash identifier: fZrP0dTTAZSHJcLxIZVSmIOKXFjaP9TIaLhCONgTJl0=
Subject key identifier: 6A:68:9F:92:B6:EC:87:42:D8:33:1B:9E:A1:2A:FA:B2:D9:33:E4:ED
Certificate issuer: /CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Certificate serial: 01856F0B6E2248BD817EB8F41D36AB41DAD4
Authority key identifier: 71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/amifkrbsh0LYMxueoSr6stkz5O0.roa
Signing time: Sun 01 Jan 2023 20:34:58 +0000
ROA not before: Sun 01 Jan 2023 20:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201500
IP address blocks: 45.147.130.0/24 maxlen: 24
45.147.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:6e:22:48:bd:81:7e:b8:f4:1d:36:ab:41:da:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712ff11dd0c66ce67fe0f1d749c0909ef3418d29
Validity
Not Before: Jan 1 20:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a689f92b6ec8742d8331b9ea12afab2d933e4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2e:0d:bb:36:50:68:1b:02:69:5c:83:54:da:
d8:2c:99:3a:61:65:d9:b1:a3:3a:86:b0:a0:d7:63:
5d:a7:ab:3e:52:54:c6:d0:1f:14:df:aa:99:ce:03:
e0:bf:86:d2:6b:b1:80:c9:2a:63:fa:3a:20:0e:38:
b4:32:56:52:81:47:d4:f4:91:9b:b1:52:ca:a4:5c:
0a:61:0a:ee:7e:47:35:b2:ed:2d:e1:ac:3e:53:39:
a6:2e:3f:66:40:c8:1b:68:db:49:bb:d8:2e:55:9d:
9e:3a:e0:71:67:bd:ae:21:46:02:67:d1:79:2f:ae:
9d:34:eb:9f:3d:b1:d5:be:be:b9:70:57:0e:f0:23:
dc:96:eb:ff:6d:68:ef:6c:56:8c:ba:33:73:41:2d:
f1:9e:e9:aa:21:80:4d:d6:70:31:3b:1f:2d:09:ee:
f6:fc:c7:1d:b5:01:e8:59:2f:3d:18:58:ab:4e:62:
70:ff:2b:54:56:ab:13:e0:a9:b6:e0:10:39:89:90:
36:e0:44:e2:10:99:1a:8d:26:d8:e1:92:a3:10:bc:
fd:50:49:dd:d4:fc:31:ae:7d:cb:fa:d5:8e:2e:fb:
87:9d:4e:41:40:9a:0a:fa:ca:af:56:6d:46:77:f3:
c2:ab:e4:26:a5:1c:4e:a2:27:f7:b0:30:27:69:89:
41:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:68:9F:92:B6:EC:87:42:D8:33:1B:9E:A1:2A:FA:B2:D9:33:E4:ED
X509v3 Authority Key Identifier:
keyid:71:2F:F1:1D:D0:C6:6C:E6:7F:E0:F1:D7:49:C0:90:9E:F3:41:8D:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS_xHdDGbOZ_4PHXScCQnvNBjSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/amifkrbsh0LYMxueoSr6stkz5O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d9cc8d-95ac-4848-b097-9d63b0476e24/1/cS_xHdDGbOZ_4PHXScCQnvNBjSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.130.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:a7:b0:30:2a:df:4a:9e:bc:08:21:53:d5:87:8a:e6:55:08:
30:0a:43:f6:c3:c0:b6:f5:2a:64:0a:0f:f5:7b:aa:4b:66:96:
c7:42:05:d9:e7:36:45:c8:44:27:78:30:6c:d6:41:ad:ea:31:
25:28:46:19:c8:ad:65:f6:d0:d9:f8:db:d3:5c:96:a8:74:bc:
0b:e0:95:6e:05:21:62:19:60:0d:f2:2c:e1:15:7d:1f:6e:d6:
14:db:4e:fc:97:82:a9:dc:f0:c7:24:1e:3e:00:41:eb:9a:ae:
8f:a1:17:5d:2d:d5:68:76:c8:23:80:30:2f:f0:cf:9b:90:61:
cd:b6:d1:3c:71:56:15:25:bf:a2:09:a8:94:a7:2b:c4:22:48:
7c:ba:38:b5:5d:e4:9f:1a:32:02:51:8a:dc:62:40:77:50:09:
8f:79:4d:42:12:d1:9b:a1:45:78:86:a1:72:81:e7:63:4f:30:
47:9a:e5:95:fa:68:2d:ae:3f:65:87:28:db:9f:95:e6:94:a3:
db:dc:85:39:9c:a2:46:7e:11:13:81:ba:94:09:0d:b2:ce:42:
d2:c7:3a:78:35:1f:b1:d5:c5:4b:c1:b3:3e:fc:7b:c0:b9:8c:
72:a2:80:3b:cd:85:7e:90:3a:78:03:54:e3:0b:d2:78:6f:4b:
28:66:05:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC24iSL2Bfrj0HTarQdrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmZmMTFkZDBjNjZjZTY3ZmUwZjFkNzQ5YzA5MDllZjM0
MThkMjkwHhcNMjMwMTAxMjAzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTY4OWY5MmI2ZWM4NzQyZDgzMzFiOWVhMTJhZmFiMmQ5MzNlNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy4NuzZQaBsCaVyDVNrYLJk6YWXZ
saM6hrCg12Ndp6s+UlTG0B8U36qZzgPgv4bSa7GAySpj+jogDji0MlZSgUfU9JGb
sVLKpFwKYQrufkc1su0t4aw+UzmmLj9mQMgbaNtJu9guVZ2eOuBxZ72uIUYCZ9F5
L66dNOufPbHVvr65cFcO8CPcluv/bWjvbFaMujNzQS3xnumqIYBN1nAxOx8tCe72
/McdtQHoWS89GFirTmJw/ytUVqsT4Km24BA5iZA24ETiEJkajSbY4ZKjELz9UEnd
1Pwxrn3L+tWOLvuHnU5BQJoK+sqvVm1Gd/PCq+QmpRxOoif3sDAnaYlBcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpon5K27IdC2DMbnqEq+rLZM+TtMB8GA1UdIwQY
MBaAFHEv8R3Qxmzmf+Dx10nAkJ7zQY0pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTct
OWQ2M2IwNDc2ZTI0LzEvYW1pZmtyYnNoMExZTXh1ZW9TcjZzdGt6NU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9kOWNjOGQtOTVhYy00ODQ4LWIwOTctOWQ2M2IwNDc2ZTI0
LzEvY1NfeEhkREdiT1pfNFBIWFNjQ1Fudk5CalNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZOCMA0G
CSqGSIb3DQEBCwUAA4IBAQA6p7AwKt9KnrwIIVPVh4rmVQgwCkP2w8C29SpkCg/1
e6pLZpbHQgXZ5zZFyEQneDBs1kGt6jElKEYZyK1l9tDZ+NvTXJaodLwL4JVuBSFi
GWAN8izhFX0fbtYU2078l4Kp3PDHJB4+AEHrmq6PoRddLdVodsgjgDAv8M+bkGHN
ttE8cVYVJb+iCaiUpyvEIkh8uji1XeSfGjICUYrcYkB3UAmPeU1CEtGboUV4hqFy
gedjTzBHmuWV+mgtrj9lhyjbn5XmlKPb3IU5nKJGfhETgbqUCQ2yzkLSxzp4NR+x
1cVLwbM+/HvAuYxyooA7zYV+kDp4A1TjC9J4b0soZgUM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:37 2024 by rpki-client on console-fra.rpki-client.org