Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/v8kC6larzSGTQuLcvktso3qmcYE.roa
File: v8kC6larzSGTQuLcvktso3qmcYE.roa (raw, json)
Hash identifier: D53OWWVq0MvE+xRPelafXc7K0S09YsLxUbD1MFa0TVM=
Subject key identifier: BF:C9:02:EA:56:AB:CD:21:93:42:E2:DC:BE:4B:6C:A3:7A:A6:71:81
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018B1B5B6461010AD22F924B155209DF453C
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/v8kC6larzSGTQuLcvktso3qmcYE.roa
Signing time: Tue 10 Oct 2023 20:50:56 +0000
ROA not before: Tue 10 Oct 2023 20:50:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 45.149.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:5b:64:61:01:0a:d2:2f:92:4b:15:52:09:df:45:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 10 20:50:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfc902ea56abcd219342e2dcbe4b6ca37aa67181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:16:00:fa:02:82:18:fd:b2:a8:3a:5e:9a:
53:dd:55:86:b5:99:ec:e2:6b:7d:96:62:c7:75:28:
a0:4a:c8:84:d4:34:af:43:5b:9e:f8:e7:40:33:17:
18:87:37:32:44:ce:b7:d6:58:5b:82:d0:af:3a:ae:
8f:88:29:bb:d1:2f:db:db:9f:97:69:04:e0:62:3e:
c7:fa:91:83:37:da:65:70:e7:e2:ea:03:b1:47:a6:
20:f7:e0:72:93:ba:fe:d0:86:b1:70:26:6c:8e:a0:
21:14:9f:9a:1f:d1:c1:1b:c5:90:78:ac:63:b9:bb:
03:46:18:bc:6f:59:a0:10:14:d9:b6:56:db:2d:f0:
24:dd:d9:ee:fb:1c:46:ff:0e:f4:a7:b3:53:a6:87:
81:97:a3:19:97:a0:01:6a:ce:2e:67:64:cb:07:a8:
c2:26:cb:7b:bf:01:03:9f:f8:05:d8:72:3d:7b:b7:
95:1a:ac:c5:f4:4a:f4:44:e7:2b:c2:14:1f:93:10:
dd:e1:08:61:d5:b4:50:02:37:fb:8c:9b:ba:f1:45:
8d:72:42:9d:f2:32:6a:2b:e2:8b:6a:8d:dc:ee:0d:
d7:23:9d:98:41:86:cd:80:14:d2:79:bb:d3:85:13:
40:28:f6:1b:11:ed:d0:b5:21:8c:03:49:23:21:e0:
8b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C9:02:EA:56:AB:CD:21:93:42:E2:DC:BE:4B:6C:A3:7A:A6:71:81
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/v8kC6larzSGTQuLcvktso3qmcYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.94.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:72:b1:90:fd:09:8f:ce:f9:bf:c9:da:7c:14:d6:a1:9a:e9:
ae:7b:09:99:ed:b4:b5:fd:f7:76:90:86:17:4d:39:d5:a0:b8:
84:c2:e9:32:53:a9:04:01:5c:2b:c0:ed:16:b1:cd:9b:79:63:
f3:2d:6d:f5:92:09:c7:40:eb:e6:84:71:c4:ab:4e:15:7a:02:
23:e1:21:54:94:95:d8:30:6b:90:0e:69:60:dc:52:0d:2e:73:
09:7d:67:44:8f:df:fb:95:1b:e2:50:cc:cf:ad:73:13:8c:02:
53:9e:8d:d8:22:ad:88:65:6d:e2:ec:04:5b:48:df:c9:33:be:
09:4a:a5:27:8d:c6:31:c3:5c:ad:8a:e2:d3:2b:ba:e1:4b:76:
b2:c0:c1:f0:cc:d0:a7:09:cc:ef:d5:ac:50:7e:02:1b:6b:f9:
c6:46:cc:0f:cd:81:77:3b:8a:ab:42:11:53:04:08:85:9b:2a:
8d:77:c6:12:d3:c5:46:8b:76:97:9f:a5:9b:4b:b2:fd:4b:dc:
03:64:5c:6e:d1:c3:96:35:c6:06:4d:ea:8d:82:e9:3c:c2:17:
ea:a1:b0:23:5d:21:fc:9c:bc:9f:a5:26:5e:01:17:24:52:f5:
c0:af:f8:94:67:74:be:44:bc:a2:4e:d0:2c:eb:99:64:40:b3:
2b:d3:f0:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsbW2RhAQrSL5JLFVIJ30U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMxMDEwMjA1MDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM5MDJlYTU2YWJjZDIxOTM0MmUyZGNiZTRiNmNhMzdhYTY3MTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV8WAPoCghj9sqg6XppT3VWGtZns
4mt9lmLHdSigSsiE1DSvQ1ue+OdAMxcYhzcyRM631lhbgtCvOq6PiCm70S/b25+X
aQTgYj7H+pGDN9plcOfi6gOxR6Yg9+Byk7r+0IaxcCZsjqAhFJ+aH9HBG8WQeKxj
ubsDRhi8b1mgEBTZtlbbLfAk3dnu+xxG/w70p7NTpoeBl6MZl6ABas4uZ2TLB6jC
Jst7vwEDn/gF2HI9e7eVGqzF9Er0ROcrwhQfkxDd4Qhh1bRQAjf7jJu68UWNckKd
8jJqK+KLao3c7g3XI52YQYbNgBTSebvThRNAKPYbEe3QtSGMA0kjIeCLFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/JAupWq80hk0Li3L5LbKN6pnGBMB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvdjhrQzZsYXJ6U0dUUXVMY3ZrdHNvM3FtY1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVeMA0G
CSqGSIb3DQEBCwUAA4IBAQAscrGQ/QmPzvm/ydp8FNahmumuewmZ7bS1/fd2kIYX
TTnVoLiEwukyU6kEAVwrwO0Wsc2beWPzLW31kgnHQOvmhHHEq04VegIj4SFUlJXY
MGuQDmlg3FINLnMJfWdEj9/7lRviUMzPrXMTjAJTno3YIq2IZW3i7ARbSN/JM74J
SqUnjcYxw1ytiuLTK7rhS3aywMHwzNCnCczv1axQfgIba/nGRswPzYF3O4qrQhFT
BAiFmyqNd8YS08VGi3aXn6WbS7L9S9wDZFxu0cOWNcYGTeqNguk8whfqobAjXSH8
nLyfpSZeARckUvXAr/iUZ3S+RLyiTtAs65lkQLMr0/D2
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:39 2024 by rpki-client on console-ams.rpki-client.org