Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/hUg5In3idrC-ZFARstOBJcfMooI.roa
File: hUg5In3idrC-ZFARstOBJcfMooI.roa (raw, json)
Hash identifier: C/Nlxa4by8Vm3F33Th1Om09hwg6Bl3YzX7RHZjso/3s=
Subject key identifier: 85:48:39:22:7D:E2:76:B0:BE:64:50:11:B2:D3:81:25:C7:CC:A2:82
Certificate issuer: /CN=a24e523f304e22eae8cff880d8388493c5a01178
Certificate serial: 01856EB8E88DF7AA8FDA7D8654B9EC75B637
Authority key identifier: A2:4E:52:3F:30:4E:22:EA:E8:CF:F8:80:D8:38:84:93:C5:A0:11:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ok5SPzBOIuroz_iA2DiEk8WgEXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/hUg5In3idrC-ZFARstOBJcfMooI.roa
Signing time: Sun 01 Jan 2023 19:04:49 +0000
ROA not before: Sun 01 Jan 2023 19:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48662
IP address blocks: 45.89.0.0/22 maxlen: 24
2a0a:4a00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e8:8d:f7:aa:8f:da:7d:86:54:b9:ec:75:b6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24e523f304e22eae8cff880d8388493c5a01178
Validity
Not Before: Jan 1 19:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=854839227de276b0be645011b2d38125c7cca282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:25:43:0c:2d:68:11:b6:b6:29:87:17:6c:0b:
8c:a3:aa:22:40:23:30:b1:21:a1:9b:40:4f:21:b1:
da:a6:51:1f:0d:8b:c5:48:4c:88:fe:3a:d0:c2:9d:
7f:f4:56:99:12:a9:1b:95:e2:f2:3d:9d:23:07:04:
c9:3b:04:e7:c8:20:25:3d:38:a8:86:3e:d4:ca:4e:
f9:76:71:cd:9a:c4:2b:0f:d6:3d:f4:69:46:42:db:
b6:85:1c:63:63:28:36:fe:91:5b:df:8b:43:df:a1:
7a:3b:d5:d8:2e:1c:33:06:68:b5:55:b7:03:bb:93:
e3:e9:a8:02:d9:d2:4b:74:ed:54:e8:ab:bb:12:99:
12:ac:ad:8c:85:41:56:81:2c:89:22:9e:b3:cc:3e:
e3:08:0a:c0:f7:b5:66:1b:90:28:e5:c0:fc:6e:66:
68:60:ef:b1:35:30:9b:f7:ee:ed:6b:7e:bc:55:d2:
da:bf:58:33:fc:03:bc:9f:14:04:b7:18:8e:28:2b:
c1:e4:82:1a:8e:af:f9:b2:27:66:fd:b0:4a:8e:cf:
db:3a:6b:54:c8:eb:a7:ad:5c:b6:06:67:56:1c:23:
bf:ae:bd:77:fe:31:48:06:d1:13:b0:83:f4:fb:20:
06:e1:59:e9:76:02:80:4e:db:b4:06:ab:55:52:53:
50:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:48:39:22:7D:E2:76:B0:BE:64:50:11:B2:D3:81:25:C7:CC:A2:82
X509v3 Authority Key Identifier:
keyid:A2:4E:52:3F:30:4E:22:EA:E8:CF:F8:80:D8:38:84:93:C5:A0:11:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ok5SPzBOIuroz_iA2DiEk8WgEXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/hUg5In3idrC-ZFARstOBJcfMooI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0ee012-ba7b-4606-9d7c-c4ace4f834b5/1/ok5SPzBOIuroz_iA2DiEk8WgEXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.0.0/22
IPv6:
2a0a:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:81:a0:34:2a:67:6d:ce:84:a6:f0:67:86:e5:b7:63:f7:5d:
49:9e:72:da:83:80:36:48:a2:16:54:5c:4c:7c:2e:93:8e:c4:
23:9a:5c:f9:63:2b:0a:7b:9f:17:6b:8c:8e:03:ff:f0:94:72:
be:d2:ff:5e:19:15:13:5d:96:e3:ae:98:1f:9b:de:8d:23:23:
50:4f:16:ab:cb:3c:56:4a:1a:cc:af:9e:ee:42:78:79:e9:8a:
31:f3:df:fc:20:11:ed:a3:f4:17:d6:d9:0a:ed:b3:5c:13:45:
a2:3c:86:42:bb:a7:df:0a:86:e7:be:d3:4d:3a:6d:99:6c:e3:
c2:e5:22:30:83:a6:e6:c5:c0:47:bb:a9:16:4e:87:01:47:2a:
76:c1:9b:27:5f:0a:f3:bc:11:bd:ed:a4:ff:42:5c:e9:35:68:
a3:99:b2:db:65:67:cc:4c:16:c4:6b:05:7b:76:42:d5:73:e1:
f5:54:77:fb:3f:05:30:fd:27:48:4f:51:15:f0:2f:30:4c:1b:
4b:54:eb:7f:b3:b9:2e:e8:c9:b3:ab:b4:9d:35:42:89:45:fb:
2f:7a:44:9e:60:74:59:79:14:0c:3a:ab:0a:45:f6:2d:37:e9:
b3:ed:33:54:a2:d0:56:43:90:ce:c9:82:a9:3b:51:d2:47:ac:
82:67:2b:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuuOiN96qP2n2GVLnsdbY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGU1MjNmMzA0ZTIyZWFlOGNmZjg4MGQ4Mzg4NDkzYzVh
MDExNzgwHhcNMjMwMTAxMTkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ4MzkyMjdkZTI3NmIwYmU2NDUwMTFiMmQzODEyNWM3Y2NhMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviVDDC1oEba2KYcXbAuMo6oiQCMw
sSGhm0BPIbHaplEfDYvFSEyI/jrQwp1/9FaZEqkbleLyPZ0jBwTJOwTnyCAlPTio
hj7Uyk75dnHNmsQrD9Y99GlGQtu2hRxjYyg2/pFb34tD36F6O9XYLhwzBmi1VbcD
u5Pj6agC2dJLdO1U6Ku7EpkSrK2MhUFWgSyJIp6zzD7jCArA97VmG5Ao5cD8bmZo
YO+xNTCb9+7ta368VdLav1gz/AO8nxQEtxiOKCvB5IIajq/5sidm/bBKjs/bOmtU
yOunrVy2BmdWHCO/rr13/jFIBtETsIP0+yAG4VnpdgKATtu0BqtVUlNQfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIVIOSJ94nawvmRQEbLTgSXHzKKCMB8GA1UdIwQY
MBaAFKJOUj8wTiLq6M/4gNg4hJPFoBF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2s1U1B6Qk9JdXJvel9pQTJEaUVrOFdnRVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wZWUwMTItYmE3Yi00NjA2LTlkN2Mt
YzRhY2U0ZjgzNGI1LzEvaFVnNUluM2lkckMtWkZBUnN0T0JKY2ZNb29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wZWUwMTItYmE3Yi00NjA2LTlkN2MtYzRhY2U0ZjgzNGI1
LzEvb2s1U1B6Qk9JdXJvel9pQTJEaUVrOFdnRVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVkAMA0E
AgACMAcDBQMqCkoAMA0GCSqGSIb3DQEBCwUAA4IBAQBagaA0KmdtzoSm8GeG5bdj
911JnnLag4A2SKIWVFxMfC6TjsQjmlz5YysKe58Xa4yOA//wlHK+0v9eGRUTXZbj
rpgfm96NIyNQTxaryzxWShrMr57uQnh56Yox89/8IBHto/QX1tkK7bNcE0WiPIZC
u6ffCobnvtNNOm2ZbOPC5SIwg6bmxcBHu6kWTocBRyp2wZsnXwrzvBG97aT/Qlzp
NWijmbLbZWfMTBbEawV7dkLVc+H1VHf7PwUw/SdIT1EV8C8wTBtLVOt/s7ku6Mmz
q7SdNUKJRfsvekSeYHRZeRQMOqsKRfYtN+mz7TNUotBWQ5DOyYKpO1HSR6yCZysE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:21 2024 by rpki-client on console-fra.rpki-client.org