Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/AVqM9fOZx1w23wlryIA3vV8olhQ.roa
File: AVqM9fOZx1w23wlryIA3vV8olhQ.roa (raw, json)
Hash identifier: T5ywqy/twKBOhRKaGRCy4p+pT55DfKpDaX5Qwqxvh4w=
Subject key identifier: 01:5A:8C:F5:F3:99:C7:5C:36:DF:09:6B:C8:80:37:BD:5F:28:96:14
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018B470279D55530ED47D70159661134E15F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/AVqM9fOZx1w23wlryIA3vV8olhQ.roa
Signing time: Thu 19 Oct 2023 08:17:06 +0000
ROA not before: Thu 19 Oct 2023 08:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.8.191.0/24 maxlen: 24
45.8.187.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:02:79:d5:55:30:ed:47:d7:01:59:66:11:34:e1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 19 08:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=015a8cf5f399c75c36df096bc88037bd5f289614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9d:e9:a5:8a:ec:21:4b:22:73:06:fe:44:d8:
ef:ee:df:08:83:6f:44:79:a1:f0:8f:47:8d:71:42:
38:90:b3:a9:1a:aa:2b:03:18:e0:05:71:2b:fa:60:
ef:71:47:f9:37:c2:e4:75:65:7d:5e:9f:b6:c6:b0:
97:6f:13:f8:c8:fc:63:9f:ca:8b:28:ee:c7:39:3d:
0e:25:60:8b:00:db:ff:08:7f:9c:76:ba:75:80:ee:
f7:27:10:a1:7a:9e:23:3e:d5:1d:6c:6f:fe:d8:7d:
7d:32:fb:9b:eb:6f:be:f8:f1:6a:de:d7:f3:04:78:
c1:c6:72:0a:a6:ad:47:ae:cd:29:c0:bf:91:3a:79:
34:b0:bf:5b:05:4d:ed:9f:77:2d:88:fd:a6:ea:75:
a0:17:49:ff:37:81:4a:3e:89:7e:a3:9a:7e:d3:5d:
46:58:89:08:2d:e6:3d:1b:9b:92:14:f4:b5:6f:b0:
e1:e6:6e:b1:41:59:4a:d7:c6:31:ba:96:ab:d1:1f:
80:34:8f:f9:b9:af:b9:a9:57:36:e2:3c:e7:8c:7e:
80:ee:14:b2:4b:3a:87:4b:86:ec:32:63:b3:77:d5:
2b:1c:8c:ae:81:e6:f5:7d:33:0a:07:57:3d:f3:ca:
b0:34:28:6a:96:94:7f:c7:aa:6c:93:bf:71:07:a5:
2b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5A:8C:F5:F3:99:C7:5C:36:DF:09:6B:C8:80:37:BD:5F:28:96:14
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/AVqM9fOZx1w23wlryIA3vV8olhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.187.0/24
45.8.191.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:99:b7:7a:3f:c1:5c:e8:d7:71:f0:ff:6d:e0:32:26:38:5b:
26:5b:8d:da:17:97:46:54:13:fb:91:39:0a:78:ff:aa:c3:20:
e7:13:df:45:9f:9c:5f:ce:8e:c8:39:57:b8:12:93:dd:b9:9a:
51:61:0c:34:c7:41:39:10:34:b8:85:88:ed:30:ec:76:8e:e9:
2e:43:b0:f6:5f:38:9e:a6:fc:59:19:7a:b3:f8:bb:11:5a:70:
34:77:e0:93:bf:71:d0:45:a7:6b:a0:a5:49:97:03:39:b3:1c:
fa:bb:35:81:1d:c3:7a:4b:f4:d2:de:d0:a0:42:db:15:71:e4:
75:0e:01:25:51:91:aa:6a:99:29:24:08:35:e7:94:ac:2e:f6:
2f:52:3e:8c:8d:85:e8:15:0a:0c:56:2e:5c:b6:38:c3:7a:fd:
aa:e8:fe:29:00:20:46:f6:8d:2a:e7:96:b0:6b:7b:ff:b6:b1:
4c:31:8b:d6:2b:00:00:9b:d5:a2:fb:c7:7d:a3:2a:3f:7c:4d:
60:d3:1d:2d:2c:63:dd:3f:4d:6d:83:e6:17:5c:15:f9:40:7d:
c9:15:1f:72:38:2b:7b:01:36:e2:0a:63:93:d1:14:3d:9c:cc:
46:d1:42:59:e1:f6:ce:89:52:90:dd:bb:ec:54:3b:ac:70:2c:
fd:b0:ce:fb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtHAnnVVTDtR9cBWWYRNOFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMxMDE5MDgxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVhOGNmNWYzOTljNzVjMzZkZjA5NmJjODgwMzdiZDVmMjg5NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj53ppYrsIUsicwb+RNjv7t8Ig29E
eaHwj0eNcUI4kLOpGqorAxjgBXEr+mDvcUf5N8LkdWV9Xp+2xrCXbxP4yPxjn8qL
KO7HOT0OJWCLANv/CH+cdrp1gO73JxChep4jPtUdbG/+2H19Mvub62+++PFq3tfz
BHjBxnIKpq1Hrs0pwL+ROnk0sL9bBU3tn3ctiP2m6nWgF0n/N4FKPol+o5p+011G
WIkILeY9G5uSFPS1b7Dh5m6xQVlK18Yxupar0R+ANI/5ua+5qVc24jznjH6A7hSy
SzqHS4bsMmOzd9UrHIyugeb1fTMKB1c988qwNChqlpR/x6psk79xB6UrPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAFajPXzmcdcNt8Ja8iAN71fKJYUMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQVZxTTlmT1p4MXcyM3dscnlJQTN2VjhvbGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQi7AwQA
LQi/MA0GCSqGSIb3DQEBCwUAA4IBAQC1mbd6P8Fc6Ndx8P9t4DImOFsmW43aF5dG
VBP7kTkKeP+qwyDnE99Fn5xfzo7IOVe4EpPduZpRYQw0x0E5EDS4hYjtMOx2juku
Q7D2XziepvxZGXqz+LsRWnA0d+CTv3HQRadroKVJlwM5sxz6uzWBHcN6S/TS3tCg
QtsVceR1DgElUZGqapkpJAg155SsLvYvUj6MjYXoFQoMVi5ctjjDev2q6P4pACBG
9o0q55awa3v/trFMMYvWKwAAm9Wi+8d9oyo/fE1g0x0tLGPdP01tg+YXXBX5QH3J
FR9yOCt7ATbiCmOT0RQ9nMxG0UJZ4fbOiVKQ3bvsVDuscCz9sM77
-----END CERTIFICATE-----
Generated at Thu Oct 19 12:40:43 2023 by rpki-client on console-ams.rpki-client.org