Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mN4SMBFmiTVndlmYGzrPSkxP94w.roa
File: mN4SMBFmiTVndlmYGzrPSkxP94w.roa (raw, json)
Hash identifier: D4g6xjqtnVU//CBF0iuKdzxZ/zAOMBunpp564AwkaVY=
Subject key identifier: 98:DE:12:30:11:66:89:35:67:76:59:98:1B:3A:CF:4A:4C:4F:F7:8C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B594156B1CAD55143478CECE516B6
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mN4SMBFmiTVndlmYGzrPSkxP94w.roa
Signing time: Sun 01 Jan 2023 18:15:04 +0000
ROA not before: Sun 01 Jan 2023 18:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398304
IP address blocks: 45.8.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:59:41:56:b1:ca:d5:51:43:47:8c:ec:e5:16:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98de123011668935677659981b3acf4a4c4ff78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:35:c3:8c:a6:f4:91:fb:f3:b0:e6:39:e3:08:
a4:c0:cc:f8:af:ef:17:73:9b:10:18:89:d2:75:36:
20:97:89:a8:38:16:88:92:9e:55:29:79:92:0f:20:
08:ef:76:17:51:9f:ef:ef:67:ed:94:3a:55:99:75:
3c:19:23:4b:87:6e:76:db:6f:47:85:95:3e:36:63:
60:ea:aa:d1:b4:5a:2b:d4:38:9e:48:3d:9d:43:3b:
be:43:64:f1:a6:3a:89:9c:89:02:20:64:08:5c:cb:
33:1f:0e:1b:24:a0:a0:f8:40:d1:1e:75:d2:af:ce:
94:d3:da:7d:ef:e2:55:ad:36:bd:fa:93:dd:88:70:
03:c5:b7:1c:d8:fd:5c:64:8e:ba:29:93:ac:a1:11:
a4:ab:70:1a:2d:60:75:91:9d:4e:b7:67:a4:46:18:
ce:ae:a1:4f:13:91:4e:72:18:e3:e4:3c:76:e3:73:
51:ac:11:a4:d7:ca:71:a6:30:5a:a1:90:3e:ed:94:
38:23:06:12:77:72:40:f9:ed:03:06:6d:a0:1c:4e:
36:3e:e5:a1:ac:19:d2:d7:b3:1d:22:a9:e6:b8:a7:
fe:3b:eb:32:24:cc:72:92:c9:dc:24:e6:d2:73:e2:
50:cc:b1:d4:1d:ad:ae:41:35:4a:2f:b5:5e:1c:1b:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DE:12:30:11:66:89:35:67:76:59:98:1B:3A:CF:4A:4C:4F:F7:8C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/mN4SMBFmiTVndlmYGzrPSkxP94w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.204.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:9e:d0:21:73:c6:f5:f4:b8:c7:50:40:71:3c:4b:34:41:da:
94:4a:56:8d:87:57:a1:ac:1a:80:e3:17:96:2a:d4:64:14:cf:
ba:61:36:4f:16:a2:00:34:c3:46:f3:77:82:bd:14:73:fa:e2:
4f:dc:8a:82:01:6d:28:b1:29:f7:40:05:dd:98:e5:ba:b1:a0:
b3:1e:39:3e:53:e6:40:c1:b2:00:e9:7a:d3:23:b5:86:0c:02:
3d:ec:7e:42:ba:b1:c9:80:9a:09:5f:86:38:c2:3c:eb:9f:0e:
f3:64:05:d0:cd:4e:60:70:5d:79:a0:f9:f6:b4:f2:ee:37:59:
37:29:76:d1:a6:d8:ea:d0:c5:5f:25:a8:26:3d:bb:1b:6f:e9:
6c:f5:4e:05:2a:59:94:7a:58:13:89:6f:8a:35:be:dd:96:ff:
ea:46:53:f4:85:a9:e1:5b:7e:79:eb:4d:ea:cf:8a:7d:4c:d1:
6d:36:d6:5b:7a:b0:55:4d:67:3a:1e:f2:dd:61:51:4a:4f:f2:
91:07:58:8b:ef:a5:7a:34:23:c3:c0:19:01:a6:1f:e8:59:6a:
a9:48:b3:b2:96:26:a0:15:e3:11:6d:a1:af:a4:6f:74:51:73:
05:f6:54:db:b8:52:0e:c8:d1:61:07:cb:38:9b:b2:94:7a:2e:
2a:b2:8f:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVui1lBVrHK1VFDR4zs5Ra2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRlMTIzMDExNjY4OTM1Njc3NjU5OTgxYjNhY2Y0YTRjNGZmNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTXDjKb0kfvzsOY54wikwMz4r+8X
c5sQGInSdTYgl4moOBaIkp5VKXmSDyAI73YXUZ/v72ftlDpVmXU8GSNLh252229H
hZU+NmNg6qrRtFor1DieSD2dQzu+Q2TxpjqJnIkCIGQIXMszHw4bJKCg+EDRHnXS
r86U09p97+JVrTa9+pPdiHADxbcc2P1cZI66KZOsoRGkq3AaLWB1kZ1Ot2ekRhjO
rqFPE5FOchjj5Dx243NRrBGk18pxpjBaoZA+7ZQ4IwYSd3JA+e0DBm2gHE42PuWh
rBnS17MdIqnmuKf+O+syJMxyksncJObSc+JQzLHUHa2uQTVKL7VeHBuvPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjeEjARZok1Z3ZZmBs6z0pMT/eMMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbU40U01CRm1pVFZuZGxtWUd6clBTa3hQOTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjMMA0G
CSqGSIb3DQEBCwUAA4IBAQCMntAhc8b19LjHUEBxPEs0QdqUSlaNh1ehrBqA4xeW
KtRkFM+6YTZPFqIANMNG83eCvRRz+uJP3IqCAW0osSn3QAXdmOW6saCzHjk+U+ZA
wbIA6XrTI7WGDAI97H5CurHJgJoJX4Y4wjzrnw7zZAXQzU5gcF15oPn2tPLuN1k3
KXbRptjq0MVfJagmPbsbb+ls9U4FKlmUelgTiW+KNb7dlv/qRlP0hanhW355603q
z4p9TNFtNtZberBVTWc6HvLdYVFKT/KRB1iL76V6NCPDwBkBph/oWWqpSLOyliag
FeMRbaGvpG90UXMF9lTbuFIOyNFhB8s4m7KUei4qso+y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:23 2023 by rpki-client on console-ams.rpki-client.org