Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/5CNlK0Irwf4DJvxs58MXReWa1XM.roa
File: 5CNlK0Irwf4DJvxs58MXReWa1XM.roa (raw, json)
Hash identifier: b9SnBYeNqxtZXE/0QEq8nBF7viQ8G0ROY/ZykJrVFro=
Subject key identifier: E4:23:65:2B:42:2B:C1:FE:03:26:FC:6C:E7:C3:17:45:E5:9A:D5:73
Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Certificate serial: 01856FF018E7211B9FCEC6BD9503E357E758
Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/5CNlK0Irwf4DJvxs58MXReWa1XM.roa
Signing time: Mon 02 Jan 2023 00:44:44 +0000
ROA not before: Mon 02 Jan 2023 00:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25074
IP address blocks: 45.84.74.0/23 maxlen: 23
2a0e:a680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:34:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:18:e7:21:1b:9f:ce:c6:bd:95:03:e3:57:e7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19
Validity
Not Before: Jan 2 00:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e423652b422bc1fe0326fc6ce7c31745e59ad573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e8:67:38:d5:4f:0f:f6:ef:e2:df:74:a8:48:
7d:8f:9f:19:15:4f:b0:48:41:1b:97:9a:f7:72:8a:
45:6a:1c:d8:0c:3b:f9:09:2f:ef:c9:a8:ce:cf:d9:
3d:71:95:2b:f3:09:cf:f4:b0:5e:53:22:f7:18:00:
0e:78:68:e0:25:dc:1f:3e:e3:17:5e:36:34:a3:e7:
ab:69:ef:cd:6f:37:6e:32:45:19:cd:dd:aa:f7:32:
a6:a9:fa:0b:58:b3:e8:56:71:89:1a:93:95:29:b3:
8d:07:b1:fe:89:8d:d3:83:dd:80:d4:d3:b5:ff:e8:
fa:c7:83:64:a3:15:0f:50:1c:38:d1:33:9c:76:4a:
3b:f5:74:61:13:48:4d:f7:5b:9a:9e:b4:e5:14:05:
7f:06:b7:ca:9f:27:ac:46:fc:38:12:41:bd:db:8b:
fa:4d:49:c1:74:8a:ed:93:c8:e5:b9:7c:4f:76:b9:
9e:bf:fe:b6:59:58:ed:52:b9:d6:84:50:90:31:d0:
20:50:2b:7d:2e:24:ff:70:0e:a2:0f:e0:6e:41:9d:
c9:2f:83:59:ed:53:bb:50:5a:bd:9a:34:11:c1:3b:
4a:41:1d:14:9e:b1:38:ae:6b:3f:a4:a3:54:32:80:
23:63:3c:30:8b:3b:f0:19:ea:e6:40:a0:13:19:d7:
0e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:23:65:2B:42:2B:C1:FE:03:26:FC:6C:E7:C3:17:45:E5:9A:D5:73
X509v3 Authority Key Identifier:
keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/5CNlK0Irwf4DJvxs58MXReWa1XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.74.0/23
IPv6:
2a0e:a680:1::/48
Signature Algorithm: sha256WithRSAEncryption
7d:90:4e:38:40:b5:33:f1:a7:58:c7:0f:c9:69:53:77:4d:14:
8e:cd:4f:a2:a0:95:17:b9:6f:66:9b:dc:4b:61:05:7b:a2:1e:
ba:68:de:0e:10:ff:4e:60:b1:fc:33:a0:eb:a5:b2:ee:21:62:
e5:81:78:60:ec:36:d7:bd:de:fd:1f:bd:7b:30:f7:4b:fa:6a:
24:2c:94:94:2c:0d:0f:47:70:1c:7b:75:cd:f2:fa:92:af:7e:
60:20:10:35:e9:79:f4:b3:c7:5f:94:cb:8c:ad:03:da:37:c9:
66:dd:83:7a:0e:2a:66:30:83:dc:cc:e4:6d:fd:ef:23:f1:f6:
56:9a:69:43:b3:81:ea:7a:e4:86:f9:16:74:c6:ec:71:d2:26:
3d:66:ea:bb:74:fe:e0:f5:56:1f:b0:de:a9:2c:5e:c7:d7:e4:
fa:b8:d6:d9:e2:5e:10:69:24:64:53:63:46:36:d8:6d:34:f9:
87:19:55:08:02:00:c9:69:d1:94:3f:49:15:0d:09:fd:92:8e:
e7:9f:22:b8:d6:97:5b:60:77:34:e8:50:cf:2b:61:7f:0d:09:
c9:50:a6:64:9a:39:51:b8:31:2e:6c:bc:c7:c0:67:08:70:9f:
0a:ef:80:67:fe:51:5b:f6:8f:1f:9f:be:76:a0:4e:f6:19:d8:
04:84:1b:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVv8BjnIRufzsa9lQPjV+dYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm
MGVlMTkwHhcNMjMwMTAyMDA0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDIzNjUyYjQyMmJjMWZlMDMyNmZjNmNlN2MzMTc0NWU1OWFkNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouhnONVPD/bv4t90qEh9j58ZFU+w
SEEbl5r3copFahzYDDv5CS/vyajOz9k9cZUr8wnP9LBeUyL3GAAOeGjgJdwfPuMX
XjY0o+erae/NbzduMkUZzd2q9zKmqfoLWLPoVnGJGpOVKbONB7H+iY3Tg92A1NO1
/+j6x4NkoxUPUBw40TOcdko79XRhE0hN91uanrTlFAV/BrfKnyesRvw4EkG924v6
TUnBdIrtk8jluXxPdrmev/62WVjtUrnWhFCQMdAgUCt9LiT/cA6iD+BuQZ3JL4NZ
7VO7UFq9mjQRwTtKQR0UnrE4rms/pKNUMoAjYzwwizvwGermQKATGdcOOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOQjZStCK8H+Ayb8bOfDF0XlmtVzMB8GA1UdIwQY
MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt
YTZiMWFkMzRlMDhjLzEvNUNObEswSXJ3ZjRESnZ4czU4TVhSZVdhMVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj
LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBLVRKMA8E
AgACMAkDBwAqDqaAAAEwDQYJKoZIhvcNAQELBQADggEBAH2QTjhAtTPxp1jHD8lp
U3dNFI7NT6KglRe5b2ab3EthBXuiHrpo3g4Q/05gsfwzoOulsu4hYuWBeGDsNte9
3v0fvXsw90v6aiQslJQsDQ9HcBx7dc3y+pKvfmAgEDXpefSzx1+Uy4ytA9o3yWbd
g3oOKmYwg9zM5G397yPx9laaaUOzgep65Ib5FnTG7HHSJj1m6rt0/uD1Vh+w3qks
XsfX5Pq41tniXhBpJGRTY0Y22G00+YcZVQgCAMlp0ZQ/SRUNCf2SjuefIrjWl1tg
dzToUM8rYX8NCclQpmSaOVG4MS5svMfAZwhwnwrvgGf+UVv2jx+fvnagTvYZ2ASE
G84=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:03 2024 by rpki-client on console-ams.rpki-client.org