Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1qjXpDZajDmb6e57-mEzzD2qH7g.roa
File: 1qjXpDZajDmb6e57-mEzzD2qH7g.roa (raw, json)
Hash identifier: F6TAixAwD01V4s6kwfGJmfsx3RSM8ANy9t9GHyNKN0Y=
Subject key identifier: D6:A8:D7:A4:36:5A:8C:39:9B:E9:EE:7B:FA:61:33:CC:3D:AA:1F:B8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018602763BB8C9566C59DF95A1C9442DE020
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1qjXpDZajDmb6e57-mEzzD2qH7g.roa
Signing time: Mon 30 Jan 2023 11:35:48 +0000
ROA not before: Mon 30 Jan 2023 11:35:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 45.156.158.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Feb 2023 16:29:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:76:3b:b8:c9:56:6c:59:df:95:a1:c9:44:2d:e0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 30 11:35:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a8d7a4365a8c399be9ee7bfa6133cc3daa1fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:a5:ce:9f:c5:dd:03:8b:f9:0e:1f:a9:e4:
af:81:78:ea:69:99:aa:a8:89:77:59:ac:a9:29:da:
2c:78:5a:c0:b3:bf:72:a5:16:3a:71:97:63:5c:61:
5d:ab:6c:2c:3f:c8:c7:77:1e:fe:3e:c8:b0:ae:4d:
a9:56:eb:27:b4:4e:82:ed:5d:62:67:ed:35:db:6a:
d6:32:bc:9a:ae:18:1e:15:f4:36:39:c1:96:1b:4f:
b3:d0:a0:aa:bf:ab:6f:bc:2a:86:2c:ef:90:e3:23:
cb:d3:c9:e9:88:1c:ea:1d:4b:34:48:17:08:b8:43:
13:59:a4:4d:47:0d:56:ee:9a:c1:8d:ed:74:c1:ad:
ca:2b:fa:03:76:b9:47:f4:91:1d:f2:37:5d:98:7f:
6c:cd:94:33:99:f9:73:a3:85:db:b6:25:dc:be:58:
a6:bf:07:77:c1:ad:5f:60:dd:6b:3c:6b:da:e1:e3:
3c:54:05:80:1f:3f:68:28:a8:7d:d0:63:bb:73:e8:
98:a1:a5:df:5a:19:e7:e0:46:a9:6b:c5:0c:41:57:
b0:07:d0:04:d1:14:70:5c:f1:57:49:66:45:b5:a7:
65:ec:13:73:e0:9f:c7:43:5f:35:81:31:df:1e:ac:
e1:64:c5:af:f7:22:ec:e4:6b:5d:85:fe:84:92:18:
41:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A8:D7:A4:36:5A:8C:39:9B:E9:EE:7B:FA:61:33:CC:3D:AA:1F:B8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1qjXpDZajDmb6e57-mEzzD2qH7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.157.0-45.156.158.255
Signature Algorithm: sha256WithRSAEncryption
18:b0:2c:28:4d:38:92:28:a6:88:8c:ca:d8:23:49:f6:21:41:
bc:2e:f7:99:d6:45:68:1f:c7:dd:55:d5:26:06:6b:ff:d4:d0:
c1:d0:32:46:2c:25:a1:4d:a4:e7:f4:e6:50:b0:2b:96:fa:cc:
41:fc:6f:68:fc:25:e6:29:a5:16:2f:f2:95:7d:61:33:c1:21:
49:17:3c:69:39:4a:70:8d:a0:44:36:90:ce:50:b2:50:61:a4:
68:83:f9:5b:46:5c:f6:20:2e:7e:ca:1a:68:0a:f8:e0:ea:18:
fb:7a:26:cb:58:da:c5:01:b7:3b:4c:39:b3:d8:57:78:f5:07:
a5:04:5f:1d:e1:d2:8c:b2:60:9a:05:66:9a:62:08:fd:10:64:
cb:06:11:e5:bc:e1:e5:47:df:56:35:c3:cc:3d:4d:37:b9:4e:
b8:6c:ba:83:fb:5a:56:94:02:65:84:6a:d9:2b:90:91:0e:ca:
b4:81:1d:9d:6a:8e:e2:b1:50:d6:62:8d:c1:8e:17:ae:0d:d7:
28:64:d7:4c:ad:58:31:f3:09:f5:dc:85:1d:2f:f1:58:de:18:
7b:82:c2:92:a2:cc:19:7d:ca:5d:1f:08:57:f7:3e:4d:c3:35:
76:a4:6e:b1:60:6e:11:c3:40:f7:d8:66:ac:bf:1e:53:e8:6a:
00:fd:cb:be
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYYCdju4yVZsWd+VoclELeAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTMwMTEzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE4ZDdhNDM2NWE4YzM5OWJlOWVlN2JmYTYxMzNjYzNkYWExZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu+lzp/F3QOL+Q4fqeSvgXjqaZmq
qIl3WaypKdoseFrAs79ypRY6cZdjXGFdq2wsP8jHdx7+Psiwrk2pVusntE6C7V1i
Z+0122rWMryarhgeFfQ2OcGWG0+z0KCqv6tvvCqGLO+Q4yPL08npiBzqHUs0SBcI
uEMTWaRNRw1W7prBje10wa3KK/oDdrlH9JEd8jddmH9szZQzmflzo4XbtiXcvlim
vwd3wa1fYN1rPGva4eM8VAWAHz9oKKh90GO7c+iYoaXfWhnn4Eapa8UMQVewB9AE
0RRwXPFXSWZFtadl7BNz4J/HQ181gTHfHqzhZMWv9yLs5Gtdhf6EkhhBTQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNao16Q2Wow5m+nue/phM8w9qh+4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMXFqWHBEWmFqRG1iNmU1Ny1tRXp6RDJxSDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtnJ0D
BAAtnJ4wDQYJKoZIhvcNAQELBQADggEBABiwLChNOJIopoiMytgjSfYhQbwu95nW
RWgfx91V1SYGa//U0MHQMkYsJaFNpOf05lCwK5b6zEH8b2j8JeYppRYv8pV9YTPB
IUkXPGk5SnCNoEQ2kM5QslBhpGiD+VtGXPYgLn7KGmgK+ODqGPt6JstY2sUBtztM
ObPYV3j1B6UEXx3h0oyyYJoFZppiCP0QZMsGEeW84eVH31Y1w8w9TTe5TrhsuoP7
WlaUAmWEatkrkJEOyrSBHZ1qjuKxUNZijcGOF64N1yhk10ytWDHzCfXchR0v8Vje
GHuCwpKizBl9yl0fCFf3Pk3DNXakbrFgbhHDQPfYZqy/HlPoagD9y74=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org