Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3uRE5mp9_CGRh3JRw5LkjoehFKQ.roa
File: 3uRE5mp9_CGRh3JRw5LkjoehFKQ.roa (raw, json)
Hash identifier: /MVZltL2/sAsAjkUfKDzsHcPiCilG1pQ622D9kQabUI=
Subject key identifier: DE:E4:44:E6:6A:7D:FC:21:91:87:72:51:C3:92:E4:8E:87:A1:14:A4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571030C882DDC2314BFA39EAE0275F50D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3uRE5mp9_CGRh3JRw5LkjoehFKQ.roa
Signing time: Mon 02 Jan 2023 05:45:03 +0000
ROA not before: Mon 02 Jan 2023 05:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51681
IP address blocks: 45.133.2.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:0c:88:2d:dc:23:14:bf:a3:9e:ae:02:75:f5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dee444e66a7dfc2191877251c392e48e87a114a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ac:0e:ba:d2:d0:e0:26:61:ef:33:51:42:09:
21:ce:c9:51:94:4f:8d:db:da:68:85:5b:77:fc:be:
56:97:de:53:c8:17:9e:9c:00:b2:50:9f:bc:50:4f:
76:3b:8f:f8:16:2c:b1:df:f1:3e:2b:53:8f:d2:a9:
51:fb:7f:54:55:dc:76:6e:22:2f:95:39:dc:5f:47:
65:15:39:11:cc:dd:c0:fe:47:6e:23:e1:1b:d7:c4:
79:9d:d9:20:e0:02:4b:47:a4:a3:fa:de:60:c7:1b:
77:d5:5e:86:a2:af:c6:0f:bb:ba:7f:c0:cc:82:cc:
97:58:ce:5d:a8:c8:3a:08:d1:f5:1b:3e:33:5e:6f:
32:44:b9:58:47:47:e9:83:f8:81:87:5d:a3:8d:71:
9b:1d:43:98:98:44:10:0b:39:56:5b:a5:e0:34:0a:
d6:2b:ea:b4:7f:a0:2e:62:3e:0f:af:7a:96:8e:7f:
55:fd:e6:4a:dd:8e:68:c1:1c:7d:d5:a4:b0:7b:07:
8b:cf:28:64:d4:d4:46:f5:f3:b9:85:86:65:d6:e5:
4b:44:ad:58:b0:ec:a9:b3:d5:15:49:cf:aa:98:b6:
2a:fa:8a:55:6d:64:43:9d:12:6e:15:d9:f9:f8:3a:
37:35:d3:ce:e2:ec:49:3f:79:e7:3b:8e:b6:f7:08:
94:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E4:44:E6:6A:7D:FC:21:91:87:72:51:C3:92:E4:8E:87:A1:14:A4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3uRE5mp9_CGRh3JRw5LkjoehFKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.2.0/23
Signature Algorithm: sha256WithRSAEncryption
11:13:a2:c0:20:7c:2f:b0:70:e5:61:0a:27:8e:61:3b:b1:79:
d9:8a:27:dd:cb:26:80:c9:97:5b:c0:b5:7f:b5:a3:94:c6:50:
2f:5d:59:9a:f3:0c:09:45:2a:b9:5a:93:6b:9e:3c:69:5a:0e:
6c:03:f6:18:d5:1d:b5:ee:b8:8d:98:44:6c:18:13:67:59:38:
72:66:f4:3b:2d:cb:d7:b1:af:b3:4c:2e:d8:83:cb:35:db:f5:
fb:35:12:d6:ed:7f:d0:ae:15:8d:60:42:b8:f2:d1:25:15:01:
8b:fe:88:99:11:c5:bb:d1:d2:87:f3:50:6f:34:4d:24:f9:b1:
30:10:58:5e:3f:9f:60:35:d2:ad:17:b9:ee:d9:fc:7e:43:7d:
98:0c:09:ef:a7:ba:7c:db:3a:f7:8e:39:d4:7e:6b:db:10:d3:
2a:02:00:7b:1b:10:2c:9b:2e:a2:32:6e:00:1d:56:a9:a3:55:
88:2e:fa:22:2d:c2:aa:c3:e1:1b:1e:dc:66:9f:49:3b:a1:2a:
b3:bb:f8:41:ac:84:14:14:30:de:7d:9b:0a:2f:8c:18:50:ce:
44:c5:ce:a7:f5:62:14:97:da:ef:1f:eb:38:de:e4:5d:c4:53:
29:92:f3:10:c3:a0:c4:73:ed:59:02:1e:6f:b4:a5:ac:45:f4:
02:a6:34:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAwyILdwjFL+jnq4CdfUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWU0NDRlNjZhN2RmYzIxOTE4NzcyNTFjMzkyZTQ4ZTg3YTExNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqwOutLQ4CZh7zNRQgkhzslRlE+N
29pohVt3/L5Wl95TyBeenACyUJ+8UE92O4/4Fiyx3/E+K1OP0qlR+39UVdx2biIv
lTncX0dlFTkRzN3A/kduI+Eb18R5ndkg4AJLR6Sj+t5gxxt31V6Goq/GD7u6f8DM
gsyXWM5dqMg6CNH1Gz4zXm8yRLlYR0fpg/iBh12jjXGbHUOYmEQQCzlWW6XgNArW
K+q0f6AuYj4Pr3qWjn9V/eZK3Y5owRx91aSweweLzyhk1NRG9fO5hYZl1uVLRK1Y
sOyps9UVSc+qmLYq+opVbWRDnRJuFdn5+Do3NdPO4uxJP3nnO4629wiUlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7kROZqffwhkYdyUcOS5I6HoRSkMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvM3VSRTVtcDlfQ0dSaDNKUnc1TGtqb2VoRktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYUCMA0G
CSqGSIb3DQEBCwUAA4IBAQARE6LAIHwvsHDlYQonjmE7sXnZiifdyyaAyZdbwLV/
taOUxlAvXVma8wwJRSq5WpNrnjxpWg5sA/YY1R217riNmERsGBNnWThyZvQ7LcvX
sa+zTC7Yg8s12/X7NRLW7X/QrhWNYEK48tElFQGL/oiZEcW70dKH81BvNE0k+bEw
EFheP59gNdKtF7nu2fx+Q32YDAnvp7p82zr3jjnUfmvbENMqAgB7GxAsmy6iMm4A
HVapo1WILvoiLcKqw+EbHtxmn0k7oSqzu/hBrIQUFDDefZsKL4wYUM5Exc6n9WIU
l9rvH+s43uRdxFMpkvMQw6DEc+1ZAh5vtKWsRfQCpjQb
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org