Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AgZCWzGX1QYQJsbSu46fkHpnQvg.roa
File: AgZCWzGX1QYQJsbSu46fkHpnQvg.roa (raw, json)
Hash identifier: eg75/lqFyrZzEMHnOu0dT++96UdTU8QCGbWX21WUDn0=
Subject key identifier: 02:06:42:5B:31:97:D5:06:10:26:C6:D2:BB:8E:9F:90:7A:67:42:F8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018A1B9D8FDDF6FEC4FB6170DF58B8163904
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AgZCWzGX1QYQJsbSu46fkHpnQvg.roa
Signing time: Tue 22 Aug 2023 05:00:25 +0000
ROA not before: Tue 22 Aug 2023 05:00:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 45.8.71.0/24 maxlen: 24
2a0b:64c2::/32 maxlen: 32
2a0b:64c3::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:9d:8f:dd:f6:fe:c4:fb:61:70:df:58:b8:16:39:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 22 05:00:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0206425b3197d5061026c6d2bb8e9f907a6742f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f3:72:55:f8:8c:0f:81:13:4f:14:8c:d6:b3:
05:78:27:21:72:bf:95:e6:27:7e:8b:80:22:bb:30:
18:e9:23:52:7b:80:19:f0:fa:a8:bf:0b:ce:6e:77:
00:70:4f:89:f6:4b:a7:6b:47:fc:85:82:0a:a6:dc:
e3:14:6e:68:71:24:9d:44:7e:31:c0:9b:99:e7:53:
64:21:b9:1d:f8:c2:15:9b:3b:3f:0d:46:89:30:3d:
0f:d5:fa:d2:6a:05:23:fd:bf:e2:cf:0a:76:43:fa:
7f:9e:64:64:b8:77:b5:98:5f:80:72:be:10:79:22:
36:0b:5c:c8:96:81:51:a5:95:a3:17:34:31:18:b8:
cb:4e:73:0a:3a:4d:fc:f2:ad:34:4f:8a:c2:ab:b0:
fa:db:5c:fd:b5:c7:09:2f:3b:29:fa:b9:e9:6a:60:
e8:26:3f:69:68:ad:27:c4:e9:b4:87:72:6e:68:42:
83:51:f6:78:c4:a5:72:6e:c3:11:44:b1:fb:4a:69:
f7:73:38:e1:8a:bf:42:44:fe:ca:54:b1:f9:ae:a7:
b6:20:5b:43:f9:e9:0e:59:74:f1:e4:e5:0a:96:89:
b1:2e:1f:df:5a:a3:8e:fd:fc:87:7e:f0:a4:79:be:
fb:93:71:53:08:5c:46:82:04:11:97:a2:1c:08:6c:
ab:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:06:42:5B:31:97:D5:06:10:26:C6:D2:BB:8E:9F:90:7A:67:42:F8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AgZCWzGX1QYQJsbSu46fkHpnQvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.71.0/24
IPv6:
2a0b:64c2::/31
Signature Algorithm: sha256WithRSAEncryption
76:4f:65:ae:0c:5f:ee:42:61:95:69:09:e6:17:d7:76:0a:9b:
70:2e:1d:a1:2d:1a:46:ad:42:7f:cd:6a:73:e6:1f:9f:81:a9:
f4:e0:aa:02:e1:68:f0:0d:56:ad:da:79:f0:32:09:53:52:b1:
e4:ee:b0:47:31:e5:e2:bf:9a:2e:87:73:35:fc:77:1f:61:b0:
4e:8a:82:fc:3e:4d:f8:ef:43:ed:66:61:30:c2:25:d8:9b:c3:
ef:e9:98:3d:d7:f6:54:2a:24:ae:bf:78:75:7d:03:6c:13:dc:
75:4b:32:5e:09:b0:88:f9:e5:b4:af:6d:74:08:d9:18:75:75:
1d:3f:f8:01:49:0d:63:5e:74:8f:a2:36:74:11:a9:3f:fd:77:
54:cd:9f:8b:57:5f:73:6b:8b:54:cf:13:9d:1f:e9:6a:d9:66:
6f:40:2c:f9:89:12:77:c2:ca:ea:65:c6:8d:d4:3b:f9:60:87:
e5:2b:32:6a:db:82:6d:4c:cb:94:b3:34:15:58:66:ec:7b:cb:
43:d6:6d:01:51:68:08:c8:ee:c8:ae:2e:93:db:1e:3f:cd:05:
1f:04:12:e3:f7:bb:c3:30:57:8a:84:60:62:a0:98:fd:41:03:
1f:05:d5:51:a1:9f:5a:44:97:66:6a:11:78:b9:a8:44:f8:ff:
ca:d4:1c:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYobnY/d9v7E+2Fw31i4FjkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwODIyMDUwMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjA2NDI1YjMxOTdkNTA2MTAyNmM2ZDJiYjhlOWY5MDdhNjc0MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vNyVfiMD4ETTxSM1rMFeCchcr+V
5id+i4AiuzAY6SNSe4AZ8PqovwvObncAcE+J9kuna0f8hYIKptzjFG5ocSSdRH4x
wJuZ51NkIbkd+MIVmzs/DUaJMD0P1frSagUj/b/izwp2Q/p/nmRkuHe1mF+Acr4Q
eSI2C1zIloFRpZWjFzQxGLjLTnMKOk388q00T4rCq7D621z9tccJLzsp+rnpamDo
Jj9paK0nxOm0h3JuaEKDUfZ4xKVybsMRRLH7Smn3czjhir9CRP7KVLH5rqe2IFtD
+ekOWXTx5OUKlomxLh/fWqOO/fyHfvCkeb77k3FTCFxGggQRl6IcCGyrDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAIGQlsxl9UGECbG0ruOn5B6Z0L4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQWdaQ1d6R1gxUVlRSnNiU3U0NmZrSHBuUXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQhHMA0E
AgACMAcDBQEqC2TCMA0GCSqGSIb3DQEBCwUAA4IBAQB2T2WuDF/uQmGVaQnmF9d2
CptwLh2hLRpGrUJ/zWpz5h+fgan04KoC4WjwDVat2nnwMglTUrHk7rBHMeXiv5ou
h3M1/HcfYbBOioL8Pk3470PtZmEwwiXYm8Pv6Zg91/ZUKiSuv3h1fQNsE9x1SzJe
CbCI+eW0r210CNkYdXUdP/gBSQ1jXnSPojZ0Eak//XdUzZ+LV19za4tUzxOdH+lq
2WZvQCz5iRJ3wsrqZcaN1Dv5YIflKzJq24JtTMuUszQVWGbse8tD1m0BUWgIyO7I
ri6T2x4/zQUfBBLj97vDMFeKhGBioJj9QQMfBdVRoZ9aRJdmahF4uahE+P/K1ByP
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org