Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FkXdETOqZEWFxCDB-AwBZqbbHvs.roa
File: FkXdETOqZEWFxCDB-AwBZqbbHvs.roa (raw, json)
Hash identifier: 3MYeujjqfoMHoLalXCc3ciXNtuOOZYdqXgmA4twKGyY=
Subject key identifier: 16:45:DD:11:33:AA:64:45:85:C4:20:C1:F8:0C:01:66:A6:DB:1E:FB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018B2DCA04A2516C7F2A5240EC39F5A2B454
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FkXdETOqZEWFxCDB-AwBZqbbHvs.roa
Signing time: Sat 14 Oct 2023 10:44:55 +0000
ROA not before: Sat 14 Oct 2023 10:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 45.156.159.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:ca:04:a2:51:6c:7f:2a:52:40:ec:39:f5:a2:b4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 14 10:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1645dd1133aa644585c420c1f80c0166a6db1efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:d9:ae:d3:6a:9a:a6:aa:61:5f:20:59:f0:
6d:8d:57:2d:41:c9:fd:ce:88:8a:5f:67:e2:59:ab:
9b:c3:12:5c:81:0d:d7:b1:82:26:d1:b3:c9:a5:ab:
9b:e5:79:9d:b6:38:96:c8:75:ab:9f:de:85:3f:f8:
70:57:e4:97:71:8f:35:39:a4:33:75:8b:5e:7a:d0:
98:e2:9d:03:3c:5d:64:7d:38:ef:d1:30:1f:70:b8:
86:50:3b:b5:ab:5d:c9:1e:26:81:41:d0:72:1f:b5:
a8:aa:00:31:90:45:36:11:dd:75:7b:4a:bc:ad:83:
85:30:ee:16:92:ef:b0:02:a3:25:d9:8b:b4:bd:8d:
f4:f3:f3:d7:c5:0c:11:74:6d:cd:3b:e2:5b:a3:ce:
6d:58:e6:d0:d7:3c:dc:7d:72:69:51:ad:3a:47:73:
a1:61:ca:a7:48:ec:12:92:0d:ee:33:d3:63:1b:85:
18:c8:93:0f:9e:29:d5:b8:8b:b4:af:43:7b:c0:d8:
49:8f:c0:f3:5f:a8:a4:30:75:3a:4c:b8:b1:24:dc:
81:1e:71:de:6f:45:46:a8:56:32:37:18:07:21:c3:
83:31:1e:31:a6:5f:3a:3d:a0:72:25:4b:6d:97:cf:
f6:aa:f4:51:4a:15:9b:93:bb:ab:d2:49:c4:36:b2:
c0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:45:DD:11:33:AA:64:45:85:C4:20:C1:F8:0C:01:66:A6:DB:1E:FB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FkXdETOqZEWFxCDB-AwBZqbbHvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.159.0/24
Signature Algorithm: sha256WithRSAEncryption
80:74:c2:18:61:94:96:f0:ce:19:50:d3:9f:fd:0c:a2:26:44:
aa:bb:9f:bc:ac:20:ca:2d:e2:17:6a:9d:41:6b:22:37:39:8b:
52:31:c5:7e:40:44:3b:5b:f7:10:4a:3f:c4:fc:61:30:db:be:
97:25:3e:1e:e1:66:d6:79:60:f2:2f:04:e0:6d:d6:8f:22:a4:
72:6c:93:fa:48:39:38:e4:5c:37:ab:25:db:72:88:30:9a:6e:
e1:08:79:4e:90:a0:d7:ce:f0:e7:8d:cb:47:03:bf:40:18:ed:
7d:3e:70:71:2e:9d:2e:68:fb:e6:83:3c:fa:3a:f0:5d:59:85:
88:b4:fc:71:80:b1:54:33:ca:6a:8b:71:7b:8b:d0:4c:0e:5b:
bf:13:8f:cf:e3:19:da:a3:0c:06:b7:77:9f:94:c1:78:6e:97:
3a:65:44:93:1c:61:f4:7e:63:c2:0b:88:3a:c9:58:07:ce:c7:
3f:49:d2:e5:81:07:15:a2:d7:23:fc:89:e3:54:b8:2a:84:1c:
94:d3:6a:f0:fc:80:da:66:3a:7e:5d:18:8a:54:a6:76:8a:ba:
b1:8f:3a:e1:46:e1:20:ff:58:04:e0:42:b8:b0:9b:fd:9e:c4:
05:e5:84:4f:95:fc:6c:de:81:b3:f4:80:95:b1:c8:e2:f1:4c:
4e:5b:76:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYstygSiUWx/KlJA7Dn1orRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDE0MTA0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQ1ZGQxMTMzYWE2NDQ1ODVjNDIwYzFmODBjMDE2NmE2ZGIxZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHXZrtNqmqaqYV8gWfBtjVctQcn9
zoiKX2fiWaubwxJcgQ3XsYIm0bPJpaub5XmdtjiWyHWrn96FP/hwV+SXcY81OaQz
dYteetCY4p0DPF1kfTjv0TAfcLiGUDu1q13JHiaBQdByH7WoqgAxkEU2Ed11e0q8
rYOFMO4Wku+wAqMl2Yu0vY308/PXxQwRdG3NO+Jbo85tWObQ1zzcfXJpUa06R3Oh
YcqnSOwSkg3uM9NjG4UYyJMPninVuIu0r0N7wNhJj8DzX6ikMHU6TLixJNyBHnHe
b0VGqFYyNxgHIcODMR4xpl86PaByJUttl8/2qvRRShWbk7ur0knENrLAHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBZF3REzqmRFhcQgwfgMAWam2x77MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRmtYZEVUT3FaRVdGeENEQi1Bd0JacWJiSHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyfMA0G
CSqGSIb3DQEBCwUAA4IBAQCAdMIYYZSW8M4ZUNOf/QyiJkSqu5+8rCDKLeIXap1B
ayI3OYtSMcV+QEQ7W/cQSj/E/GEw276XJT4e4WbWeWDyLwTgbdaPIqRybJP6SDk4
5Fw3qyXbcogwmm7hCHlOkKDXzvDnjctHA79AGO19PnBxLp0uaPvmgzz6OvBdWYWI
tPxxgLFUM8pqi3F7i9BMDlu/E4/P4xnaowwGt3eflMF4bpc6ZUSTHGH0fmPCC4g6
yVgHzsc/SdLlgQcVotcj/InjVLgqhByU02rw/IDaZjp+XRiKVKZ2irqxjzrhRuEg
/1gE4EK4sJv9nsQF5YRPlfxs3oGz9ICVscji8UxOW3bu
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org