Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VO7oTEG4alpBhU9vy_YWqPuuHSg.roa
File: VO7oTEG4alpBhU9vy_YWqPuuHSg.roa (raw, json)
Hash identifier: qIvTd+JKIebRkcm+KwBb/9T74+3fG1OMsDvharxvAw4=
Subject key identifier: 54:EE:E8:4C:41:B8:6A:5A:41:85:4F:6F:CB:F6:16:A8:FB:AE:1D:28
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018571031555671810F36EBA292419460E18
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VO7oTEG4alpBhU9vy_YWqPuuHSg.roa
Signing time: Mon 02 Jan 2023 05:45:05 +0000
ROA not before: Mon 02 Jan 2023 05:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203320
IP address blocks: 45.133.1.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:15:55:67:18:10:f3:6e:ba:29:24:19:46:0e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54eee84c41b86a5a41854f6fcbf616a8fbae1d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:c4:21:73:98:2f:f1:a3:98:9b:00:b7:20:
a9:0e:fd:30:e3:a9:fb:f5:d4:a0:21:36:8d:ba:ba:
f2:97:5d:f3:6d:f5:58:c2:02:45:e8:d5:08:32:9e:
4e:17:42:ce:49:70:43:a5:78:ab:8a:ad:76:2b:b9:
f7:44:f6:92:e3:fe:b8:76:e6:b6:cc:36:a5:6b:93:
73:42:8f:9b:58:bb:fa:c4:f3:a6:d5:3a:70:27:bd:
14:d3:53:e8:20:f3:e2:19:8d:91:ee:9d:fa:b9:6f:
eb:23:dc:c2:a0:86:9d:ee:82:77:12:b2:e8:72:88:
fb:c1:30:d9:1a:ab:02:e0:86:2e:36:8e:78:71:71:
c6:59:4d:53:d3:c8:01:f3:85:80:12:f3:1e:55:2d:
ae:04:51:4c:fb:dd:c9:e5:53:8a:e0:f9:7a:c4:b2:
95:a2:af:97:b4:ff:9a:02:f3:9e:ff:ab:7c:68:c0:
49:62:c1:f8:10:c0:fb:5c:bf:4d:0a:64:79:44:23:
c5:42:c9:de:6d:08:13:73:8d:22:2a:86:4e:61:88:
cc:c4:e5:91:5d:82:be:bd:dc:c3:85:0a:f7:d3:e5:
9f:0a:04:67:4d:32:cb:be:5b:e1:8e:11:48:3d:74:
65:cd:7a:0d:74:fc:6f:4b:be:8e:c7:68:b0:d3:1b:
ce:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:EE:E8:4C:41:B8:6A:5A:41:85:4F:6F:CB:F6:16:A8:FB:AE:1D:28
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VO7oTEG4alpBhU9vy_YWqPuuHSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.1.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8a:e8:c2:45:ba:50:cd:70:d4:1b:8b:a0:59:68:0e:d6:73:
ae:aa:04:89:45:0a:da:92:7c:59:67:29:d8:10:5b:8a:1c:5f:
98:2e:44:cf:82:dc:e8:50:ae:5b:4e:af:ce:60:ea:cd:f9:25:
f2:e8:41:e0:63:4c:5e:6d:77:62:c9:c1:d0:31:36:84:76:9b:
04:6f:d1:1e:f9:89:8b:3a:77:89:aa:a5:53:a5:13:9e:42:19:
09:4e:85:11:38:07:c1:5c:cc:47:68:8f:da:7c:82:0e:1f:07:
4d:20:da:c5:9b:be:8b:dc:4e:ca:08:ef:6e:25:09:be:97:7c:
d0:2a:e5:43:ff:f6:38:af:9b:b1:bf:36:60:27:8c:33:c4:97:
ce:64:42:cd:30:02:ff:14:d6:6b:89:d9:6c:09:f8:a7:d9:f1:
13:45:49:77:1e:10:c8:ee:a4:2e:33:4e:0d:52:f3:48:67:a3:
20:0d:d4:38:aa:18:16:45:c6:49:a8:18:63:df:bc:60:bb:df:
2b:32:04:0e:17:48:95:17:fa:ea:12:70:cf:08:e4:ce:74:67:
7b:4b:43:68:db:dd:8d:1d:a6:36:58:1a:d0:b3:cd:1a:05:3d:
77:01:ce:b2:e0:84:b6:47:e8:09:af:3f:2e:6d:eb:4b:ec:59:
de:47:e2:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAxVVZxgQ8266KSQZRg4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGVlZTg0YzQxYjg2YTVhNDE4NTRmNmZjYmY2MTZhOGZiYWUxZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgHEIXOYL/GjmJsAtyCpDv0w46n7
9dSgITaNurryl13zbfVYwgJF6NUIMp5OF0LOSXBDpXiriq12K7n3RPaS4/64dua2
zDala5NzQo+bWLv6xPOm1TpwJ70U01PoIPPiGY2R7p36uW/rI9zCoIad7oJ3ErLo
coj7wTDZGqsC4IYuNo54cXHGWU1T08gB84WAEvMeVS2uBFFM+93J5VOK4Pl6xLKV
oq+XtP+aAvOe/6t8aMBJYsH4EMD7XL9NCmR5RCPFQsnebQgTc40iKoZOYYjMxOWR
XYK+vdzDhQr30+WfCgRnTTLLvlvhjhFIPXRlzXoNdPxvS76Ox2iw0xvOZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTu6ExBuGpaQYVPb8v2Fqj7rh0oMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVk83b1RFRzRhbHBCaFU5dnlfWVdxUHV1SFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYUBMA0G
CSqGSIb3DQEBCwUAA4IBAQBHiujCRbpQzXDUG4ugWWgO1nOuqgSJRQraknxZZynY
EFuKHF+YLkTPgtzoUK5bTq/OYOrN+SXy6EHgY0xebXdiycHQMTaEdpsEb9Ee+YmL
OneJqqVTpROeQhkJToUROAfBXMxHaI/afIIOHwdNINrFm76L3E7KCO9uJQm+l3zQ
KuVD//Y4r5uxvzZgJ4wzxJfOZELNMAL/FNZridlsCfin2fETRUl3HhDI7qQuM04N
UvNIZ6MgDdQ4qhgWRcZJqBhj37xgu98rMgQOF0iVF/rqEnDPCOTOdGd7S0No292N
HaY2WBrQs80aBT13Ac6y4IS2R+gJrz8ubetL7FneR+KX
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:18 2024 by rpki-client on console-ams.rpki-client.org