Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hFDf2_8RakTzckSD3CJo-cKcqgk.roa
File: hFDf2_8RakTzckSD3CJo-cKcqgk.roa (raw, json)
Hash identifier: 72aURnw0WdxoKdsR3hQFK+TKtmx2JYoV+zs8uYcwjPc=
Subject key identifier: 84:50:DF:DB:FF:11:6A:44:F3:72:44:83:DC:22:68:F9:C2:9C:AA:09
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185E76636811115E7455FC41A5CC8721945
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hFDf2_8RakTzckSD3CJo-cKcqgk.roa
Signing time: Wed 25 Jan 2023 05:28:33 +0000
ROA not before: Wed 25 Jan 2023 05:28:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399498
IP address blocks: 45.85.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e7:66:36:81:11:15:e7:45:5f:c4:1a:5c:c8:72:19:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 25 05:28:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8450dfdbff116a44f3724483dc2268f9c29caa09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:34:28:4c:de:42:73:f5:7d:97:68:b2:5d:47:
45:59:c2:fd:34:5e:ad:2b:a1:53:f3:23:67:ca:c3:
bf:e0:c6:aa:b0:8e:53:15:8e:0b:4e:ef:5a:b9:0f:
f8:28:23:1b:fe:05:37:bd:4f:06:44:65:5f:58:17:
90:d1:eb:1e:f3:50:40:e0:96:d6:98:89:da:5b:cb:
4f:81:a8:c1:4a:f2:6b:fc:d6:58:e9:7c:14:42:2a:
5d:e9:17:58:0c:cb:86:48:56:e1:02:b0:d5:9e:d7:
c3:c2:9b:f2:94:db:96:56:9c:b9:6e:4c:98:f9:54:
20:4c:61:2a:df:12:fe:fd:76:4d:77:86:1f:17:68:
51:9a:eb:4d:4d:5b:89:0f:68:73:59:8c:26:db:f4:
88:88:c8:38:f3:ba:45:8c:32:6d:49:6e:ce:e0:86:
ea:96:61:30:1e:f9:52:2e:62:f7:1b:78:22:44:0e:
21:86:5f:39:b9:6b:81:03:11:6a:d5:0b:08:6e:7b:
42:6e:4f:09:fb:ae:95:13:3b:a7:18:c9:28:f4:9d:
95:af:36:fc:0f:d9:b1:c1:10:ca:ce:72:3f:b8:2d:
7c:ef:60:0b:50:15:f5:06:2f:85:4e:76:74:8e:56:
7d:d5:97:7d:4e:c0:c6:41:f1:03:d4:a5:26:c0:a5:
d9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:50:DF:DB:FF:11:6A:44:F3:72:44:83:DC:22:68:F9:C2:9C:AA:09
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hFDf2_8RakTzckSD3CJo-cKcqgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.105.0/24
Signature Algorithm: sha256WithRSAEncryption
45:d3:9f:67:54:0a:59:92:b2:be:69:7a:3f:d0:05:39:28:d6:
94:92:7b:65:70:9d:22:c1:09:f7:2b:85:40:a9:6a:23:ed:48:
fa:9d:31:04:3b:15:9b:8f:fa:94:37:a1:15:cf:28:7f:f9:82:
bb:24:37:8a:d4:aa:09:a0:9c:a4:bd:ec:75:c8:ca:c8:d7:97:
1f:4a:1e:ca:5c:9a:15:3e:1a:9e:f1:23:57:e9:ec:ee:8f:f8:
ea:6b:d7:68:e8:26:95:17:60:34:57:cc:43:60:89:ca:ce:c3:
5d:ac:6c:da:e4:47:7c:f6:6a:2b:f1:d6:b5:26:32:69:8a:6a:
c1:3a:66:44:41:41:99:b8:40:1a:60:55:3e:a0:18:bf:9a:6e:
52:d3:ef:8b:ef:69:90:70:b0:e6:28:9a:60:88:a9:5a:c8:b6:
b6:09:0f:16:e4:35:19:4b:cf:71:95:1e:7f:5d:de:00:1f:5a:
4f:1c:ea:50:33:f9:a2:50:b1:d1:ea:6a:74:42:40:51:f8:a3:
e8:17:0c:b5:4d:ad:96:8b:6a:a0:80:b8:29:6c:27:95:8f:f2:
24:7a:2b:d2:1b:6d:12:ae:9b:9c:f2:a5:dd:8d:3c:79:80:3a:
17:c0:8f:f8:2f:49:3f:8a:dc:97:98:22:ed:5d:76:77:2a:3b:
9f:99:e8:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXnZjaBERXnRV/EGlzIchlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI1MDUyODMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUwZGZkYmZmMTE2YTQ0ZjM3MjQ0ODNkYzIyNjhmOWMyOWNhYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzQoTN5Cc/V9l2iyXUdFWcL9NF6t
K6FT8yNnysO/4MaqsI5TFY4LTu9auQ/4KCMb/gU3vU8GRGVfWBeQ0ese81BA4JbW
mInaW8tPgajBSvJr/NZY6XwUQipd6RdYDMuGSFbhArDVntfDwpvylNuWVpy5bkyY
+VQgTGEq3xL+/XZNd4YfF2hRmutNTVuJD2hzWYwm2/SIiMg487pFjDJtSW7O4Ibq
lmEwHvlSLmL3G3giRA4hhl85uWuBAxFq1QsIbntCbk8J+66VEzunGMko9J2Vrzb8
D9mxwRDKznI/uC1872ALUBX1Bi+FTnZ0jlZ91Zd9TsDGQfED1KUmwKXZsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRQ39v/EWpE83JEg9wiaPnCnKoJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaEZEZjJfOFJha1R6Y2tTRDNDSm8tY0tjcWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVpMA0G
CSqGSIb3DQEBCwUAA4IBAQBF059nVApZkrK+aXo/0AU5KNaUkntlcJ0iwQn3K4VA
qWoj7Uj6nTEEOxWbj/qUN6EVzyh/+YK7JDeK1KoJoJykvex1yMrI15cfSh7KXJoV
Phqe8SNX6ezuj/jqa9do6CaVF2A0V8xDYInKzsNdrGza5Ed89mor8da1JjJpimrB
OmZEQUGZuEAaYFU+oBi/mm5S0++L72mQcLDmKJpgiKlayLa2CQ8W5DUZS89xlR5/
Xd4AH1pPHOpQM/miULHR6mp0QkBR+KPoFwy1Ta2Wi2qggLgpbCeVj/IkeivSG20S
rpuc8qXdjTx5gDoXwI/4L0k/ityXmCLtXXZ3Kjufmej1
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:28 2024 by rpki-client on console-fra.rpki-client.org