Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oq7ofRcIVQA9epbak1BKNyzrf-0.roa
File: oq7ofRcIVQA9epbak1BKNyzrf-0.roa (raw, json)
Hash identifier: 9RV+M+YBnIokvQUGjbJtDGF2s/zeAZ83AuY8OTjZaDM=
Subject key identifier: A2:AE:E8:7D:17:08:55:00:3D:7A:96:DA:93:50:4A:37:2C:EB:7F:ED
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185710307DE3FF9BD4E711D3F0B9ED1C54D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oq7ofRcIVQA9epbak1BKNyzrf-0.roa
Signing time: Mon 02 Jan 2023 05:45:02 +0000
ROA not before: Mon 02 Jan 2023 05:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 45.91.50.0/24 maxlen: 24
45.8.68.0/24 maxlen: 24
45.67.97.0/24 maxlen: 24
45.67.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:07:de:3f:f9:bd:4e:71:1d:3f:0b:9e:d1:c5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2aee87d170855003d7a96da93504a372ceb7fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:93:21:7e:d5:aa:87:31:e1:3d:f6:7f:3b:27:
e9:f5:c1:eb:20:12:09:b8:55:e2:c5:90:05:6d:24:
49:1e:49:fe:ea:c3:87:07:9b:e4:a4:b9:fe:b6:3e:
cc:91:0f:8b:f6:fa:3e:c2:41:17:a7:2b:8d:b4:be:
4b:8e:19:ce:69:2d:d9:e1:ec:25:74:b9:c6:a7:1f:
f8:cd:df:7a:37:84:b4:59:10:e6:dc:8c:c3:4e:4c:
e1:ce:12:36:65:af:e2:b2:d9:d1:f0:af:1a:ef:4d:
bf:9d:ca:4c:7a:0a:fb:4c:30:e1:02:55:f0:9e:5f:
2c:16:ac:fb:b7:dd:db:56:36:2b:ae:db:96:9a:e2:
9c:9b:29:2a:b8:0b:e2:8f:d8:d3:d0:17:b9:a1:b7:
02:36:2b:9d:c0:2b:48:5f:cd:09:de:2e:56:2e:e9:
b8:41:e6:ac:bb:91:a7:5a:e5:d0:0b:d6:02:d2:6c:
6e:a8:f2:2f:06:65:6e:6c:c3:22:2b:44:e1:03:42:
bc:41:d7:4f:5e:c7:03:77:de:1f:b8:16:a7:91:db:
5d:4d:4f:65:2e:02:f1:f9:d5:e7:30:09:9a:52:26:
a1:6d:47:5d:8f:7c:a8:af:d1:8c:13:f2:05:f9:42:
67:14:0d:83:f6:1f:33:7f:8f:a0:7d:90:65:31:64:
47:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AE:E8:7D:17:08:55:00:3D:7A:96:DA:93:50:4A:37:2C:EB:7F:ED
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oq7ofRcIVQA9epbak1BKNyzrf-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.97.0/24
45.67.99.0/24
45.91.50.0/24
Signature Algorithm: sha256WithRSAEncryption
54:fc:c1:74:9c:67:f4:0b:da:89:18:09:3d:e6:6c:e7:cd:a7:
fa:1d:85:fc:99:f7:df:71:16:fb:87:54:f6:e0:b8:3f:65:36:
87:16:89:55:ae:c1:7b:10:dd:65:28:56:bf:59:63:2b:ab:c3:
b0:e6:2f:29:b4:94:b9:a1:53:16:8e:fc:ba:d5:da:1c:fb:34:
41:6d:41:ff:07:23:6b:78:73:81:a8:8f:1c:ff:cd:7c:3e:ed:
3b:7d:d1:25:e2:f4:9c:9f:45:87:b4:41:49:34:98:bb:cc:1d:
f8:4f:db:1f:d8:33:dc:69:c9:e4:9a:c2:a8:f5:57:cf:f0:85:
af:89:1a:9e:60:aa:f3:43:1a:21:85:f8:c8:ed:7a:b2:cf:b6:
7c:e9:5e:0b:ab:f6:4a:14:08:1b:57:14:3c:49:ff:68:9d:d5:
2a:3a:24:69:04:2e:f7:aa:03:f3:f6:2c:4b:04:63:b8:8e:84:
e7:4f:eb:17:c2:8c:91:3e:4b:3e:52:08:5b:06:27:ea:86:b8:
2d:00:e4:58:16:62:86:94:55:9a:ce:52:bf:01:8a:a8:33:f0:
49:3d:5f:46:61:a5:37:0a:39:27:65:8b:fd:6e:51:9b:06:23:
67:79:8e:b1:6f:7d:35:db:5f:f4:79:18:18:d5:1e:78:85:2a:
41:2f:da:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxAwfeP/m9TnEdPwue0cVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFlZTg3ZDE3MDg1NTAwM2Q3YTk2ZGE5MzUwNGEzNzJjZWI3ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZMhftWqhzHhPfZ/Oyfp9cHrIBIJ
uFXixZAFbSRJHkn+6sOHB5vkpLn+tj7MkQ+L9vo+wkEXpyuNtL5LjhnOaS3Z4ewl
dLnGpx/4zd96N4S0WRDm3IzDTkzhzhI2Za/istnR8K8a702/ncpMegr7TDDhAlXw
nl8sFqz7t93bVjYrrtuWmuKcmykquAvij9jT0Be5obcCNiudwCtIX80J3i5WLum4
Qeasu5GnWuXQC9YC0mxuqPIvBmVubMMiK0ThA0K8QddPXscDd94fuBankdtdTU9l
LgLx+dXnMAmaUiahbUddj3yor9GME/IF+UJnFA2D9h8zf4+gfZBlMWRHjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKKu6H0XCFUAPXqW2pNQSjcs63/tMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb3E3b2ZSY0lWUUE5ZXBiYWsxQktOeXpyZi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQhEAwQA
LUNhAwQALUNjAwQALVsyMA0GCSqGSIb3DQEBCwUAA4IBAQBU/MF0nGf0C9qJGAk9
5mznzaf6HYX8mfffcRb7h1T24Lg/ZTaHFolVrsF7EN1lKFa/WWMrq8Ow5i8ptJS5
oVMWjvy61doc+zRBbUH/ByNreHOBqI8c/818Pu07fdEl4vScn0WHtEFJNJi7zB34
T9sf2DPcacnkmsKo9VfP8IWviRqeYKrzQxohhfjI7Xqyz7Z86V4Lq/ZKFAgbVxQ8
Sf9ondUqOiRpBC73qgPz9ixLBGO4joTnT+sXwoyRPks+UghbBifqhrgtAORYFmKG
lFWazlK/AYqoM/BJPV9GYaU3CjknZYv9blGbBiNneY6xb30121/0eRgY1R54hSpB
L9pA
-----END CERTIFICATE-----
Generated at Tue Sep 26 08:12:37 2023 by rpki-client on console-ams.rpki-client.org