Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/AL4OKrSOtKqCBmfj9k0QWQycRuQ.roa
File: AL4OKrSOtKqCBmfj9k0QWQycRuQ.roa (raw, json)
Hash identifier: pt24Ii+5aWoQL1ivIWJOTjnhjUBRBjmgNnGL2lzvfgA=
Subject key identifier: 00:BE:0E:2A:B4:8E:B4:AA:82:06:67:E3:F6:4D:10:59:0C:9C:46:E4
Certificate issuer: /CN=049d4f66598668079353721c21935a00319f6759
Certificate serial: 01856CF866089AB64E5BC22C22F3DCC2F653
Authority key identifier: 04:9D:4F:66:59:86:68:07:93:53:72:1C:21:93:5A:00:31:9F:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/AL4OKrSOtKqCBmfj9k0QWQycRuQ.roa
Signing time: Sun 01 Jan 2023 10:54:56 +0000
ROA not before: Sun 01 Jan 2023 10:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50518
IP address blocks: 45.94.248.0/22 maxlen: 24
2a11:7400::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:66:08:9a:b6:4e:5b:c2:2c:22:f3:dc:c2:f6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=049d4f66598668079353721c21935a00319f6759
Validity
Not Before: Jan 1 10:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00be0e2ab48eb4aa820667e3f64d10590c9c46e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d3:7e:0a:35:8a:52:12:1b:be:fc:34:42:81:
ad:fc:84:65:8e:9e:13:ce:7d:52:aa:c9:0a:17:f2:
7b:f1:91:eb:70:21:74:b5:5b:d8:50:58:19:e5:0f:
4c:b4:c4:f2:f6:be:e6:de:62:e8:1f:a2:e0:0b:93:
3f:c9:d3:9a:d4:34:87:75:3f:d1:66:85:1b:de:d3:
d6:f2:0c:e9:1f:b9:7a:68:13:df:6d:c0:c7:df:f9:
ec:d0:0e:95:99:11:31:2a:2c:77:2b:a8:6c:4a:ae:
c5:53:6d:71:5a:66:ae:cb:bb:47:98:ed:e1:0f:45:
17:9c:69:7a:66:3e:b1:e1:9c:1b:9b:23:90:af:90:
8b:c2:f1:ab:75:cb:d1:ba:c2:d4:71:a0:dc:48:11:
c6:14:a0:1a:5a:09:52:6b:2e:d5:a1:91:9d:64:00:
82:61:da:d8:9c:91:65:f8:06:81:d0:30:43:8d:fc:
25:20:84:08:ae:2f:0b:61:21:8c:69:40:0e:8a:25:
43:bd:76:3d:71:90:c4:4a:f3:de:7c:fc:ae:9e:0e:
ef:54:ee:77:43:a8:44:fa:0a:9e:da:7a:d3:65:cf:
79:5c:aa:90:c7:52:26:e8:32:fa:3c:91:59:02:51:
25:06:98:70:44:d4:24:27:a1:0a:70:26:bb:8c:4b:
49:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BE:0E:2A:B4:8E:B4:AA:82:06:67:E3:F6:4D:10:59:0C:9C:46:E4
X509v3 Authority Key Identifier:
keyid:04:9D:4F:66:59:86:68:07:93:53:72:1C:21:93:5A:00:31:9F:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/AL4OKrSOtKqCBmfj9k0QWQycRuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/f23fb6-3229-4e8b-936a-9279547eca55/1/BJ1PZlmGaAeTU3IcIZNaADGfZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.248.0/22
IPv6:
2a11:7400::/29
Signature Algorithm: sha256WithRSAEncryption
57:a7:36:d4:5c:d2:1f:b2:cc:70:e3:67:b6:01:95:91:96:d0:
99:f5:58:5d:0f:cf:4d:88:ef:0c:6c:46:70:39:d0:6b:c9:51:
3d:cd:56:34:c5:4c:33:85:57:d5:55:82:79:15:5b:89:e3:78:
68:b2:75:ce:6a:96:65:94:5c:9d:52:b3:91:64:8a:cb:bb:8d:
bc:3c:65:6e:7f:d8:ee:c5:b3:40:f6:ca:fd:22:f8:fb:15:2b:
96:e4:7b:5e:5b:32:d3:84:9f:95:bc:2c:cd:0f:ab:d0:10:7c:
56:10:20:0a:93:08:04:a1:35:8c:46:03:8f:9d:a1:4b:06:c0:
7d:9f:59:14:cb:b8:14:95:09:ac:0d:4c:47:08:5e:26:3f:14:
b5:ed:53:b2:4b:3f:6c:d3:cf:cd:89:71:1a:3b:d8:aa:47:58:
1e:ac:82:47:77:00:d8:98:39:1c:b9:1e:ac:13:f6:55:61:54:
a1:b0:cc:3b:2b:a9:e6:e2:6f:ad:d6:87:18:a0:82:18:70:f8:
d7:4c:34:32:52:fd:7e:81:84:4b:e0:29:3d:71:65:ff:7e:eb:
d8:9a:7e:5a:b3:84:2f:62:76:ac:c9:e8:5c:9e:ae:df:88:e6:
79:07:72:77:1e:88:ba:ed:e6:41:07:87:e6:9d:fe:3f:4c:71:
9e:84:ea:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+GYImrZOW8IsIvPcwvZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OWQ0ZjY2NTk4NjY4MDc5MzUzNzIxYzIxOTM1YTAwMzE5
ZjY3NTkwHhcNMjMwMTAxMTA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJlMGUyYWI0OGViNGFhODIwNjY3ZTNmNjRkMTA1OTBjOWM0NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9N+CjWKUhIbvvw0QoGt/IRljp4T
zn1SqskKF/J78ZHrcCF0tVvYUFgZ5Q9MtMTy9r7m3mLoH6LgC5M/ydOa1DSHdT/R
ZoUb3tPW8gzpH7l6aBPfbcDH3/ns0A6VmRExKix3K6hsSq7FU21xWmauy7tHmO3h
D0UXnGl6Zj6x4ZwbmyOQr5CLwvGrdcvRusLUcaDcSBHGFKAaWglSay7VoZGdZACC
YdrYnJFl+AaB0DBDjfwlIIQIri8LYSGMaUAOiiVDvXY9cZDESvPefPyung7vVO53
Q6hE+gqe2nrTZc95XKqQx1Im6DL6PJFZAlElBphwRNQkJ6EKcCa7jEtJBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAC+Diq0jrSqggZn4/ZNEFkMnEbkMB8GA1UdIwQY
MBaAFASdT2ZZhmgHk1NyHCGTWgAxn2dZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkoxUFpsbUdhQWVUVTNJY0laTmFBREdmWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mMjNmYjYtMzIyOS00ZThiLTkzNmEt
OTI3OTU0N2VjYTU1LzEvQUw0T0tyU090S3FDQm1majlrMFFXUXljUnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mMjNmYjYtMzIyOS00ZThiLTkzNmEtOTI3OTU0N2VjYTU1
LzEvQkoxUFpsbUdhQWVUVTNJY0laTmFBREdmWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLV74MA0E
AgACMAcDBQMqEXQAMA0GCSqGSIb3DQEBCwUAA4IBAQBXpzbUXNIfssxw42e2AZWR
ltCZ9VhdD89NiO8MbEZwOdBryVE9zVY0xUwzhVfVVYJ5FVuJ43hosnXOapZllFyd
UrORZIrLu428PGVuf9juxbNA9sr9Ivj7FSuW5HteWzLThJ+VvCzND6vQEHxWECAK
kwgEoTWMRgOPnaFLBsB9n1kUy7gUlQmsDUxHCF4mPxS17VOySz9s08/NiXEaO9iq
R1gerIJHdwDYmDkcuR6sE/ZVYVShsMw7K6nm4m+t1ocYoIIYcPjXTDQyUv1+gYRL
4Ck9cWX/fuvYmn5as4QvYnasyehcnq7fiOZ5B3J3Hoi67eZBB4fmnf4/THGehOoC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:38 2024 by rpki-client on console-fra.rpki-client.org