Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kVbvDzQud4LC43FCqLv8wp-TYwg.roa
File: kVbvDzQud4LC43FCqLv8wp-TYwg.roa (raw, json)
Hash identifier: kRLXgJsgDWS2btoma+KzS5yYhl8822S6hWCUfLmiIqo=
Subject key identifier: 91:56:EF:0F:34:2E:77:82:C2:E3:71:42:A8:BB:FC:C2:9F:93:63:08
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185710C411A42E74ADDABF1AAE6591900D6
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kVbvDzQud4LC43FCqLv8wp-TYwg.roa
Signing time: Mon 02 Jan 2023 05:55:06 +0000
ROA not before: Mon 02 Jan 2023 05:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210720
IP address blocks: 45.8.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:41:1a:42:e7:4a:dd:ab:f1:aa:e6:59:19:00:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 05:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9156ef0f342e7782c2e37142a8bbfcc29f936308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:38:01:b3:63:55:1c:43:6b:19:78:2c:3c:9a:
37:87:e0:7b:0a:73:f1:00:2c:0a:e4:07:7c:77:bd:
c7:62:4c:24:c9:b0:9d:d9:48:fe:4c:d2:02:9a:e6:
ba:2a:e6:d7:6c:28:7a:f5:66:c2:39:c1:c7:6d:7f:
66:9d:3d:e1:76:22:86:83:9b:e5:bd:39:75:14:e1:
67:61:8f:cd:5b:fd:0d:0d:34:17:9f:6c:56:bc:e9:
fb:97:4d:8b:9a:0e:f6:6a:69:68:0c:a2:01:6c:ef:
0c:78:b2:9e:c4:fb:b7:e8:34:e2:1a:6d:07:dc:ea:
7e:b8:5d:8b:6d:98:c6:63:3b:ac:14:b3:36:6e:ab:
74:80:56:b5:a7:d1:3c:d9:ef:98:e0:e6:11:a3:7d:
0d:e1:bc:24:5c:6c:dd:7c:0b:16:fa:88:e8:6f:d4:
a1:4d:46:a3:11:8d:14:aa:2b:e5:93:15:75:05:0c:
74:29:4b:9d:ca:5e:33:cd:75:02:89:0e:37:e0:c5:
bb:97:fe:04:62:3b:3b:76:de:6c:c2:45:5f:5c:35:
26:d5:52:13:0c:f5:b8:80:64:c7:9b:1a:01:1d:0a:
53:54:6a:6d:5f:92:d8:2d:a2:5e:a1:86:c7:24:5b:
96:d9:ff:bf:c8:e1:18:cc:45:89:12:3b:c5:4b:11:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:56:EF:0F:34:2E:77:82:C2:E3:71:42:A8:BB:FC:C2:9F:93:63:08
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/kVbvDzQud4LC43FCqLv8wp-TYwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:41:22:3a:9e:c8:84:ec:93:c1:b4:d9:10:8f:8c:c8:08:81:
de:82:ae:7f:46:f0:13:67:9c:76:e6:cc:e9:cb:c6:cf:ff:f2:
19:eb:58:fc:0d:e8:5b:e8:2a:da:fb:69:57:5c:da:c6:c4:c8:
ef:b5:fd:ff:4f:68:68:d1:41:b9:19:91:34:6a:63:d0:29:a7:
01:48:34:45:92:a9:b3:2f:e3:0f:1e:58:92:54:06:65:d0:b6:
1a:01:60:fe:ca:fb:49:b4:0a:42:ae:f3:41:b6:dc:b7:af:72:
bc:ea:57:fe:0f:67:c4:20:b7:f2:a8:3e:fe:f3:e3:78:51:f1:
56:d8:35:0d:72:fd:b3:7d:af:74:6c:6e:4a:22:cc:3b:c9:a1:
f4:11:67:40:0d:ac:21:f6:95:08:66:83:9e:12:ad:72:13:b2:
47:61:5a:a5:dc:b5:be:16:2d:64:5a:a5:b0:a2:73:3d:9d:6f:
e1:cb:1e:81:37:f3:2a:66:28:1d:07:66:fc:f8:a0:60:ed:41:
3c:52:1a:bb:d9:25:8f:82:04:96:b3:c9:93:23:bd:ca:4c:1f:
c4:33:52:a6:ae:6f:3d:43:7b:b1:44:7b:8b:11:32:7e:f8:c5:
2a:8c:0a:cd:23:af:df:08:28:65:af:4e:9e:4b:34:06:8a:45:
29:1b:93:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDEEaQudK3avxquZZGQDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTU2ZWYwZjM0MmU3NzgyYzJlMzcxNDJhOGJiZmNjMjlmOTM2MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzgBs2NVHENrGXgsPJo3h+B7CnPx
ACwK5Ad8d73HYkwkybCd2Uj+TNICmua6KubXbCh69WbCOcHHbX9mnT3hdiKGg5vl
vTl1FOFnYY/NW/0NDTQXn2xWvOn7l02Lmg72amloDKIBbO8MeLKexPu36DTiGm0H
3Op+uF2LbZjGYzusFLM2bqt0gFa1p9E82e+Y4OYRo30N4bwkXGzdfAsW+ojob9Sh
TUajEY0UqivlkxV1BQx0KUudyl4zzXUCiQ434MW7l/4EYjs7dt5swkVfXDUm1VIT
DPW4gGTHmxoBHQpTVGptX5LYLaJeoYbHJFuW2f+/yOEYzEWJEjvFSxHTQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFW7w80LneCwuNxQqi7/MKfk2MIMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEva1ZidkR6UXVkNExDNDNGQ3FMdjh3cC1UWXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQjRMA0G
CSqGSIb3DQEBCwUAA4IBAQCiQSI6nsiE7JPBtNkQj4zICIHegq5/RvATZ5x25szp
y8bP//IZ61j8Dehb6Cra+2lXXNrGxMjvtf3/T2ho0UG5GZE0amPQKacBSDRFkqmz
L+MPHliSVAZl0LYaAWD+yvtJtApCrvNBtty3r3K86lf+D2fEILfyqD7+8+N4UfFW
2DUNcv2zfa90bG5KIsw7yaH0EWdADawh9pUIZoOeEq1yE7JHYVql3LW+Fi1kWqWw
onM9nW/hyx6BN/MqZigdB2b8+KBg7UE8Uhq72SWPggSWs8mTI73KTB/EM1Kmrm89
Q3uxRHuLETJ++MUqjArNI6/fCChlr06eSzQGikUpG5O6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org