Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/I0eMDvGi7mTKc9YILrGSCBm7Kt4.roa
File: I0eMDvGi7mTKc9YILrGSCBm7Kt4.roa (raw, json)
Hash identifier: L7RKwENTaJ2U9so4UA5Hf3iuVtOrPLtR8TCqJ6WL3nw=
Subject key identifier: 23:47:8C:0E:F1:A2:EE:64:CA:73:D6:08:2E:B1:92:08:19:BB:2A:DE
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C2AF09313AFD3ED8F1513B55D7C8F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/I0eMDvGi7mTKc9YILrGSCBm7Kt4.roa
Signing time: Mon 02 Jan 2023 05:55:00 +0000
ROA not before: Mon 02 Jan 2023 05:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 45.67.140.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2a:f0:93:13:af:d3:ed:8f:15:13:b5:5d:7c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23478c0ef1a2ee64ca73d6082eb1920819bb2ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:93:3a:4d:cf:a3:e9:73:7f:ab:29:ad:c1:4b:
36:f2:0f:9f:0f:06:b7:af:a6:28:20:4a:8f:74:0e:
e2:8a:e2:da:ed:85:ca:cd:67:6e:d8:ea:fc:44:f8:
57:71:10:93:b9:06:d3:fe:ca:2a:4c:5c:31:a3:b9:
96:de:26:ca:c8:64:5d:59:b4:b5:11:cd:8c:8e:b7:
b8:71:fe:fc:89:5c:1a:ad:12:6b:65:56:43:e4:13:
93:0f:17:60:a3:3f:a3:59:99:a0:09:da:a8:aa:f1:
ec:3d:56:19:33:26:56:c1:96:7c:79:d2:86:cd:82:
d1:d3:f5:73:1f:16:44:ed:97:aa:0c:bf:5e:f5:37:
1e:3c:33:79:1a:66:7a:8d:24:08:e2:1a:ed:83:83:
ba:68:4d:bd:49:a9:16:90:30:2b:83:6e:1c:91:63:
6b:66:58:df:77:63:47:08:11:ae:2f:9c:af:50:cc:
cf:9e:da:c0:ca:3b:d0:91:7c:ab:5f:5a:5f:be:6a:
63:1e:22:a1:73:87:d2:cd:1d:fc:86:6e:49:de:bd:
c5:9a:ce:b7:a7:d7:f0:43:65:20:b8:de:a2:96:8a:
89:2b:66:a0:43:e5:63:1b:a5:2b:38:16:7e:bd:b4:
39:0d:05:61:e7:c1:83:49:9a:de:3a:e7:3f:2a:14:
39:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:47:8C:0E:F1:A2:EE:64:CA:73:D6:08:2E:B1:92:08:19:BB:2A:DE
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/I0eMDvGi7mTKc9YILrGSCBm7Kt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.140.0/24
Signature Algorithm: sha256WithRSAEncryption
88:94:7c:95:51:ef:d7:79:b7:d4:50:ac:48:06:82:a3:12:a9:
86:ff:b3:e2:bf:5f:aa:cc:b6:07:1b:1b:20:54:ef:3b:9c:ca:
40:ee:9b:71:bb:ae:2d:b2:d7:29:61:18:2a:18:a5:fe:9b:17:
9b:bd:f5:6b:f3:6e:38:b3:8c:44:32:5b:27:d3:36:89:db:0e:
29:d5:c1:b1:fa:8d:76:0d:9f:18:e8:57:74:89:c4:99:23:4a:
a9:d1:9f:28:27:14:e0:22:b2:98:b0:24:ed:56:97:b6:6a:ac:
d7:1f:54:72:29:d7:a1:e2:12:1a:63:3b:fa:66:23:3f:e2:e2:
b0:41:29:3c:2d:09:3e:3a:0e:9f:bb:e8:11:b3:2c:1a:69:ea:
63:3c:aa:a3:c8:3f:89:e8:92:c9:e8:99:de:4d:7e:28:c6:49:
6a:18:4c:69:a6:80:27:97:a7:1f:c1:f2:c3:4e:a1:28:60:8e:
bf:da:1e:de:ab:e3:c3:fa:bf:cc:13:17:77:2e:8b:3a:2b:0a:
2c:84:51:b7:9b:7b:c8:9e:51:16:c6:29:a4:2f:8b:3c:fb:c9:
57:85:00:a2:1b:1a:27:58:c7:d2:5f:6b:e0:d6:f2:36:35:85:
f2:39:b9:02:d2:6f:f0:be:f8:53:af:b0:93:78:0e:77:6e:f5:
29:ce:1f:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDCrwkxOv0+2PFRO1XXyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQ3OGMwZWYxYTJlZTY0Y2E3M2Q2MDgyZWIxOTIwODE5YmIyYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJM6Tc+j6XN/qymtwUs28g+fDwa3
r6YoIEqPdA7iiuLa7YXKzWdu2Or8RPhXcRCTuQbT/soqTFwxo7mW3ibKyGRdWbS1
Ec2Mjre4cf78iVwarRJrZVZD5BOTDxdgoz+jWZmgCdqoqvHsPVYZMyZWwZZ8edKG
zYLR0/VzHxZE7ZeqDL9e9TcePDN5GmZ6jSQI4hrtg4O6aE29SakWkDArg24ckWNr
Zljfd2NHCBGuL5yvUMzPntrAyjvQkXyrX1pfvmpjHiKhc4fSzR38hm5J3r3Fms63
p9fwQ2UguN6iloqJK2agQ+VjG6UrOBZ+vbQ5DQVh58GDSZreOuc/KhQ57QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNHjA7xou5kynPWCC6xkggZuyreMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSTBlTUR2R2k3bVRLYzlZSUxyR1NDQm03S3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUOMMA0G
CSqGSIb3DQEBCwUAA4IBAQCIlHyVUe/XebfUUKxIBoKjEqmG/7Piv1+qzLYHGxsg
VO87nMpA7ptxu64tstcpYRgqGKX+mxebvfVr8244s4xEMlsn0zaJ2w4p1cGx+o12
DZ8Y6Fd0icSZI0qp0Z8oJxTgIrKYsCTtVpe2aqzXH1RyKdeh4hIaYzv6ZiM/4uKw
QSk8LQk+Og6fu+gRsywaaepjPKqjyD+J6JLJ6JneTX4oxklqGExppoAnl6cfwfLD
TqEoYI6/2h7eq+PD+r/MExd3Los6KwoshFG3m3vInlEWximkL4s8+8lXhQCiGxon
WMfSX2vg1vI2NYXyObkC0m/wvvhTr7CTeA53bvUpzh/V
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:40 2024 by rpki-client on console-fra.rpki-client.org