Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/iHOkEpV8JIXKdxcuRrw5dFkn_RQ.roa
File: iHOkEpV8JIXKdxcuRrw5dFkn_RQ.roa (raw, json)
Hash identifier: 2zaJOGIYLlASxfzzZqszvU6zOUajw6abc0gZqYgAAZQ=
Subject key identifier: 88:73:A4:12:95:7C:24:85:CA:77:17:2E:46:BC:39:74:59:27:FD:14
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 01880F98C385DACD2CEA2730789AE03F1B18
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/iHOkEpV8JIXKdxcuRrw5dFkn_RQ.roa
Signing time: Fri 12 May 2023 10:54:09 +0000
ROA not before: Fri 12 May 2023 10:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208683
IP address blocks: 45.89.132.0/22 maxlen: 22
2a0b:cf00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0f:98:c3:85:da:cd:2c:ea:27:30:78:9a:e0:3f:1b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: May 12 10:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8873a412957c2485ca77172e46bc39745927fd14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0a:0b:d3:e2:53:35:fd:a6:e2:ab:0c:2e:65:
e1:90:76:03:51:bf:01:a4:ed:ea:14:53:51:0d:a2:
22:b7:3d:8b:b6:89:41:c7:5b:a0:af:45:8f:6a:84:
64:5e:7f:62:08:10:0c:9a:69:95:68:48:31:3c:c2:
69:0d:18:ad:5e:12:fc:24:a1:4d:0c:ec:a6:d2:ed:
07:a6:03:b7:65:f4:4c:ef:25:e1:62:3f:66:e1:6b:
5d:39:34:27:7e:3f:77:8f:94:c3:4c:56:7f:2f:0c:
67:e3:b5:76:96:e8:2f:db:b1:6e:2d:97:3f:db:24:
fa:2a:50:6c:86:d3:4b:c3:c6:c6:55:a6:07:63:b9:
46:1a:27:32:f5:59:94:ed:82:53:30:6c:c3:4d:1e:
f3:21:53:5a:29:85:95:6e:22:26:7a:df:36:35:5c:
c1:24:a9:dc:90:14:fb:25:65:f7:81:e4:40:4e:c7:
c4:65:8a:d2:4d:d3:c3:e9:c5:ef:9a:01:c7:df:8a:
43:9f:e9:ba:a7:3a:41:90:ea:41:79:ac:b4:8e:43:
f8:97:44:d6:df:c6:b2:d0:f6:cb:b7:c0:a3:4b:9e:
1f:0f:66:32:9e:d1:38:dd:ba:d1:95:d6:44:34:af:
91:83:5a:08:8e:31:16:89:70:f7:fe:39:86:79:0a:
5c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:73:A4:12:95:7C:24:85:CA:77:17:2E:46:BC:39:74:59:27:FD:14
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/iHOkEpV8JIXKdxcuRrw5dFkn_RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
IPv6:
2a0b:cf00::/32
Signature Algorithm: sha256WithRSAEncryption
29:c4:86:f4:f7:12:44:45:4f:3a:f5:6b:f7:82:25:9c:18:f6:
e7:d8:e0:fc:a6:06:15:14:5f:ba:01:ca:50:4b:9e:37:c9:22:
76:cb:a2:ce:8a:ad:2d:e3:07:58:c9:d9:5a:f4:36:cf:c0:bf:
72:e9:20:ec:d5:05:cb:78:e8:08:1c:91:b7:06:fd:d7:55:66:
a3:cd:4e:82:a0:b1:c1:73:db:f1:a1:fc:09:cc:38:fe:b4:58:
2f:02:f7:c8:5a:7d:40:ec:1e:77:20:d3:02:cb:01:29:33:c7:
4d:54:6f:40:6c:8a:0f:5f:1f:23:44:85:f5:87:c2:11:81:0a:
d5:df:1c:a0:80:16:4b:cc:d7:ed:89:8e:e8:0e:4b:39:75:34:
fe:2f:6f:ba:8f:ec:90:0e:b5:24:60:a2:59:9e:7b:97:57:91:
53:3f:1f:5a:b8:b5:dd:99:0f:5f:32:a0:85:2b:24:3f:25:e3:
36:fc:9c:2a:4f:64:40:18:e5:61:58:d2:9a:a4:82:8e:e9:58:
1e:bf:8e:3c:26:a3:01:a1:e2:84:5a:ac:0f:9b:34:2d:4c:7a:
be:39:55:45:6e:7c:b9:bb:09:6b:5b:7f:be:26:63:65:7c:15:
28:a4:8f:7f:39:1e:04:f2:fb:c1:9b:64:46:62:a7:87:5d:05:
43:a6:aa:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgPmMOF2s0s6icweJrgPxsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjMwNTEyMTA1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODczYTQxMjk1N2MyNDg1Y2E3NzE3MmU0NmJjMzk3NDU5MjdmZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQoL0+JTNf2m4qsMLmXhkHYDUb8B
pO3qFFNRDaIitz2LtolBx1ugr0WPaoRkXn9iCBAMmmmVaEgxPMJpDRitXhL8JKFN
DOym0u0HpgO3ZfRM7yXhYj9m4WtdOTQnfj93j5TDTFZ/Lwxn47V2lugv27FuLZc/
2yT6KlBshtNLw8bGVaYHY7lGGicy9VmU7YJTMGzDTR7zIVNaKYWVbiImet82NVzB
JKnckBT7JWX3geRATsfEZYrSTdPD6cXvmgHH34pDn+m6pzpBkOpBeay0jkP4l0TW
38ay0PbLt8CjS54fD2YyntE43brRldZENK+Rg1oIjjEWiXD3/jmGeQpc7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIhzpBKVfCSFyncXLka8OXRZJ/0UMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvaUhPa0VwVjhKSVhLZHhjdVJydzVkRmtuX1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVmEMA0E
AgACMAcDBQAqC88AMA0GCSqGSIb3DQEBCwUAA4IBAQApxIb09xJERU869Wv3giWc
GPbn2OD8pgYVFF+6AcpQS543ySJ2y6LOiq0t4wdYydla9DbPwL9y6SDs1QXLeOgI
HJG3Bv3XVWajzU6CoLHBc9vxofwJzDj+tFgvAvfIWn1A7B53INMCywEpM8dNVG9A
bIoPXx8jRIX1h8IRgQrV3xyggBZLzNftiY7oDks5dTT+L2+6j+yQDrUkYKJZnnuX
V5FTPx9auLXdmQ9fMqCFKyQ/JeM2/JwqT2RAGOVhWNKapIKO6Vgev448JqMBoeKE
WqwPmzQtTHq+OVVFbny5uwlrW3++JmNlfBUopI9/OR4E8vvBm2RGYqeHXQVDpqp5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:18 2024 by rpki-client on console-fra.rpki-client.org