Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lVyP1qNE3HAo5WKSiOCbikExgpA.roa
File: lVyP1qNE3HAo5WKSiOCbikExgpA.roa (raw, json)
Hash identifier: dwEmQ40q0VMpb1+MBsMtHXY4hDWkFZtle7p2Rl9jAsw=
Subject key identifier: 95:5C:8F:D6:A3:44:DC:70:28:E5:62:92:88:E0:9B:8A:41:31:82:90
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBD220778092C65C0CBCCE25D7248B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lVyP1qNE3HAo5WKSiOCbikExgpA.roa
Signing time: Mon 02 Jan 2023 05:37:09 +0000
ROA not before: Mon 02 Jan 2023 05:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213392
IP address blocks: 45.86.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d2:20:77:80:92:c6:5c:0c:bc:ce:25:d7:24:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=955c8fd6a344dc7028e5629288e09b8a41318290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f5:af:c7:20:18:67:82:ce:8f:cc:88:32:f3:
93:85:4b:af:a2:ce:2b:09:c1:66:f5:3e:94:8b:c3:
49:3e:ac:59:df:33:e7:6b:28:b7:7a:79:90:d1:ab:
ea:32:02:cf:91:e8:ec:3c:35:ee:9a:24:44:d3:0e:
37:d4:5e:d1:fa:fa:66:ea:c3:67:f4:e0:b7:f2:c7:
06:e3:d5:96:0a:f1:7a:9e:0c:5b:fe:3e:ca:19:92:
a3:96:a2:f6:10:3a:5f:46:29:f9:3d:76:19:17:23:
ef:37:0f:a2:a0:bd:76:85:3b:70:be:13:eb:b9:80:
5e:a1:38:80:fa:c2:e6:f0:09:56:08:91:7e:a3:50:
c5:d5:8a:ae:5b:e9:d6:eb:50:18:39:42:8b:db:5b:
f3:f4:b4:a0:a7:8e:00:db:8c:08:31:a2:67:ad:c0:
11:61:e2:05:9b:ff:bb:ef:ea:03:16:b0:2d:7c:7a:
06:78:36:a2:1d:4e:8b:a1:db:a2:ab:47:22:2b:62:
10:9c:e1:a6:58:6e:20:cf:8e:fb:49:2c:86:a4:59:
84:bf:9b:d1:df:9d:50:f3:43:8f:7d:8e:b9:76:55:
d9:c5:1e:f2:fa:69:34:16:e5:10:68:fb:2a:29:e7:
6e:6e:c6:1c:44:d0:22:f0:4a:e3:68:5e:42:06:23:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5C:8F:D6:A3:44:DC:70:28:E5:62:92:88:E0:9B:8A:41:31:82:90
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/lVyP1qNE3HAo5WKSiOCbikExgpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.126.0/24
Signature Algorithm: sha256WithRSAEncryption
53:9b:a5:eb:c1:2d:cb:c1:61:2f:b4:5e:72:ab:53:46:d4:71:
e2:66:6c:cd:0f:cf:c3:8d:67:24:fa:10:f6:7f:f3:0b:ac:fe:
12:c8:5f:c0:c8:d3:38:cc:0f:42:a6:d3:38:f1:06:f8:1f:34:
f0:6a:f7:2e:58:35:de:a6:96:3e:bf:4e:a6:34:97:f6:da:3c:
0c:7e:50:af:af:15:11:49:3c:9e:da:2e:0b:fa:89:72:2b:a9:
34:2a:6c:2f:5c:09:4d:17:96:04:79:94:ec:23:0b:cb:f6:e2:
64:04:4f:82:b6:55:ac:20:10:ac:2b:7c:9c:09:7e:e7:96:c3:
1b:e7:2e:40:62:be:8b:ac:c1:eb:8e:33:63:4f:70:c6:40:bb:
85:25:07:c3:77:ee:f7:8c:be:19:79:a6:a8:8c:7c:10:9a:01:
91:50:7c:c7:5f:bc:ba:a5:bc:5a:71:67:e5:53:61:e3:2f:88:
75:c5:79:db:85:49:71:dd:dd:84:1e:9c:0e:e5:48:c2:47:38:
76:f4:bf:80:60:0a:f5:8e:c5:d5:00:78:61:fd:13:18:0b:f4:
93:d2:8c:3b:be:b0:07:5d:31:92:86:52:87:6a:e3:98:dd:04:
19:42:37:d2:9a:0b:c2:68:50:62:96:6a:95:97:a8:62:3c:fb:
44:1b:07:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+9Igd4CSxlwMvM4l1ySLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTVjOGZkNmEzNDRkYzcwMjhlNTYyOTI4OGUwOWI4YTQxMzE4MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/WvxyAYZ4LOj8yIMvOThUuvos4r
CcFm9T6Ui8NJPqxZ3zPnayi3enmQ0avqMgLPkejsPDXumiRE0w431F7R+vpm6sNn
9OC38scG49WWCvF6ngxb/j7KGZKjlqL2EDpfRin5PXYZFyPvNw+ioL12hTtwvhPr
uYBeoTiA+sLm8AlWCJF+o1DF1YquW+nW61AYOUKL21vz9LSgp44A24wIMaJnrcAR
YeIFm/+77+oDFrAtfHoGeDaiHU6Loduiq0ciK2IQnOGmWG4gz477SSyGpFmEv5vR
351Q80OPfY65dlXZxR7y+mk0FuUQaPsqKedubsYcRNAi8ErjaF5CBiMYYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVcj9ajRNxwKOVikojgm4pBMYKQMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvbFZ5UDFxTkUzSEFvNVdLU2lPQ2Jpa0V4Z3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVZ+MA0G
CSqGSIb3DQEBCwUAA4IBAQBTm6XrwS3LwWEvtF5yq1NG1HHiZmzND8/DjWck+hD2
f/MLrP4SyF/AyNM4zA9CptM48Qb4HzTwavcuWDXeppY+v06mNJf22jwMflCvrxUR
STye2i4L+olyK6k0KmwvXAlNF5YEeZTsIwvL9uJkBE+CtlWsIBCsK3ycCX7nlsMb
5y5AYr6LrMHrjjNjT3DGQLuFJQfDd+73jL4ZeaaojHwQmgGRUHzHX7y6pbxacWfl
U2HjL4h1xXnbhUlx3d2EHpwO5UjCRzh29L+AYAr1jsXVAHhh/RMYC/ST0ow7vrAH
XTGShlKHauOY3QQZQjfSmgvCaFBilmqVl6hiPPtEGwda
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:57 2024 by rpki-client on console-ams.rpki-client.org