Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/iMbnArmbu-r2XRSPk_N0N-ZV-CM.roa
File: iMbnArmbu-r2XRSPk_N0N-ZV-CM.roa (raw, json)
Hash identifier: PckIjKhkmEgrh4bfVW3KvP/qrpw/TKBfrGwVooXqqOw=
Subject key identifier: 88:C6:E7:02:B9:9B:BB:EA:F6:5D:14:8F:93:F3:74:37:E6:55:F8:23
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01856C54123F902AF00551D92E7530B0113D
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/iMbnArmbu-r2XRSPk_N0N-ZV-CM.roa
Signing time: Sun 01 Jan 2023 07:55:26 +0000
ROA not before: Sun 01 Jan 2023 07:55:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209537
IP address blocks: 45.67.18.0/24 maxlen: 32
2a06:82c5::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:54:12:3f:90:2a:f0:05:51:d9:2e:75:30:b0:11:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 07:55:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88c6e702b99bbbeaf65d148f93f37437e655f823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:39:41:e1:8c:80:f9:2f:33:6f:42:56:5b:b0:
b9:85:a6:12:24:e0:d8:ea:b6:6c:ae:e5:99:3b:9d:
38:53:6f:cc:ce:89:35:5e:f6:04:2b:53:56:4a:7c:
41:77:93:6d:21:ab:f4:61:ad:3c:df:1a:70:85:a0:
e4:3b:29:47:ac:87:47:a3:47:8b:50:3d:20:25:aa:
35:df:99:8c:73:43:53:e9:a2:3a:b0:a2:95:2c:5c:
44:2b:04:4f:bf:40:d9:a7:80:32:df:f9:66:da:d8:
b4:8a:e3:86:b7:c0:70:00:93:ad:e7:ff:61:34:f0:
70:f9:09:3e:ae:aa:9d:a1:f6:1b:1d:54:30:c8:93:
11:6f:54:3b:09:5e:42:19:40:6f:e7:3e:08:be:86:
89:d4:db:12:e0:63:69:32:95:a8:08:d1:0f:2d:68:
15:67:24:ad:48:14:81:a9:a2:7c:c4:a4:e1:ac:62:
3f:61:b1:d4:c3:d8:5d:ed:80:72:d9:93:90:19:cf:
e1:0c:36:ee:88:bd:68:37:0c:3b:5c:9a:3f:c9:9e:
2d:d1:c1:ed:cd:85:1f:df:d0:59:41:b9:fb:62:c7:
51:32:9d:90:5b:69:a1:54:28:7c:d4:b8:ac:bf:47:
f4:80:d8:26:bc:75:04:7c:d1:18:43:6e:e9:ae:8b:
48:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:E7:02:B9:9B:BB:EA:F6:5D:14:8F:93:F3:74:37:E6:55:F8:23
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/iMbnArmbu-r2XRSPk_N0N-ZV-CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.18.0/24
IPv6:
2a06:82c5::/48
Signature Algorithm: sha256WithRSAEncryption
4a:e6:96:00:2d:cf:15:08:60:2b:70:0b:58:bc:ed:e6:45:40:
c4:28:80:b0:75:25:9b:34:38:45:8a:77:9d:1f:7d:80:96:6e:
71:b7:64:9c:b6:e0:47:97:e0:fa:3a:1e:b8:62:93:e1:c9:b1:
d3:91:ee:e0:cc:5f:a4:77:70:72:6d:29:88:f8:72:36:04:5a:
4b:8a:7b:ca:02:0e:d0:bb:16:34:5e:a9:6b:4d:db:e2:20:78:
2c:cc:a2:00:1c:69:bd:70:30:1b:1b:4d:75:85:4a:32:73:ba:
f6:5e:79:95:f4:f3:c5:fc:71:fc:d0:0d:1f:9c:5c:60:b3:23:
f8:a3:b7:d0:e2:d4:29:c2:7f:1e:75:cb:41:46:4c:45:c4:a6:
f4:12:15:ef:98:f5:8e:21:93:97:ca:2d:1f:ee:29:db:53:16:
08:9a:fb:d2:2c:fa:5c:24:f7:7a:fc:d8:d8:64:16:89:cc:c8:
22:ae:de:88:ce:3f:7b:59:d4:b4:a6:61:90:bd:8f:8b:b7:d7:
48:f9:ea:d8:7f:4c:29:fd:12:d1:65:83:80:cf:50:11:1e:39:
af:52:21:66:e0:41:da:33:6b:68:9d:be:ed:25:29:7e:f5:46:
75:ac:9d:4e:b0:ee:b5:99:a1:58:bf:44:f7:47:c6:c4:e0:3b:
22:58:c1:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsVBI/kCrwBVHZLnUwsBE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM2ZTcwMmI5OWJiYmVhZjY1ZDE0OGY5M2YzNzQzN2U2NTVmODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzlB4YyA+S8zb0JWW7C5haYSJODY
6rZsruWZO504U2/Mzok1XvYEK1NWSnxBd5NtIav0Ya083xpwhaDkOylHrIdHo0eL
UD0gJao135mMc0NT6aI6sKKVLFxEKwRPv0DZp4Ay3/lm2ti0iuOGt8BwAJOt5/9h
NPBw+Qk+rqqdofYbHVQwyJMRb1Q7CV5CGUBv5z4IvoaJ1NsS4GNpMpWoCNEPLWgV
ZyStSBSBqaJ8xKThrGI/YbHUw9hd7YBy2ZOQGc/hDDbuiL1oNww7XJo/yZ4t0cHt
zYUf39BZQbn7YsdRMp2QW2mhVCh81Lisv0f0gNgmvHUEfNEYQ27protI2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIjG5wK5m7vq9l0Uj5PzdDfmVfgjMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaU1ibkFybWJ1LXIyWFJTUGtfTjBOLVpWLUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALUMSMA8E
AgACMAkDBwAqBoLFAAAwDQYJKoZIhvcNAQELBQADggEBAErmlgAtzxUIYCtwC1i8
7eZFQMQogLB1JZs0OEWKd50ffYCWbnG3ZJy24EeX4Po6Hrhik+HJsdOR7uDMX6R3
cHJtKYj4cjYEWkuKe8oCDtC7FjReqWtN2+IgeCzMogAcab1wMBsbTXWFSjJzuvZe
eZX088X8cfzQDR+cXGCzI/ijt9Di1CnCfx51y0FGTEXEpvQSFe+Y9Y4hk5fKLR/u
KdtTFgia+9Is+lwk93r82NhkFonMyCKu3ojOP3tZ1LSmYZC9j4u310j56th/TCn9
EtFlg4DPUBEeOa9SIWbgQdoza2idvu0lKX71RnWsnU6w7rWZoVi/RPdHxsTgOyJY
weY=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:00 2024 by rpki-client on console-ams.rpki-client.org