Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/yZLsxC_FzukZDWaqop7minHBXAA.roa
File: yZLsxC_FzukZDWaqop7minHBXAA.roa (raw, json)
Hash identifier: IDWsEc2xGhhhYwpuT5XTz7J8p293GgqYpE3uqbfO1A8=
Subject key identifier: C9:92:EC:C4:2F:C5:CE:E9:19:0D:66:AA:A2:9E:E6:8A:71:C1:5C:00
Certificate issuer: /CN=56af20a60aefacf39fd56a743d1a99534c4850bc
Certificate serial: 0185720C7F301E402DEE2DC334BEAAE8299E
Authority key identifier: 56:AF:20:A6:0A:EF:AC:F3:9F:D5:6A:74:3D:1A:99:53:4C:48:50:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/yZLsxC_FzukZDWaqop7minHBXAA.roa
Signing time: Mon 02 Jan 2023 10:34:59 +0000
ROA not before: Mon 02 Jan 2023 10:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208372
IP address blocks: 45.142.56.0/22 maxlen: 22
2a0e:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:7f:30:1e:40:2d:ee:2d:c3:34:be:aa:e8:29:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56af20a60aefacf39fd56a743d1a99534c4850bc
Validity
Not Before: Jan 2 10:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c992ecc42fc5cee9190d66aaa29ee68a71c15c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a6:0c:e0:cc:77:7a:c9:5b:c4:b3:7d:ed:2c:
dd:42:95:36:da:8f:06:fa:08:19:08:20:f9:70:38:
87:38:92:23:8c:84:e5:e9:e8:fe:98:b0:a2:3a:bf:
cb:a7:83:58:96:24:c9:7d:c0:3f:79:5a:4f:fe:fa:
66:7b:83:52:f8:70:60:29:34:64:61:f9:35:b8:5c:
64:66:98:1c:57:6a:29:70:e9:44:98:f2:cc:ce:3a:
5a:79:6d:27:00:2c:d3:e9:54:db:39:4d:36:0d:22:
28:33:37:be:89:80:18:6c:01:68:7f:38:15:bb:8c:
ee:be:e1:02:2c:36:c9:cd:fe:bf:d9:af:62:82:01:
0d:e1:5f:55:b6:cd:84:57:d4:5b:c5:a5:41:cd:0d:
48:5c:57:46:6d:25:34:cf:0e:28:68:89:24:9f:96:
02:3f:f9:f2:4a:ac:d5:61:ef:6d:7a:a6:16:66:86:
6c:99:51:fd:80:ca:96:18:96:e2:b9:e6:5d:dd:73:
58:dd:fb:4f:14:b9:a9:4f:ed:e9:d0:7e:85:16:d1:
22:e2:0c:83:6d:bb:82:94:19:77:41:42:fe:6b:56:
30:f8:af:46:a6:87:e4:70:ef:82:c0:b8:bd:5a:f6:
e9:53:9e:f9:82:9a:f1:af:a9:c8:24:e5:a2:83:c5:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:92:EC:C4:2F:C5:CE:E9:19:0D:66:AA:A2:9E:E6:8A:71:C1:5C:00
X509v3 Authority Key Identifier:
keyid:56:AF:20:A6:0A:EF:AC:F3:9F:D5:6A:74:3D:1A:99:53:4C:48:50:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/yZLsxC_FzukZDWaqop7minHBXAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d7c5d1-6c1c-4f2c-b123-93e2ac9593dc/1/Vq8gpgrvrPOf1Wp0PRqZU0xIULw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.56.0/22
IPv6:
2a0e:d640::/29
Signature Algorithm: sha256WithRSAEncryption
bb:92:18:2c:ef:8b:7e:c3:7d:e4:b4:d7:da:75:00:76:27:15:
65:0a:a5:90:9b:55:41:64:af:15:83:75:d0:57:00:2c:cb:5c:
22:cb:53:5d:20:26:4a:bb:b3:ba:8d:14:2a:11:ef:64:87:6a:
76:09:80:ed:43:76:60:9a:85:06:53:6d:4c:7e:82:2f:e7:5c:
88:78:5b:73:05:81:5f:36:4f:b2:55:47:bc:c5:3d:31:57:ac:
cd:41:26:c6:00:8f:d5:d0:ae:ca:ca:6d:5f:f5:d4:19:d1:ab:
d0:38:c3:dc:4a:a5:02:f4:f5:c9:0c:ba:ed:9b:89:a9:03:7c:
c8:c1:8d:bc:4a:e7:9e:d3:9d:f2:ef:d4:e1:9c:75:9f:d6:a6:
e5:5d:be:fa:dc:90:6d:e5:02:6f:19:19:8a:2a:49:6e:a7:a2:
a2:f7:6b:f9:be:62:89:a2:87:cb:99:1f:e3:31:de:ca:38:80:
75:8f:87:3b:5d:6f:b9:00:c2:9a:29:6f:50:7d:89:10:48:6e:
f8:b3:80:76:21:38:33:90:4f:1d:dd:12:08:ef:78:b0:ae:8f:
43:c1:e1:cb:8c:d1:2e:b1:8d:5b:96:b6:00:ed:f5:b0:a3:48:
b9:7e:72:e5:3f:e7:62:a7:f8:b1:25:65:0b:57:1d:18:17:ed:
5e:f2:25:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyDH8wHkAt7i3DNL6q6CmeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWYyMGE2MGFlZmFjZjM5ZmQ1NmE3NDNkMWE5OTUzNGM0
ODUwYmMwHhcNMjMwMTAyMTAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkyZWNjNDJmYzVjZWU5MTkwZDY2YWFhMjllZTY4YTcxYzE1YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6YM4Mx3eslbxLN97SzdQpU22o8G
+ggZCCD5cDiHOJIjjITl6ej+mLCiOr/Lp4NYliTJfcA/eVpP/vpme4NS+HBgKTRk
Yfk1uFxkZpgcV2opcOlEmPLMzjpaeW0nACzT6VTbOU02DSIoMze+iYAYbAFofzgV
u4zuvuECLDbJzf6/2a9iggEN4V9Vts2EV9RbxaVBzQ1IXFdGbSU0zw4oaIkkn5YC
P/nySqzVYe9teqYWZoZsmVH9gMqWGJbiueZd3XNY3ftPFLmpT+3p0H6FFtEi4gyD
bbuClBl3QUL+a1Yw+K9GpofkcO+CwLi9WvbpU575gprxr6nIJOWig8URawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMmS7MQvxc7pGQ1mqqKe5opxwVwAMB8GA1UdIwQY
MBaAFFavIKYK76zzn9VqdD0amVNMSFC8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnE4Z3BncnZyUE9mMVdwMFBScVpVMHhJVUx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kN2M1ZDEtNmMxYy00ZjJjLWIxMjMt
OTNlMmFjOTU5M2RjLzEveVpMc3hDX0Z6dWtaRFdhcW9wN21pbkhCWEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kN2M1ZDEtNmMxYy00ZjJjLWIxMjMtOTNlMmFjOTU5M2Rj
LzEvVnE4Z3BncnZyUE9mMVdwMFBScVpVMHhJVUx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY44MA0E
AgACMAcDBQMqDtZAMA0GCSqGSIb3DQEBCwUAA4IBAQC7khgs74t+w33ktNfadQB2
JxVlCqWQm1VBZK8Vg3XQVwAsy1wiy1NdICZKu7O6jRQqEe9kh2p2CYDtQ3ZgmoUG
U21MfoIv51yIeFtzBYFfNk+yVUe8xT0xV6zNQSbGAI/V0K7Kym1f9dQZ0avQOMPc
SqUC9PXJDLrtm4mpA3zIwY28Suee053y79ThnHWf1qblXb763JBt5QJvGRmKKklu
p6Ki92v5vmKJoofLmR/jMd7KOIB1j4c7XW+5AMKaKW9QfYkQSG74s4B2ITgzkE8d
3RII73iwro9DweHLjNEusY1blrYA7fWwo0i5fnLlP+dip/ixJWULVx0YF+1e8iW9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:59 2024 by rpki-client on console-ams.rpki-client.org