Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/9nk26kE6kmShpk_XhN5zJn2QM7w.roa
File: 9nk26kE6kmShpk_XhN5zJn2QM7w.roa (raw, json)
Hash identifier: vt0lsAk9KNc2K6btSeR0XQb9/XhNJOprta2YDabM2CU=
Subject key identifier: F6:79:36:EA:41:3A:92:64:A1:A6:4F:D7:84:DE:73:26:7D:90:33:BC
Certificate issuer: /CN=061474cecdf5f503adab60fc55ee7f78a0dba9f2
Certificate serial: 018E65FD07FFDD3AFD4D6CB89380B85A2396
Authority key identifier: 06:14:74:CE:CD:F5:F5:03:AD:AB:60:FC:55:EE:7F:78:A0:DB:A9:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BhR0zs319QOtq2D8Ve5_eKDbqfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/9nk26kE6kmShpk_XhN5zJn2QM7w.roa
Signing time: Fri 22 Mar 2024 11:47:45 +0000
ROA not before: Fri 22 Mar 2024 11:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208925
IP address blocks: 45.14.248.0/22 maxlen: 22
2a12:d340::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 22 Apr 2024 17:07:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:65:fd:07:ff:dd:3a:fd:4d:6c:b8:93:80:b8:5a:23:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=061474cecdf5f503adab60fc55ee7f78a0dba9f2
Validity
Not Before: Mar 22 11:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f67936ea413a9264a1a64fd784de73267d9033bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cc:eb:ed:e7:cd:8a:f1:58:7f:d9:cd:e2:c0:
eb:a3:b0:ca:e6:cb:01:64:47:f7:5f:92:20:be:16:
03:d1:1d:a0:1a:11:7e:75:52:37:4b:ed:0d:a8:36:
6f:e5:dd:18:a2:de:88:3c:e3:26:2f:9f:17:5a:81:
3c:c1:97:44:49:8d:21:04:7e:63:70:bd:04:6c:ce:
93:90:64:2c:9f:27:9c:96:d1:7d:1c:34:3b:ed:0f:
c9:84:a5:bb:3c:d9:9a:a5:cc:cf:fc:40:5f:e4:d9:
05:56:71:d9:57:ba:4d:da:43:e1:0d:e0:2b:7b:b7:
87:bf:37:0b:c6:03:36:6e:67:e8:f5:e0:9f:56:78:
68:3a:c7:bf:38:1a:5e:ca:1a:7b:df:3d:ba:9f:41:
10:77:6a:1b:be:0c:d2:76:9d:d1:66:61:e9:f8:2e:
50:1b:92:ef:f8:9c:60:a2:95:56:21:2d:be:68:71:
e8:1b:e4:9f:34:fe:fc:b8:6d:f6:89:3c:84:83:ba:
36:cd:66:54:10:9d:1c:2a:55:d1:17:94:4d:60:32:
2b:4e:9c:08:13:f6:c4:62:5a:e8:1f:4d:e3:c0:92:
c5:30:6e:75:4d:76:ec:2e:29:69:d7:6c:83:25:d7:
7b:a4:36:db:78:8f:2c:74:92:25:12:12:51:3c:46:
8c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:79:36:EA:41:3A:92:64:A1:A6:4F:D7:84:DE:73:26:7D:90:33:BC
X509v3 Authority Key Identifier:
keyid:06:14:74:CE:CD:F5:F5:03:AD:AB:60:FC:55:EE:7F:78:A0:DB:A9:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhR0zs319QOtq2D8Ve5_eKDbqfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/9nk26kE6kmShpk_XhN5zJn2QM7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/96dff3-abe5-48fb-aa25-526e7f6d7f5b/1/BhR0zs319QOtq2D8Ve5_eKDbqfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.248.0/22
IPv6:
2a12:d340::/29
Signature Algorithm: sha256WithRSAEncryption
69:3c:5a:84:92:fb:85:1c:c0:48:ac:1a:33:3d:1e:32:a6:6b:
7b:72:23:bb:6b:6a:80:b7:f6:22:ff:c7:ea:22:f6:82:bb:81:
8c:81:5a:82:95:83:60:1c:d6:cd:aa:17:d0:26:fb:3b:a1:39:
1d:90:27:2d:4d:d2:a9:1d:3b:80:d0:ab:57:0a:02:e1:99:48:
a8:86:bd:9f:03:32:50:7f:55:f4:57:91:11:b9:24:f3:76:21:
35:47:4c:bb:09:0a:58:29:05:cc:4c:40:62:9c:5e:39:52:31:
82:f8:ff:d2:0c:47:33:85:f6:3a:6e:76:1f:b0:51:0e:42:ee:
60:75:32:e8:5c:18:0b:fa:11:4f:6f:30:51:9e:8e:04:ba:bc:
ed:b5:3b:6a:6b:05:77:0a:25:e9:8c:ac:ab:bd:52:be:49:19:
97:a7:1f:e3:fb:9d:58:fc:1d:e8:64:9c:40:85:8b:e9:ee:df:
34:07:44:24:00:ee:a2:68:f5:5a:4a:dc:e4:c9:e0:56:f9:64:
91:5f:29:91:48:c5:9d:39:2b:7b:ef:7a:35:9e:d4:f4:50:88:
a0:b6:c8:95:64:f1:3f:b7:88:c4:f1:70:51:88:44:a0:00:d8:
b4:75:8d:ff:eb:07:cd:a2:3a:c2:ae:ca:21:cb:e9:d2:c8:de:
e1:a5:9e:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5l/Qf/3Tr9TWy4k4C4WiOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MTQ3NGNlY2RmNWY1MDNhZGFiNjBmYzU1ZWU3Zjc4YTBk
YmE5ZjIwHhcNMjQwMzIyMTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjc5MzZlYTQxM2E5MjY0YTFhNjRmZDc4NGRlNzMyNjdkOTAzM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlczr7efNivFYf9nN4sDro7DK5ssB
ZEf3X5IgvhYD0R2gGhF+dVI3S+0NqDZv5d0Yot6IPOMmL58XWoE8wZdESY0hBH5j
cL0EbM6TkGQsnyecltF9HDQ77Q/JhKW7PNmapczP/EBf5NkFVnHZV7pN2kPhDeAr
e7eHvzcLxgM2bmfo9eCfVnhoOse/OBpeyhp73z26n0EQd2obvgzSdp3RZmHp+C5Q
G5Lv+JxgopVWIS2+aHHoG+SfNP78uG32iTyEg7o2zWZUEJ0cKlXRF5RNYDIrTpwI
E/bEYlroH03jwJLFMG51TXbsLilp12yDJdd7pDbbeI8sdJIlEhJRPEaMowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPZ5NupBOpJkoaZP14TecyZ9kDO8MB8GA1UdIwQY
MBaAFAYUdM7N9fUDratg/FXuf3ig26nyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmhSMHpzMzE5UU90cTJEOFZlNV9lS0RicWZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi85NmRmZjMtYWJlNS00OGZiLWFhMjUt
NTI2ZTdmNmQ3ZjViLzEvOW5rMjZrRTZrbVNocGtfWGhONXpKbjJRTTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi85NmRmZjMtYWJlNS00OGZiLWFhMjUtNTI2ZTdmNmQ3ZjVi
LzEvQmhSMHpzMzE5UU90cTJEOFZlNV9lS0RicWZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ74MA0E
AgACMAcDBQMqEtNAMA0GCSqGSIb3DQEBCwUAA4IBAQBpPFqEkvuFHMBIrBozPR4y
pmt7ciO7a2qAt/Yi/8fqIvaCu4GMgVqClYNgHNbNqhfQJvs7oTkdkCctTdKpHTuA
0KtXCgLhmUiohr2fAzJQf1X0V5ERuSTzdiE1R0y7CQpYKQXMTEBinF45UjGC+P/S
DEczhfY6bnYfsFEOQu5gdTLoXBgL+hFPbzBRno4EurzttTtqawV3CiXpjKyrvVK+
SRmXpx/j+51Y/B3oZJxAhYvp7t80B0QkAO6iaPVaStzkyeBW+WSRXymRSMWdOSt7
73o1ntT0UIigtsiVZPE/t4jE8XBRiESgANi0dY3/6wfNojrCrsohy+nSyN7hpZ7q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org