Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/9ymI7fZ1EQmdzIVk99VBCHQcCOY.roa
File: 9ymI7fZ1EQmdzIVk99VBCHQcCOY.roa (raw, json)
Hash identifier: UQ9Bzw7eoI+uX1ZDeZnxpc5XqasxjS0r7Gm3hckq45M=
Subject key identifier: F7:29:88:ED:F6:75:11:09:9D:CC:85:64:F7:D5:41:08:74:1C:08:E6
Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Certificate serial: 0185708C99703417D9DF21A6DDEE703902F1
Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/9ymI7fZ1EQmdzIVk99VBCHQcCOY.roa
Signing time: Mon 02 Jan 2023 03:35:40 +0000
ROA not before: Mon 02 Jan 2023 03:35:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41633
IP address blocks: 45.67.157.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:99:70:34:17:d9:df:21:a6:dd:ee:70:39:02:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a
Validity
Not Before: Jan 2 03:35:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72988edf67511099dcc8564f7d54108741c08e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:76:22:b1:0a:1c:96:fd:36:c5:46:24:de:b5:
55:52:61:02:14:e2:7a:d6:11:94:47:47:c4:80:0e:
27:b9:2b:02:47:d8:6b:99:cc:b2:a3:8e:05:97:5c:
da:e7:76:ad:62:97:37:cc:b8:07:8f:7d:f4:18:5b:
51:44:2f:29:75:a4:8a:ae:2a:bb:8d:f4:2b:6f:58:
fd:49:ec:0d:b0:03:92:3a:fd:44:3a:9e:c5:cf:46:
41:c9:df:fe:1e:a7:ef:a9:f4:c0:69:7c:fb:08:0c:
76:d0:a5:a3:0c:1b:25:9b:ee:9c:f2:b3:79:f1:cd:
9b:97:79:f9:1d:eb:26:42:22:2a:31:6d:54:25:f2:
d0:62:7c:24:42:95:12:6d:7a:d0:99:19:45:32:8e:
7b:a9:6b:16:a4:4c:e4:83:b5:46:9b:17:ab:7a:18:
12:b4:ee:fe:85:cb:14:05:2d:3a:65:f7:61:b4:8b:
55:af:b4:e1:d2:2f:ee:cc:4f:05:3a:9b:e6:ca:6b:
17:71:f8:70:9f:5e:d7:1d:ff:f1:8f:cc:60:67:ea:
a6:dc:99:7f:8b:05:1f:b4:e0:6f:3e:45:41:1b:b5:
de:16:5a:df:b2:2b:01:ed:ac:90:1e:75:87:61:a1:
72:89:ed:9b:92:20:6a:27:e7:43:c8:98:c2:65:f0:
10:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:29:88:ED:F6:75:11:09:9D:CC:85:64:F7:D5:41:08:74:1C:08:E6
X509v3 Authority Key Identifier:
keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/9ymI7fZ1EQmdzIVk99VBCHQcCOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.157.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:1f:7c:ce:ed:27:9d:e2:b4:81:6c:fa:19:3a:b9:21:88:5c:
2d:c7:3e:8d:bf:16:5e:bf:72:63:4f:fe:a1:56:1f:fb:ea:ca:
8b:02:59:8c:fa:2c:90:c1:1b:9b:c2:fd:91:1a:95:ab:51:a9:
31:9a:9b:3a:5d:c6:46:80:d0:6f:bc:45:0a:25:d2:5d:e6:08:
86:a9:33:e3:17:9f:4d:9d:2e:17:32:ac:82:15:c3:43:b0:f5:
37:c0:8a:d1:f6:cb:85:3e:2a:4a:2c:7a:62:54:93:a9:75:de:
35:78:07:8e:e5:70:30:fc:f0:2d:c2:6e:e4:72:47:e1:2b:01:
ee:62:37:65:72:b3:76:ae:ef:c7:bd:7b:fc:ed:d9:86:ad:f5:
16:4e:fc:cd:ca:de:71:82:93:72:7e:18:4d:3b:03:59:9e:cc:
ec:bc:c3:49:3e:ed:3d:d7:56:43:5c:ef:d5:2b:d4:65:c2:ca:
70:ca:99:fc:1f:e3:60:91:ca:ec:50:24:bf:8b:23:03:ec:c3:
f3:d6:99:63:22:17:0d:22:f4:9a:db:f3:5a:c4:ab:20:dc:77:
18:31:35:ec:db:31:fe:ad:e9:16:66:cf:5d:5c:de:5f:a3:d9:
ce:7c:70:9e:33:12:6f:c0:8d:2f:3b:e0:84:65:37:0b:cf:a4:
af:21:d8:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjJlwNBfZ3yGm3e5wOQLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw
ZDVkN2EwHhcNMjMwMTAyMDMzNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI5ODhlZGY2NzUxMTA5OWRjYzg1NjRmN2Q1NDEwODc0MWMwOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHYisQoclv02xUYk3rVVUmECFOJ6
1hGUR0fEgA4nuSsCR9hrmcyyo44Fl1za53atYpc3zLgHj330GFtRRC8pdaSKriq7
jfQrb1j9SewNsAOSOv1EOp7Fz0ZByd/+HqfvqfTAaXz7CAx20KWjDBslm+6c8rN5
8c2bl3n5HesmQiIqMW1UJfLQYnwkQpUSbXrQmRlFMo57qWsWpEzkg7VGmxerehgS
tO7+hcsUBS06ZfdhtItVr7Th0i/uzE8FOpvmymsXcfhwn17XHf/xj8xgZ+qm3Jl/
iwUftOBvPkVBG7XeFlrfsisB7ayQHnWHYaFyie2bkiBqJ+dDyJjCZfAQdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcpiO32dREJncyFZPfVQQh0HAjmMB8GA1UdIwQY
MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt
MGM0OTU0NzdjYTEwLzEvOXltSTdmWjFFUW1keklWazk5VkJDSFFjQ09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw
LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUOdMA0G
CSqGSIb3DQEBCwUAA4IBAQCyH3zO7Sed4rSBbPoZOrkhiFwtxz6NvxZev3JjT/6h
Vh/76sqLAlmM+iyQwRubwv2RGpWrUakxmps6XcZGgNBvvEUKJdJd5giGqTPjF59N
nS4XMqyCFcNDsPU3wIrR9suFPipKLHpiVJOpdd41eAeO5XAw/PAtwm7kckfhKwHu
YjdlcrN2ru/HvXv87dmGrfUWTvzNyt5xgpNyfhhNOwNZnszsvMNJPu0911ZDXO/V
K9Rlwspwypn8H+NgkcrsUCS/iyMD7MPz1pljIhcNIvSa2/NaxKsg3HcYMTXs2zH+
rekWZs9dXN5fo9nOfHCeMxJvwI0vO+CEZTcLz6SvIdjE
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:40 2024 by rpki-client on console-ams.rpki-client.org