Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/eyx90hwfWvvQopOWlsJrmolHK9k.roa
File: eyx90hwfWvvQopOWlsJrmolHK9k.roa (raw, json)
Hash identifier: ujSIc58Fp9rdbQWqHfmNV0+R4lXvu0cU37ypEcFvQq8=
Subject key identifier: 7B:2C:7D:D2:1C:1F:5A:FB:D0:A2:93:96:96:C2:6B:9A:89:47:2B:D9
Certificate issuer: /CN=d485b6e9d89fb010369971ed88857205985d4918
Certificate serial: 018571D7BB99F76064DA9907CB75A5269013
Authority key identifier: D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/eyx90hwfWvvQopOWlsJrmolHK9k.roa
Signing time: Mon 02 Jan 2023 09:37:21 +0000
ROA not before: Mon 02 Jan 2023 09:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208725
IP address blocks: 45.87.76.0/22 maxlen: 22
2a0e:f780::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:bb:99:f7:60:64:da:99:07:cb:75:a5:26:90:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d485b6e9d89fb010369971ed88857205985d4918
Validity
Not Before: Jan 2 09:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b2c7dd21c1f5afbd0a2939696c26b9a89472bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:00:d5:c1:3f:39:b9:0f:54:58:08:33:c8:dc:
38:cf:10:e3:85:54:eb:23:a4:92:76:4e:7a:1a:fb:
ea:a1:1b:1b:e9:45:81:ed:d8:94:d6:17:3a:a2:ce:
85:3c:ea:34:af:60:33:aa:3b:1f:03:b0:74:f8:40:
f0:53:87:d0:ba:4c:37:55:85:da:d1:9c:77:90:f7:
fd:ac:5e:b8:c3:37:a7:b4:24:fe:38:89:53:79:4b:
f0:e2:f3:43:ad:4e:be:0d:79:18:c6:6a:16:d2:5c:
08:37:8b:b8:4c:7c:9b:fa:47:3a:ed:10:65:79:b8:
f7:e8:d2:68:53:35:4f:78:8f:3b:5e:49:3b:c5:ef:
08:c3:86:42:da:d8:d9:25:f0:d1:0f:db:d7:d2:8c:
9e:3a:d6:21:a6:3d:9a:c1:6a:3c:24:4e:64:34:a9:
65:9f:0c:ee:ea:b7:f2:91:03:23:5a:7e:30:f9:fb:
fe:56:03:99:9c:12:89:02:04:3f:51:23:05:5e:80:
37:87:d9:e9:16:e3:41:f7:10:61:46:00:a7:41:7e:
b0:32:03:bf:bf:6e:e3:40:25:63:f6:43:15:27:7a:
04:ed:cb:b6:dc:f2:8a:4a:23:b6:ba:55:9d:75:fb:
2a:2c:b0:74:70:9d:e5:7c:7e:cd:e7:21:ea:62:62:
2f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2C:7D:D2:1C:1F:5A:FB:D0:A2:93:96:96:C2:6B:9A:89:47:2B:D9
X509v3 Authority Key Identifier:
keyid:D4:85:B6:E9:D8:9F:B0:10:36:99:71:ED:88:85:72:05:98:5D:49:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IW26difsBA2mXHtiIVyBZhdSRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/eyx90hwfWvvQopOWlsJrmolHK9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/858910-c501-459c-a313-7ac680ed5dd7/1/1IW26difsBA2mXHtiIVyBZhdSRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.76.0/22
IPv6:
2a0e:f780::/29
Signature Algorithm: sha256WithRSAEncryption
0f:e8:37:b0:88:0a:f2:43:03:f5:bf:9f:fd:08:ee:e9:73:80:
cf:c7:fe:85:22:41:79:e2:f3:31:50:a6:aa:fb:6c:29:8e:f2:
ac:06:eb:6c:d9:cc:08:87:0f:2d:46:65:24:71:52:1f:ec:71:
23:3b:52:24:9e:06:f4:a9:cd:47:fe:a0:ae:0a:3f:cf:8b:13:
76:66:e9:a8:a4:c3:02:eb:73:ff:bc:09:8c:ec:47:64:fc:98:
a6:08:ec:d6:72:21:c3:05:9e:fa:c7:6e:fc:8e:41:29:ea:82:
4f:cc:94:2c:c8:af:92:74:ba:52:6d:d0:da:a7:23:df:ae:12:
b7:62:a4:21:9b:0e:19:e1:47:92:a8:91:29:1e:85:35:bb:88:
3b:9a:90:f0:55:dc:d7:16:ae:c0:33:17:06:c2:03:c0:25:c4:
99:25:ae:83:cd:26:90:b0:bc:e6:07:2c:1f:dc:03:4b:3a:2a:
d3:2b:8b:91:0b:ef:80:88:04:03:dc:45:26:d8:01:88:65:67:
61:fc:8f:e3:2c:70:4c:03:6b:39:2d:07:c7:81:b7:85:b3:7f:
63:bb:d8:19:09:94:19:9c:d7:fb:4d:f9:bd:35:ec:9f:85:be:
e7:10:a4:14:b8:26:57:53:47:1c:bb:14:3f:e5:2a:21:17:4d:
b9:f5:1f:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx17uZ92Bk2pkHy3WlJpATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODViNmU5ZDg5ZmIwMTAzNjk5NzFlZDg4ODU3MjA1OTg1
ZDQ5MTgwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJjN2RkMjFjMWY1YWZiZDBhMjkzOTY5NmMyNmI5YTg5NDcyYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgDVwT85uQ9UWAgzyNw4zxDjhVTr
I6SSdk56GvvqoRsb6UWB7diU1hc6os6FPOo0r2AzqjsfA7B0+EDwU4fQukw3VYXa
0Zx3kPf9rF64wzentCT+OIlTeUvw4vNDrU6+DXkYxmoW0lwIN4u4THyb+kc67RBl
ebj36NJoUzVPeI87Xkk7xe8Iw4ZC2tjZJfDRD9vX0oyeOtYhpj2awWo8JE5kNKll
nwzu6rfykQMjWn4w+fv+VgOZnBKJAgQ/USMFXoA3h9npFuNB9xBhRgCnQX6wMgO/
v27jQCVj9kMVJ3oE7cu23PKKSiO2ulWddfsqLLB0cJ3lfH7N5yHqYmIvEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHssfdIcH1r70KKTlpbCa5qJRyvZMB8GA1UdIwQY
MBaAFNSFtunYn7AQNplx7YiFcgWYXUkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84NTg5MTAtYzUwMS00NTljLWEzMTMt
N2FjNjgwZWQ1ZGQ3LzEvZXl4OTBod2ZXdnZRb3BPV2xzSnJtb2xISzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84NTg5MTAtYzUwMS00NTljLWEzMTMtN2FjNjgwZWQ1ZGQ3
LzEvMUlXMjZkaWZzQkEybVhIdGlJVnlCWmhkU1JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVdMMA0E
AgACMAcDBQMqDveAMA0GCSqGSIb3DQEBCwUAA4IBAQAP6DewiAryQwP1v5/9CO7p
c4DPx/6FIkF54vMxUKaq+2wpjvKsButs2cwIhw8tRmUkcVIf7HEjO1Ikngb0qc1H
/qCuCj/PixN2ZumopMMC63P/vAmM7Edk/JimCOzWciHDBZ76x278jkEp6oJPzJQs
yK+SdLpSbdDapyPfrhK3YqQhmw4Z4UeSqJEpHoU1u4g7mpDwVdzXFq7AMxcGwgPA
JcSZJa6DzSaQsLzmBywf3ANLOirTK4uRC++AiAQD3EUm2AGIZWdh/I/jLHBMA2s5
LQfHgbeFs39ju9gZCZQZnNf7Tfm9Neyfhb7nEKQUuCZXU0ccuxQ/5SohF0259R+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:02 2024 by rpki-client on console-ams.rpki-client.org