Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/6nFosG4wcrAYqaObErHRxX8BMZY.roa
File: 6nFosG4wcrAYqaObErHRxX8BMZY.roa (raw, json)
Hash identifier: tPCBTxYaadUlvTItseq3mOKLBgr5feoarRv/1GcSuNA=
Subject key identifier: EA:71:68:B0:6E:30:72:B0:18:A9:A3:9B:12:B1:D1:C5:7F:01:31:96
Certificate issuer: /CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Certificate serial: 0185715E4C4CFA58A4BDFA03276C78D090AB
Authority key identifier: 93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/6nFosG4wcrAYqaObErHRxX8BMZY.roa
Signing time: Mon 02 Jan 2023 07:24:43 +0000
ROA not before: Mon 02 Jan 2023 07:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208206
IP address blocks: 45.154.20.0/22 maxlen: 24
2a0f:9f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Aug 2023 14:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:4c:4c:fa:58:a4:bd:fa:03:27:6c:78:d0:90:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Validity
Not Before: Jan 2 07:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea7168b06e3072b018a9a39b12b1d1c57f013196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a3:7b:73:53:2c:24:f3:5e:64:05:ff:cb:ec:
a6:70:45:8e:70:2a:01:38:8f:1d:b7:26:6e:25:bc:
82:ad:49:ce:88:cd:c6:6a:7a:e4:da:85:27:48:57:
66:93:9b:24:d1:8e:6c:eb:a7:54:ea:a8:25:0e:8f:
e8:4b:43:08:db:a7:d0:b7:cb:d4:df:b8:87:98:92:
de:dc:bb:4a:7b:9f:85:75:d9:af:c6:26:21:10:6e:
af:2b:aa:66:ad:d7:02:b8:b0:15:d1:4f:b1:97:97:
3c:5a:00:cb:17:b9:5f:4a:05:5c:2b:22:18:45:80:
d1:9f:eb:d9:21:1a:aa:3b:d1:b0:3c:12:61:5e:cc:
56:43:ad:91:0f:80:62:ac:a8:d5:4b:c2:91:30:23:
5c:e4:fa:94:c3:c8:56:97:c7:02:cf:8b:2d:47:7e:
71:c6:36:4d:82:57:de:af:28:23:3e:3e:e4:13:9a:
19:9f:c5:19:aa:b7:38:20:2b:d4:ab:17:d4:74:1f:
27:93:a6:66:5d:7c:d6:96:cd:3c:32:c2:d9:63:04:
14:51:f4:eb:bf:dd:2b:3d:a0:cc:a3:a6:95:8d:b0:
bf:ad:80:b5:06:d1:cf:95:b7:f0:5c:18:2e:4c:d8:
1d:6d:30:8d:32:ac:de:58:42:0a:d8:16:c3:0b:b9:
61:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:71:68:B0:6E:30:72:B0:18:A9:A3:9B:12:B1:D1:C5:7F:01:31:96
X509v3 Authority Key Identifier:
keyid:93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/6nFosG4wcrAYqaObErHRxX8BMZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.20.0/22
IPv6:
2a0f:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
42:b7:3e:65:e4:7a:7e:a7:c0:53:77:43:28:a8:fe:2e:39:f0:
32:09:8b:8b:2f:ea:01:4b:ff:c9:68:3a:1e:1c:ee:a0:d3:85:
59:47:62:b6:3d:06:c7:69:c5:e9:b6:7f:e4:e6:e7:de:9e:c7:
24:ad:72:f4:10:4d:85:28:aa:fe:0e:68:c1:ac:99:c9:00:05:
d6:b0:b3:d5:46:46:b0:e1:d4:fe:ec:a5:ce:e6:11:9a:48:a1:
44:c9:f5:7f:22:69:f9:99:f8:0a:82:f8:64:6c:2c:fb:7f:33:
52:ca:0d:8f:5f:9a:65:ce:8f:f1:b0:d3:5a:91:52:ea:d0:c0:
3e:f1:b3:7c:88:d7:2b:74:3d:7b:55:ca:8a:23:e9:66:41:69:
a5:d6:ef:2b:a1:d4:80:da:be:7d:18:0f:cf:8e:ba:ed:bb:f6:
95:16:87:e1:73:55:89:a2:85:6d:b0:33:81:2c:8a:3f:6a:52:
b0:de:98:5f:5b:c1:be:e1:47:cb:4a:07:a1:86:51:9f:00:cc:
cf:f8:9d:f2:a7:25:5d:4c:2e:00:73:bd:85:75:95:ae:ac:1a:
32:87:a2:7c:6e:e6:0d:31:fc:73:ca:1f:78:49:c5:31:e1:18:
fb:79:8f:c5:15:53:07:6e:44:f2:68:5b:70:e7:65:5e:c2:f9:
6f:9d:18:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxXkxM+likvfoDJ2x40JCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzOGVlOTUxY2RhYmMzY2U4MDVlYzhkZjBiZjM0MDNiZGZh
OWM2NTcwHhcNMjMwMTAyMDcyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTcxNjhiMDZlMzA3MmIwMThhOWEzOWIxMmIxZDFjNTdmMDEzMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaN7c1MsJPNeZAX/y+ymcEWOcCoB
OI8dtyZuJbyCrUnOiM3Ganrk2oUnSFdmk5sk0Y5s66dU6qglDo/oS0MI26fQt8vU
37iHmJLe3LtKe5+FddmvxiYhEG6vK6pmrdcCuLAV0U+xl5c8WgDLF7lfSgVcKyIY
RYDRn+vZIRqqO9GwPBJhXsxWQ62RD4BirKjVS8KRMCNc5PqUw8hWl8cCz4stR35x
xjZNglferygjPj7kE5oZn8UZqrc4ICvUqxfUdB8nk6ZmXXzWls08MsLZYwQUUfTr
v90rPaDMo6aVjbC/rYC1BtHPlbfwXBguTNgdbTCNMqzeWEIK2BbDC7lhxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOpxaLBuMHKwGKmjmxKx0cV/ATGWMB8GA1UdIwQY
MBaAFJOO6VHNq8POgF7I3wvzQDvfqcZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAt
ZTBmNWQ4NmUzN2EzLzEvNm5Gb3NHNHdjckFZcWFPYkVySFJ4WDhCTVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAtZTBmNWQ4NmUzN2Ez
LzEvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZoUMA0E
AgACMAcDBQMqD58AMA0GCSqGSIb3DQEBCwUAA4IBAQBCtz5l5Hp+p8BTd0MoqP4u
OfAyCYuLL+oBS//JaDoeHO6g04VZR2K2PQbHacXptn/k5ufensckrXL0EE2FKKr+
DmjBrJnJAAXWsLPVRkaw4dT+7KXO5hGaSKFEyfV/Imn5mfgKgvhkbCz7fzNSyg2P
X5plzo/xsNNakVLq0MA+8bN8iNcrdD17VcqKI+lmQWml1u8rodSA2r59GA/Pjrrt
u/aVFofhc1WJooVtsDOBLIo/alKw3phfW8G+4UfLSgehhlGfAMzP+J3ypyVdTC4A
c72FdZWurBoyh6J8buYNMfxzyh94ScUx4Rj7eY/FFVMHbkTyaFtw52VewvlvnRhm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:03 2024 by rpki-client on console-ams.rpki-client.org