Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/D7jD34VnOtPOxxPEW3CXIa39gG8.roa
File: D7jD34VnOtPOxxPEW3CXIa39gG8.roa (raw, json)
Hash identifier: i9BdS54jenMygyejEqL1mAqfAzZAC1vWaitAJ4KwkO8=
Subject key identifier: 0F:B8:C3:DF:85:67:3A:D3:CE:C7:13:C4:5B:70:97:21:AD:FD:80:6F
Certificate issuer: /CN=bee0a94997672a920a290ccbfd049126f7075c99
Certificate serial: 01856DDD38E055F19A1F5371754D52F9FD2C
Authority key identifier: BE:E0:A9:49:97:67:2A:92:0A:29:0C:CB:FD:04:91:26:F7:07:5C:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vuCpSZdnKpIKKQzL_QSRJvcHXJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/D7jD34VnOtPOxxPEW3CXIa39gG8.roa
Signing time: Sun 01 Jan 2023 15:04:52 +0000
ROA not before: Sun 01 Jan 2023 15:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61241
IP address blocks: 45.136.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:38:e0:55:f1:9a:1f:53:71:75:4d:52:f9:fd:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bee0a94997672a920a290ccbfd049126f7075c99
Validity
Not Before: Jan 1 15:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fb8c3df85673ad3cec713c45b709721adfd806f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a9:da:c4:41:79:ab:78:6b:e1:b6:a6:00:d4:
47:bb:05:a5:da:f8:8e:13:c2:c7:b0:ea:90:e9:3f:
41:13:78:2c:41:81:90:e0:ab:a9:3f:56:57:ee:6a:
b5:a7:da:30:f1:f7:4f:54:64:44:db:af:4e:79:0c:
ee:bb:0e:b0:39:5d:9d:2c:bb:4f:7d:88:b4:98:93:
c0:ab:50:c3:17:6e:fa:32:a5:0e:76:5c:e7:f6:bb:
7e:01:c0:6c:e6:14:44:eb:58:6d:74:a2:7a:26:07:
82:1e:dc:ed:2d:ba:92:d8:dd:d0:75:4f:89:37:5b:
7d:ff:a6:0f:bf:e4:92:a1:7c:77:6f:51:06:3e:af:
58:4a:30:24:dd:75:b2:2e:d9:25:58:a3:24:8b:26:
85:49:87:bb:78:af:30:85:ac:14:50:03:cf:8a:a0:
c6:fb:b0:98:7a:52:48:73:3d:0c:47:77:fa:52:70:
1d:39:4f:74:66:51:91:f6:da:fa:ac:92:96:5c:9b:
d8:ed:3a:9e:be:3d:ad:d3:13:c1:f6:60:c6:9f:95:
2b:4f:ba:0a:5c:8b:82:c1:d9:c8:71:05:b1:23:67:
f9:06:64:6c:c4:06:a4:30:dd:38:bd:1e:54:8d:80:
a5:4c:38:33:a8:4e:69:19:d2:95:54:3c:4c:61:70:
e3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B8:C3:DF:85:67:3A:D3:CE:C7:13:C4:5B:70:97:21:AD:FD:80:6F
X509v3 Authority Key Identifier:
keyid:BE:E0:A9:49:97:67:2A:92:0A:29:0C:CB:FD:04:91:26:F7:07:5C:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vuCpSZdnKpIKKQzL_QSRJvcHXJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/D7jD34VnOtPOxxPEW3CXIa39gG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/c3e329-15ef-423a-bb12-3a6063cfea95/1/vuCpSZdnKpIKKQzL_QSRJvcHXJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.132.0/22
Signature Algorithm: sha256WithRSAEncryption
71:bf:d1:2c:ad:67:76:a1:8d:cb:2c:76:65:e2:d7:86:24:56:
8e:07:82:ab:e8:0e:c5:38:94:ea:69:a2:95:01:1d:26:e7:5b:
db:fc:98:d5:e4:8e:5f:15:fc:32:dc:60:ad:01:d0:21:35:45:
b4:6b:f6:87:80:d6:46:c1:bd:88:5a:62:bc:7e:11:a2:79:db:
f9:9b:40:ed:96:c8:13:ab:b1:2b:4e:ab:cb:3d:d0:ac:e6:68:
9c:93:ca:8c:e8:7f:13:f6:75:48:e2:19:ce:f4:59:16:ec:4d:
b0:20:06:30:ba:6d:ee:57:f9:fb:d8:7f:07:01:d3:f8:d1:19:
8d:77:1e:60:21:42:33:5a:39:40:d4:34:e2:8c:0a:98:91:7f:
24:23:e9:b6:cb:f1:d4:1a:f0:f2:f2:0c:22:7a:44:d1:ac:de:
81:5f:75:ef:ac:af:66:92:87:29:1c:22:4a:64:02:67:db:ca:
f7:20:60:81:25:9e:22:31:b0:f0:87:91:e1:dd:47:79:93:52:
27:2e:aa:17:b7:05:03:5c:b1:ed:75:66:9f:57:c9:1b:72:41:
ce:20:d0:a2:5e:dd:c0:df:f1:8a:bf:49:1d:88:54:96:96:b1:
cb:6f:cc:1b:11:27:c7:dc:bc:94:a7:68:08:b4:4c:93:ab:eb:
7f:c7:c3:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3TjgVfGaH1NxdU1S+f0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZTBhOTQ5OTc2NzJhOTIwYTI5MGNjYmZkMDQ5MTI2Zjcw
NzVjOTkwHhcNMjMwMTAxMTUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmI4YzNkZjg1NjczYWQzY2VjNzEzYzQ1YjcwOTcyMWFkZmQ4MDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjanaxEF5q3hr4bamANRHuwWl2viO
E8LHsOqQ6T9BE3gsQYGQ4KupP1ZX7mq1p9ow8fdPVGRE269OeQzuuw6wOV2dLLtP
fYi0mJPAq1DDF276MqUOdlzn9rt+AcBs5hRE61htdKJ6JgeCHtztLbqS2N3QdU+J
N1t9/6YPv+SSoXx3b1EGPq9YSjAk3XWyLtklWKMkiyaFSYe7eK8whawUUAPPiqDG
+7CYelJIcz0MR3f6UnAdOU90ZlGR9tr6rJKWXJvY7Tqevj2t0xPB9mDGn5UrT7oK
XIuCwdnIcQWxI2f5BmRsxAakMN04vR5UjYClTDgzqE5pGdKVVDxMYXDj7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+4w9+FZzrTzscTxFtwlyGt/YBvMB8GA1UdIwQY
MBaAFL7gqUmXZyqSCikMy/0EkSb3B1yZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnVDcFNaZG5LcElLS1F6TF9RU1JKdmNIWEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jM2UzMjktMTVlZi00MjNhLWJiMTIt
M2E2MDYzY2ZlYTk1LzEvRDdqRDM0Vm5PdFBPeHhQRVczQ1hJYTM5Z0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jM2UzMjktMTVlZi00MjNhLWJiMTItM2E2MDYzY2ZlYTk1
LzEvdnVDcFNaZG5LcElLS1F6TF9RU1JKdmNIWEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYiEMA0G
CSqGSIb3DQEBCwUAA4IBAQBxv9EsrWd2oY3LLHZl4teGJFaOB4Kr6A7FOJTqaaKV
AR0m51vb/JjV5I5fFfwy3GCtAdAhNUW0a/aHgNZGwb2IWmK8fhGiedv5m0DtlsgT
q7ErTqvLPdCs5mick8qM6H8T9nVI4hnO9FkW7E2wIAYwum3uV/n72H8HAdP40RmN
dx5gIUIzWjlA1DTijAqYkX8kI+m2y/HUGvDy8gwiekTRrN6BX3XvrK9mkocpHCJK
ZAJn28r3IGCBJZ4iMbDwh5Hh3Ud5k1InLqoXtwUDXLHtdWafV8kbckHOINCiXt3A
3/GKv0kdiFSWlrHLb8wbESfH3LyUp2gItEyTq+t/x8Pt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:11 2024 by rpki-client on console-fra.rpki-client.org