Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2e9677-c5dd-4a31-a8e7-168f21508c74/1/0qBoxQlELdNJEd0vnq-GDDhZG6U.roa
File: 0qBoxQlELdNJEd0vnq-GDDhZG6U.roa (raw, json)
Hash identifier: V2aHTFYBYdT3lHKW8wsJiHMrcscm7PWUBh34yPgybf4=
Subject key identifier: D2:A0:68:C5:09:44:2D:D3:49:11:DD:2F:9E:AF:86:0C:38:59:1B:A5
Certificate issuer: /CN=22acf66f0019c556331bef9ecd8df652782a63f8
Certificate serial: 018570F0AE18DBC7DC1BD420D5A5BA0F6622
Authority key identifier: 22:AC:F6:6F:00:19:C5:56:33:1B:EF:9E:CD:8D:F6:52:78:2A:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iqz2bwAZxVYzG--ezY32UngqY_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2e9677-c5dd-4a31-a8e7-168f21508c74/1/0qBoxQlELdNJEd0vnq-GDDhZG6U.roa
Signing time: Mon 02 Jan 2023 05:24:59 +0000
ROA not before: Mon 02 Jan 2023 05:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62321
IP address blocks: 45.89.8.0/22 maxlen: 22
2a0e:b40::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 11 Jul 2023 21:58:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:ae:18:db:c7:dc:1b:d4:20:d5:a5:ba:0f:66:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22acf66f0019c556331bef9ecd8df652782a63f8
Validity
Not Before: Jan 2 05:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2a068c509442dd34911dd2f9eaf860c38591ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fc:75:c0:20:32:c8:8f:57:6c:13:c0:a0:f6:
a0:21:57:81:04:aa:fd:f2:e0:6c:e8:a0:eb:0d:e8:
29:a9:d1:7a:e9:0d:bc:61:a7:69:83:fc:8b:e8:56:
53:a8:b8:74:3f:bf:59:14:45:a5:8d:ed:90:36:18:
5d:22:bc:2f:4c:06:60:7b:03:e9:40:0f:20:ab:3c:
72:4f:fd:9d:3f:94:6d:06:13:f7:ba:12:59:53:57:
ea:9b:85:78:86:25:48:3d:42:cf:47:d7:92:6c:e0:
9f:61:d9:40:11:f6:d2:31:9f:b1:6c:6e:03:74:f1:
9b:6e:c5:31:af:17:75:a3:a6:06:9d:f1:ef:17:28:
16:d1:e2:ed:a7:ae:f1:2d:00:a3:cd:1f:d4:a1:05:
be:5e:b4:a9:36:d9:fd:cb:cb:f1:9a:06:1e:6d:f5:
df:b9:0b:68:5d:b7:7b:7e:aa:ad:a7:c4:52:eb:53:
d8:65:41:c2:71:5b:22:ad:2c:d3:27:de:6d:39:30:
d8:f0:c8:af:a7:19:1c:5b:cd:f9:36:0a:5c:fc:88:
8f:83:63:ae:a2:88:90:8e:f4:c8:b5:7e:84:1b:f6:
54:45:f5:75:18:e2:80:e9:02:43:4f:4d:c3:76:20:
3e:a4:c3:8e:a3:82:82:55:c2:23:0a:cd:06:79:ab:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A0:68:C5:09:44:2D:D3:49:11:DD:2F:9E:AF:86:0C:38:59:1B:A5
X509v3 Authority Key Identifier:
keyid:22:AC:F6:6F:00:19:C5:56:33:1B:EF:9E:CD:8D:F6:52:78:2A:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iqz2bwAZxVYzG--ezY32UngqY_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2e9677-c5dd-4a31-a8e7-168f21508c74/1/0qBoxQlELdNJEd0vnq-GDDhZG6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2e9677-c5dd-4a31-a8e7-168f21508c74/1/Iqz2bwAZxVYzG--ezY32UngqY_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.8.0/22
IPv6:
2a0e:b40::/48
Signature Algorithm: sha256WithRSAEncryption
39:e1:a3:fb:af:e3:f9:f4:d1:de:ff:27:5a:d4:dc:33:2e:e9:
ee:1a:89:bb:c3:eb:3a:26:d6:1a:0e:42:b9:29:e2:39:b1:db:
89:a3:8e:fe:ed:ac:86:89:47:cd:9c:47:54:b4:f7:a1:d8:18:
79:7c:39:35:f1:d7:04:de:42:1c:c8:37:71:0b:c0:fa:97:0f:
33:38:3d:a1:71:be:d3:5c:59:25:e3:1a:f5:f0:83:f9:13:54:
3b:c5:11:38:02:a1:c9:01:a3:e4:fc:9b:fc:9f:ed:5a:5f:3c:
d0:76:95:bb:e3:c9:3f:bb:05:95:e2:a7:9e:8a:f7:91:db:49:
15:a5:32:fe:93:7d:58:76:07:93:e8:ca:8c:d5:d4:91:18:f9:
dc:f6:4d:3a:b6:fc:e3:f8:08:67:08:59:13:1e:99:16:e0:15:
42:d9:d9:11:5d:a2:5f:77:f9:e0:5f:86:58:b9:69:c3:2e:5d:
14:81:04:4d:ca:d2:9e:d9:ba:ac:0e:1a:ae:98:10:9f:41:f7:
21:ae:8a:1d:b9:33:64:1f:88:05:53:03:20:07:9b:64:e4:2d:
54:c6:7b:3a:ed:1b:2a:e0:e8:f8:e2:fe:27:1f:60:62:f8:96:
2d:83:e3:01:c9:cb:4a:01:d7:62:68:0b:73:e9:7e:f8:16:44:
f4:3c:b5:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVw8K4Y28fcG9Qg1aW6D2YiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYWNmNjZmMDAxOWM1NTYzMzFiZWY5ZWNkOGRmNjUyNzgy
YTYzZjgwHhcNMjMwMTAyMDUyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmEwNjhjNTA5NDQyZGQzNDkxMWRkMmY5ZWFmODYwYzM4NTkxYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfx1wCAyyI9XbBPAoPagIVeBBKr9
8uBs6KDrDegpqdF66Q28Yadpg/yL6FZTqLh0P79ZFEWlje2QNhhdIrwvTAZgewPp
QA8gqzxyT/2dP5RtBhP3uhJZU1fqm4V4hiVIPULPR9eSbOCfYdlAEfbSMZ+xbG4D
dPGbbsUxrxd1o6YGnfHvFygW0eLtp67xLQCjzR/UoQW+XrSpNtn9y8vxmgYebfXf
uQtoXbd7fqqtp8RS61PYZUHCcVsirSzTJ95tOTDY8MivpxkcW835Ngpc/IiPg2Ou
ooiQjvTItX6EG/ZURfV1GOKA6QJDT03DdiA+pMOOo4KCVcIjCs0Geav90wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNKgaMUJRC3TSRHdL56vhgw4WRulMB8GA1UdIwQY
MBaAFCKs9m8AGcVWMxvvns2N9lJ4KmP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXF6MmJ3QVp4Vll6Ry0tZXpZMzJVbmdxWV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yZTk2NzctYzVkZC00YTMxLWE4ZTct
MTY4ZjIxNTA4Yzc0LzEvMHFCb3hRbEVMZE5KRWQwdm5xLUdERGhaRzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yZTk2NzctYzVkZC00YTMxLWE4ZTctMTY4ZjIxNTA4Yzc0
LzEvSXF6MmJ3QVp4Vll6Ry0tZXpZMzJVbmdxWV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLVkIMA8E
AgACMAkDBwAqDgtAAAAwDQYJKoZIhvcNAQELBQADggEBADnho/uv4/n00d7/J1rU
3DMu6e4aibvD6zom1hoOQrkp4jmx24mjjv7trIaJR82cR1S096HYGHl8OTXx1wTe
QhzIN3ELwPqXDzM4PaFxvtNcWSXjGvXwg/kTVDvFETgCockBo+T8m/yf7VpfPNB2
lbvjyT+7BZXip56K95HbSRWlMv6TfVh2B5PoyozV1JEY+dz2TTq2/OP4CGcIWRMe
mRbgFULZ2RFdol93+eBfhli5acMuXRSBBE3K0p7ZuqwOGq6YEJ9B9yGuih25M2Qf
iAVTAyAHm2TkLVTGezrtGyrg6Pji/icfYGL4li2D4wHJy0oB12JoC3PpfvgWRPQ8
tZg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:52 2024 by rpki-client on console-ams.rpki-client.org