Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/1kWpXSRP6vhSE0aY6IR6S1mbPdI.roa
File: 1kWpXSRP6vhSE0aY6IR6S1mbPdI.roa (raw, json)
Hash identifier: 6avc1tH3ddCZEAXbQmLin5i3hAoDJraeSagbvMJrtcM=
Subject key identifier: D6:45:A9:5D:24:4F:EA:F8:52:13:46:98:E8:84:7A:4B:59:9B:3D:D2
Certificate issuer: /CN=9a78fd4d41a49384bdf6e7dc3ebbc500bf66d9d5
Certificate serial: 01856E26653A76CF37E79409929E523AB8FA
Authority key identifier: 9A:78:FD:4D:41:A4:93:84:BD:F6:E7:DC:3E:BB:C5:00:BF:66:D9:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnj9TUGkk4S99ufcPrvFAL9m2dU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/1kWpXSRP6vhSE0aY6IR6S1mbPdI.roa
Signing time: Sun 01 Jan 2023 16:24:48 +0000
ROA not before: Sun 01 Jan 2023 16:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 45.8.84.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:65:3a:76:cf:37:e7:94:09:92:9e:52:3a:b8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a78fd4d41a49384bdf6e7dc3ebbc500bf66d9d5
Validity
Not Before: Jan 1 16:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d645a95d244feaf852134698e8847a4b599b3dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:00:7f:85:cc:d1:41:0b:e9:18:0c:09:17:96:
6a:01:bd:bf:bb:44:64:98:b9:91:6b:f9:86:1b:49:
f8:fa:1f:f4:c4:43:81:4a:5a:e0:39:88:54:f7:1d:
6d:95:34:26:d2:14:85:00:f8:a0:f6:74:71:7a:40:
0a:c1:b9:b7:d7:0f:77:97:87:8e:ec:be:02:f8:79:
ff:42:40:65:0e:10:c0:20:9f:28:19:78:42:0e:db:
37:d6:e7:e4:7a:a5:55:13:49:c1:3a:27:91:e9:96:
5a:5d:96:44:28:26:56:0f:25:30:ad:fa:76:1a:74:
02:64:29:72:e4:99:a6:a8:bb:ab:c1:6e:79:82:35:
4a:e2:5a:c8:0f:ed:85:e0:4a:48:c7:04:65:16:e6:
e5:48:aa:0f:b0:51:ee:6c:53:6d:a9:a4:cd:4c:16:
98:a1:69:71:27:e4:5c:30:13:4c:d7:37:3b:b2:cf:
ee:e9:1d:36:38:23:1f:08:e5:94:b5:7f:ad:98:c7:
af:a5:43:44:50:36:6b:a9:c5:65:c7:17:1e:c2:ab:
4a:59:4d:e3:35:7c:94:31:c9:72:4c:67:6e:6f:89:
46:3a:7a:1a:86:49:cf:ec:3b:8a:d0:25:20:5e:38:
13:b6:61:e2:1b:40:e3:41:52:b6:7f:10:26:c3:6f:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:45:A9:5D:24:4F:EA:F8:52:13:46:98:E8:84:7A:4B:59:9B:3D:D2
X509v3 Authority Key Identifier:
keyid:9A:78:FD:4D:41:A4:93:84:BD:F6:E7:DC:3E:BB:C5:00:BF:66:D9:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnj9TUGkk4S99ufcPrvFAL9m2dU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/1kWpXSRP6vhSE0aY6IR6S1mbPdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/5cb98c-ee08-4b99-8b4d-c6f41060c5d7/1/mnj9TUGkk4S99ufcPrvFAL9m2dU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.84.0/22
Signature Algorithm: sha256WithRSAEncryption
59:a0:d0:58:ff:62:03:59:b7:41:3e:1e:e3:9a:6b:c7:e4:e1:
f8:91:1f:01:8e:6f:82:d7:dd:1d:7e:49:1e:8a:d7:c6:83:c4:
81:9c:37:67:c1:9d:eb:ab:18:67:e1:6e:f1:af:8e:5e:be:89:
40:a8:37:c4:c3:33:6b:f3:98:bf:08:9f:b3:7d:12:bc:3a:d3:
a9:d8:34:4d:1f:28:b5:d8:c4:43:ed:14:60:3e:85:e3:be:6d:
a0:3c:81:af:a6:14:c4:4a:33:bb:da:89:9d:bf:7b:9b:3a:2c:
4c:81:f7:39:c5:82:86:c5:07:da:cf:8e:86:00:f9:65:93:64:
5a:00:51:af:d4:6a:51:e7:60:37:e8:bd:5c:1d:50:a8:05:f0:
f8:54:5e:c3:48:ab:3a:a4:54:34:ad:85:8f:b1:c5:5b:5f:de:
a7:f2:4c:0b:d0:08:7c:cf:f6:1a:ab:c1:7a:06:a5:4a:21:80:
eb:14:70:07:47:d9:fb:d7:a6:8d:70:26:3e:b5:6f:9c:a2:4d:
b0:b4:61:ce:86:c4:ab:f6:12:48:1d:58:c5:73:90:3e:7e:05:
69:7f:42:c6:79:2a:b3:75:5c:de:e1:9e:5e:6c:57:71:4f:06:
d3:d1:56:88:78:e5:db:b0:7f:b7:c3:24:56:58:08:e4:1e:7a:
df:cf:d2:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJmU6ds8355QJkp5SOrj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzhmZDRkNDFhNDkzODRiZGY2ZTdkYzNlYmJjNTAwYmY2
NmQ5ZDUwHhcNMjMwMTAxMTYyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ1YTk1ZDI0NGZlYWY4NTIxMzQ2OThlODg0N2E0YjU5OWIzZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwB/hczRQQvpGAwJF5ZqAb2/u0Rk
mLmRa/mGG0n4+h/0xEOBSlrgOYhU9x1tlTQm0hSFAPig9nRxekAKwbm31w93l4eO
7L4C+Hn/QkBlDhDAIJ8oGXhCDts31ufkeqVVE0nBOieR6ZZaXZZEKCZWDyUwrfp2
GnQCZCly5JmmqLurwW55gjVK4lrID+2F4EpIxwRlFublSKoPsFHubFNtqaTNTBaY
oWlxJ+RcMBNM1zc7ss/u6R02OCMfCOWUtX+tmMevpUNEUDZrqcVlxxcewqtKWU3j
NXyUMclyTGdub4lGOnoahknP7DuK0CUgXjgTtmHiG0DjQVK2fxAmw294BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZFqV0kT+r4UhNGmOiEektZmz3SMB8GA1UdIwQY
MBaAFJp4/U1BpJOEvfbn3D67xQC/ZtnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5qOVRVR2trNFM5OXVmY1BydkZBTDltMmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS81Y2I5OGMtZWUwOC00Yjk5LThiNGQt
YzZmNDEwNjBjNWQ3LzEvMWtXcFhTUlA2dmhTRTBhWTZJUjZTMW1iUGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS81Y2I5OGMtZWUwOC00Yjk5LThiNGQtYzZmNDEwNjBjNWQ3
LzEvbW5qOVRVR2trNFM5OXVmY1BydkZBTDltMmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQhUMA0G
CSqGSIb3DQEBCwUAA4IBAQBZoNBY/2IDWbdBPh7jmmvH5OH4kR8Bjm+C190dfkke
itfGg8SBnDdnwZ3rqxhn4W7xr45evolAqDfEwzNr85i/CJ+zfRK8OtOp2DRNHyi1
2MRD7RRgPoXjvm2gPIGvphTESjO72omdv3ubOixMgfc5xYKGxQfaz46GAPllk2Ra
AFGv1GpR52A36L1cHVCoBfD4VF7DSKs6pFQ0rYWPscVbX96n8kwL0Ah8z/Yaq8F6
BqVKIYDrFHAHR9n716aNcCY+tW+cok2wtGHOhsSr9hJIHVjFc5A+fgVpf0LGeSqz
dVze4Z5ebFdxTwbT0VaIeOXbsH+3wyRWWAjkHnrfz9Is
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:46 2024 by rpki-client on console-ams.rpki-client.org