Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/baE8TZXihJQkvAsLHa2s9x9ddfA.roa
File: baE8TZXihJQkvAsLHa2s9x9ddfA.roa (raw, json)
Hash identifier: hy1qX6PB4fXUC3JGtBNAwsOhzVXpO60YZjRqWa4+ufE=
Subject key identifier: 6D:A1:3C:4D:95:E2:84:94:24:BC:0B:0B:1D:AD:AC:F7:1F:5D:75:F0
Certificate issuer: /CN=111014ce8ad38d15350096d549ee1c5805d09dc8
Certificate serial: 0185708CB0A6C668C65EE4043DDCA4BC3070
Authority key identifier: 11:10:14:CE:8A:D3:8D:15:35:00:96:D5:49:EE:1C:58:05:D0:9D:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ERAUzorTjRU1AJbVSe4cWAXQncg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/baE8TZXihJQkvAsLHa2s9x9ddfA.roa
Signing time: Mon 02 Jan 2023 03:35:46 +0000
ROA not before: Mon 02 Jan 2023 03:35:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43648
IP address blocks: 45.132.220.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b0:a6:c6:68:c6:5e:e4:04:3d:dc:a4:bc:30:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111014ce8ad38d15350096d549ee1c5805d09dc8
Validity
Not Before: Jan 2 03:35:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da13c4d95e2849424bc0b0b1dadacf71f5d75f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:62:db:c2:c9:21:24:c4:09:6d:72:1b:f9:e9:
64:0d:00:b7:70:87:76:bb:24:1d:31:61:63:81:01:
22:02:10:46:67:24:4a:5d:66:da:c5:1f:c6:67:df:
1d:cf:4e:0e:7c:e7:7f:5c:fe:e8:02:a6:9f:02:24:
39:66:b0:19:13:12:77:f8:7c:b8:b5:12:58:46:91:
fc:72:61:84:a9:8c:d8:18:92:28:3f:39:e3:17:37:
71:63:b7:d6:13:70:f2:7d:d9:dd:43:67:c3:33:1a:
17:d0:42:92:86:09:a8:23:f9:02:31:85:78:f6:e2:
84:6f:63:8b:3f:cc:31:bd:ff:c9:5c:5a:72:94:95:
42:74:41:2b:5f:3f:5f:47:51:dc:5c:ec:1e:8c:2d:
8d:7c:de:14:1d:60:06:5c:3f:9e:81:f1:6a:98:dc:
00:39:fa:7d:69:c8:c8:2e:52:ec:c4:9a:8c:cc:21:
e7:70:1e:58:87:fe:45:f5:77:e2:22:90:39:d2:8b:
cf:65:e8:22:18:c8:5a:6f:51:ba:ac:e6:da:a2:36:
3f:77:07:f9:b8:50:b3:1d:ba:17:46:cf:82:d9:04:
23:be:0c:66:9c:26:d9:aa:04:54:5d:66:e9:30:ea:
5e:5e:b8:62:49:35:e2:6b:b0:84:c7:7c:16:84:15:
f8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A1:3C:4D:95:E2:84:94:24:BC:0B:0B:1D:AD:AC:F7:1F:5D:75:F0
X509v3 Authority Key Identifier:
keyid:11:10:14:CE:8A:D3:8D:15:35:00:96:D5:49:EE:1C:58:05:D0:9D:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ERAUzorTjRU1AJbVSe4cWAXQncg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/baE8TZXihJQkvAsLHa2s9x9ddfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d6c752-aa4b-4fa7-ab1f-91a394684644/1/ERAUzorTjRU1AJbVSe4cWAXQncg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.220.0/22
Signature Algorithm: sha256WithRSAEncryption
66:65:74:18:72:09:86:85:6b:30:9b:3d:78:73:ef:ec:45:56:
5f:69:84:49:a2:60:e9:e5:c9:25:79:4a:af:b4:df:e0:22:4c:
94:ea:fa:0e:46:02:aa:84:bb:c4:81:b9:b6:67:30:1d:fc:ea:
89:53:fb:01:6d:92:ea:17:3e:ee:27:4b:16:91:2e:aa:34:53:
46:80:9b:46:79:a5:f0:3b:fc:26:2b:a9:46:d3:d1:46:86:4f:
6a:db:48:27:36:1b:f2:40:73:78:82:29:f8:63:84:c6:d3:12:
34:e5:c2:e6:08:80:24:ec:84:fe:64:2b:36:90:45:91:f7:57:
fe:66:95:7b:17:da:ba:d1:2e:33:ef:20:1b:68:63:fa:d7:da:
0c:fb:75:6f:01:6d:42:3c:b5:a4:af:81:d3:3e:65:ce:f2:2a:
ef:fb:80:d5:1c:0f:e0:64:03:16:09:71:9a:1e:48:69:b3:5b:
d8:44:fc:cd:ac:83:57:ff:ea:69:72:18:7d:73:0c:a0:60:5d:
20:ec:1c:24:18:fd:23:0d:26:3a:8a:41:bc:5c:4a:e5:b7:37:
b1:05:ce:05:48:4d:d4:f1:c5:65:35:0a:ed:e7:d4:ad:2e:99:
26:55:d4:57:7c:39:dd:e7:42:72:60:7f:4c:eb:96:8f:bc:57:
47:ed:39:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjLCmxmjGXuQEPdykvDBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMTAxNGNlOGFkMzhkMTUzNTAwOTZkNTQ5ZWUxYzU4MDVk
MDlkYzgwHhcNMjMwMTAyMDMzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGExM2M0ZDk1ZTI4NDk0MjRiYzBiMGIxZGFkYWNmNzFmNWQ3NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWLbwskhJMQJbXIb+elkDQC3cId2
uyQdMWFjgQEiAhBGZyRKXWbaxR/GZ98dz04OfOd/XP7oAqafAiQ5ZrAZExJ3+Hy4
tRJYRpH8cmGEqYzYGJIoPznjFzdxY7fWE3DyfdndQ2fDMxoX0EKShgmoI/kCMYV4
9uKEb2OLP8wxvf/JXFpylJVCdEErXz9fR1HcXOwejC2NfN4UHWAGXD+egfFqmNwA
Ofp9acjILlLsxJqMzCHncB5Yh/5F9XfiIpA50ovPZegiGMhab1G6rObaojY/dwf5
uFCzHboXRs+C2QQjvgxmnCbZqgRUXWbpMOpeXrhiSTXia7CEx3wWhBX4QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2hPE2V4oSUJLwLCx2trPcfXXXwMB8GA1UdIwQY
MBaAFBEQFM6K040VNQCW1UnuHFgF0J3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVJBVXpvclRqUlUxQUpiVlNlNGNXQVhRbmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kNmM3NTItYWE0Yi00ZmE3LWFiMWYt
OTFhMzk0Njg0NjQ0LzEvYmFFOFRaWGloSlFrdkFzTEhhMnM5eDlkZGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9kNmM3NTItYWE0Yi00ZmE3LWFiMWYtOTFhMzk0Njg0NjQ0
LzEvRVJBVXpvclRqUlUxQUpiVlNlNGNXQVhRbmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYTcMA0G
CSqGSIb3DQEBCwUAA4IBAQBmZXQYcgmGhWswmz14c+/sRVZfaYRJomDp5ckleUqv
tN/gIkyU6voORgKqhLvEgbm2ZzAd/OqJU/sBbZLqFz7uJ0sWkS6qNFNGgJtGeaXw
O/wmK6lG09FGhk9q20gnNhvyQHN4gin4Y4TG0xI05cLmCIAk7IT+ZCs2kEWR91f+
ZpV7F9q60S4z7yAbaGP619oM+3VvAW1CPLWkr4HTPmXO8irv+4DVHA/gZAMWCXGa
Hkhps1vYRPzNrINX/+ppchh9cwygYF0g7BwkGP0jDSY6ikG8XErltzexBc4FSE3U
8cVlNQrt59StLpkmVdRXfDnd50JyYH9M65aPvFdH7Tk/
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:03:02 2024 by rpki-client on console-ams.rpki-client.org