Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/1g4I-fEU9lzCgVuwW2N1iNav5Ko.roa
File: 1g4I-fEU9lzCgVuwW2N1iNav5Ko.roa (raw, json)
Hash identifier: XpbQ4UbowZsteNonDqTnLMOKj9tdvBRGrVlxzDv/WVI=
Subject key identifier: D6:0E:08:F9:F1:14:F6:5C:C2:81:5B:B0:5B:63:75:88:D6:AF:E4:AA
Certificate issuer: /CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Certificate serial: 0185728366553E674289B82865CB9BB1DBA8
Authority key identifier: 0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/1g4I-fEU9lzCgVuwW2N1iNav5Ko.roa
Signing time: Mon 02 Jan 2023 12:44:52 +0000
ROA not before: Mon 02 Jan 2023 12:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213078
IP address blocks: 45.87.208.0/22 maxlen: 22
2a06:bc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:66:55:3e:67:42:89:b8:28:65:cb:9b:b1:db:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c477abf0a27ede886fbc42413d7a89c226b11fa
Validity
Not Before: Jan 2 12:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d60e08f9f114f65cc2815bb05b637588d6afe4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2b:5a:86:ae:b7:4a:5c:61:21:70:0b:e1:97:
87:8f:b2:cc:df:cc:ee:45:30:d9:6b:a1:46:19:e6:
14:8f:36:aa:c8:1c:13:d0:4d:54:f4:01:ba:f8:c3:
4f:f6:f2:68:bb:bc:18:33:5e:06:11:a2:b0:90:ed:
a5:3f:af:2a:50:d4:f7:d1:ff:9c:c2:f0:8a:2e:75:
79:65:a3:2f:ec:8b:f4:3b:ef:72:2d:70:21:53:ca:
b9:24:41:a4:a2:6e:d5:93:56:a2:2d:81:7b:cb:9d:
da:b0:a0:8b:12:f8:a5:13:a1:c4:96:58:3a:dd:de:
08:60:af:6e:e0:4d:ec:68:35:11:39:a9:20:f4:f5:
52:fe:07:b5:e8:c9:04:39:f5:2b:91:e5:9a:22:d1:
b0:26:03:c2:b7:fe:dd:0a:3e:f6:ba:36:44:11:3f:
a7:58:e3:dd:79:d3:b7:45:e7:d3:dd:dd:c3:27:83:
e4:65:19:8a:aa:8b:ff:ea:2c:41:a7:03:06:63:df:
1a:96:01:4e:d9:72:69:d7:71:76:d3:9b:aa:20:78:
15:0b:e0:db:93:17:ed:d1:53:2a:b8:44:71:d4:c4:
ea:f9:ec:f8:fb:da:ed:be:70:30:9e:f9:0f:17:68:
2e:31:58:b7:c6:73:9b:d0:2a:0d:1b:a2:be:cc:88:
a3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0E:08:F9:F1:14:F6:5C:C2:81:5B:B0:5B:63:75:88:D6:AF:E4:AA
X509v3 Authority Key Identifier:
keyid:0C:47:7A:BF:0A:27:ED:E8:86:FB:C4:24:13:D7:A8:9C:22:6B:11:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEd6vwon7eiG-8QkE9eonCJrEfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/1g4I-fEU9lzCgVuwW2N1iNav5Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/556d3d-0422-4612-a217-18f4f66a50a0/1/DEd6vwon7eiG-8QkE9eonCJrEfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.208.0/22
IPv6:
2a06:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
27:0d:be:cb:7f:f5:e4:bb:ce:28:9a:dc:cc:e3:94:96:89:7e:
44:c6:0e:11:16:ba:88:4f:87:9e:55:dd:42:9b:3a:99:a5:a2:
2e:84:ae:47:74:de:1d:1a:95:f5:f8:a2:fd:38:ea:d7:4c:fb:
92:28:ea:43:25:27:8d:e4:2e:a3:6d:a6:bc:97:ce:1d:ea:1e:
32:a4:d1:13:7d:ff:bc:4b:6b:74:6c:b0:94:5e:2e:fb:b3:68:
99:76:11:fa:74:38:20:37:87:e3:b8:b4:ca:1f:4a:8a:c7:40:
54:f3:f9:a4:cb:db:c3:f8:56:4c:8a:a9:b6:48:78:79:29:64:
74:28:28:c6:1e:f1:b9:50:4f:a7:41:a0:44:c7:5b:c0:e8:22:
f5:65:91:7b:91:32:d2:f0:f4:79:76:be:dd:14:aa:83:39:e6:
7a:45:8a:ba:00:5c:da:f3:19:0c:69:38:fb:2d:86:48:bb:b5:
9a:a2:1e:bb:4b:81:bd:eb:9c:ec:1d:f0:ff:37:24:02:70:31:
32:c7:c1:62:8d:3e:48:73:00:c2:a9:5c:9b:5e:c4:39:b8:17:
6b:5f:6b:7d:3c:24:c8:c2:fa:48:7b:f9:0f:ce:9c:32:03:de:
27:29:d4:c9:11:e0:22:28:a2:ed:1f:4f:ad:da:40:30:62:6a:
6d:38:38:08
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyg2ZVPmdCibgoZcubsduoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDc3YWJmMGEyN2VkZTg4NmZiYzQyNDEzZDdhODljMjI2
YjExZmEwHhcNMjMwMTAyMTI0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjBlMDhmOWYxMTRmNjVjYzI4MTViYjA1YjYzNzU4OGQ2YWZlNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiStahq63SlxhIXAL4ZeHj7LM38zu
RTDZa6FGGeYUjzaqyBwT0E1U9AG6+MNP9vJou7wYM14GEaKwkO2lP68qUNT30f+c
wvCKLnV5ZaMv7Iv0O+9yLXAhU8q5JEGkom7Vk1aiLYF7y53asKCLEvilE6HEllg6
3d4IYK9u4E3saDUROakg9PVS/ge16MkEOfUrkeWaItGwJgPCt/7dCj72ujZEET+n
WOPdedO3RefT3d3DJ4PkZRmKqov/6ixBpwMGY98algFO2XJp13F205uqIHgVC+Db
kxft0VMquERx1MTq+ez4+9rtvnAwnvkPF2guMVi3xnOb0CoNG6K+zIijLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNYOCPnxFPZcwoFbsFtjdYjWr+SqMB8GA1UdIwQY
MBaAFAxHer8KJ+3ohvvEJBPXqJwiaxH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTct
MThmNGY2NmE1MGEwLzEvMWc0SS1mRVU5bHpDZ1Z1d1cyTjFpTmF2NUtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81NTZkM2QtMDQyMi00NjEyLWEyMTctMThmNGY2NmE1MGEw
LzEvREVkNnZ3b243ZWlHLThRa0U5ZW9uQ0pyRWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVfQMA0E
AgACMAcDBQMqBgvAMA0GCSqGSIb3DQEBCwUAA4IBAQAnDb7Lf/Xku84omtzM45SW
iX5Exg4RFrqIT4eeVd1CmzqZpaIuhK5HdN4dGpX1+KL9OOrXTPuSKOpDJSeN5C6j
baa8l84d6h4ypNETff+8S2t0bLCUXi77s2iZdhH6dDggN4fjuLTKH0qKx0BU8/mk
y9vD+FZMiqm2SHh5KWR0KCjGHvG5UE+nQaBEx1vA6CL1ZZF7kTLS8PR5dr7dFKqD
OeZ6RYq6AFza8xkMaTj7LYZIu7Waoh67S4G965zsHfD/NyQCcDEyx8FijT5IcwDC
qVybXsQ5uBdrX2t9PCTIwvpIe/kPzpwyA94nKdTJEeAiKKLtH0+t2kAwYmptODgI
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:17 2024 by rpki-client on console-fra.rpki-client.org