Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/Iyu7cas9Okg1nEPkpNM5dXlf-yQ.roa
File: Iyu7cas9Okg1nEPkpNM5dXlf-yQ.roa (raw, json)
Hash identifier: n7lCoCnzp/pGx6kvlHA4n/Utws+9UQ8zVMJ/j4sJ+cE=
Subject key identifier: 23:2B:BB:71:AB:3D:3A:48:35:9C:43:E4:A4:D3:39:75:79:5F:FB:24
Certificate issuer: /CN=4caf11150ce5fe9f70f36c9806747bb682b1ca21
Certificate serial: 01857139AD011B38E027DE98866D3D82AB12
Authority key identifier: 4C:AF:11:15:0C:E5:FE:9F:70:F3:6C:98:06:74:7B:B6:82:B1:CA:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TK8RFQzl_p9w82yYBnR7toKxyiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/Iyu7cas9Okg1nEPkpNM5dXlf-yQ.roa
Signing time: Mon 02 Jan 2023 06:44:42 +0000
ROA not before: Mon 02 Jan 2023 06:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35453
IP address blocks: 45.67.64.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ad:01:1b:38:e0:27:de:98:86:6d:3d:82:ab:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4caf11150ce5fe9f70f36c9806747bb682b1ca21
Validity
Not Before: Jan 2 06:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=232bbb71ab3d3a48359c43e4a4d33975795ffb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:36:8a:86:ac:6a:70:c6:1e:7f:41:0e:61:cb:
0b:f8:4f:6e:47:1f:77:59:e2:96:1d:c1:8d:84:35:
34:a4:bf:83:32:ee:d7:1c:0b:d2:b9:cf:02:41:c4:
03:5c:d3:bb:dd:96:50:3d:45:34:db:85:9c:ed:d0:
9b:43:d0:bd:be:7e:d5:29:75:e5:a8:f2:83:cd:d3:
b4:e3:da:12:d9:99:34:8d:b1:7a:77:9f:9b:2d:0e:
0e:de:3a:42:98:2d:c4:76:ea:a4:19:f9:a4:71:20:
f6:e1:e4:14:8a:d9:42:55:1f:c3:ed:28:91:4f:e3:
a2:5b:20:94:bd:9b:64:d7:ad:18:30:6d:bb:24:62:
18:68:64:43:24:3f:50:e4:9f:a8:ac:14:8d:3d:d1:
94:38:b0:db:6f:84:56:5d:e3:4b:8f:90:6c:15:8c:
09:48:8d:dc:0b:0f:82:a6:1d:7e:12:8f:72:59:3f:
ae:96:c4:bf:82:8e:21:9e:c6:bb:67:41:3b:9f:70:
a7:b1:14:fb:e0:c2:23:9d:12:90:6c:ca:08:29:5b:
83:cc:ed:fa:56:71:44:12:63:0d:9c:67:de:82:75:
08:10:f7:d1:df:73:0a:cd:85:c8:6e:8e:2b:7b:ea:
66:ba:f9:9c:33:95:40:3e:8b:05:ed:df:23:67:df:
e9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2B:BB:71:AB:3D:3A:48:35:9C:43:E4:A4:D3:39:75:79:5F:FB:24
X509v3 Authority Key Identifier:
keyid:4C:AF:11:15:0C:E5:FE:9F:70:F3:6C:98:06:74:7B:B6:82:B1:CA:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TK8RFQzl_p9w82yYBnR7toKxyiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/Iyu7cas9Okg1nEPkpNM5dXlf-yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f3695c-e340-4e2f-afeb-6b95d3c89c91/1/TK8RFQzl_p9w82yYBnR7toKxyiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.64.0/22
Signature Algorithm: sha256WithRSAEncryption
23:9a:69:6f:a7:6b:b5:cf:44:ca:5e:e4:1d:6e:12:8e:f2:fe:
3a:d7:35:85:f7:b8:3e:ac:6d:a5:3d:83:a1:bb:a6:5b:94:ea:
06:39:52:c9:ed:75:4c:81:1d:da:d9:fd:7a:0b:7c:05:18:7d:
0a:58:f4:a7:92:a7:21:09:23:31:ae:62:56:81:88:a5:a6:2a:
af:27:1c:66:0e:dc:a2:2a:60:07:a5:1c:c5:84:e7:07:e8:67:
f2:45:e0:b6:4b:b0:06:4b:59:8b:b5:45:95:f7:ca:e3:36:77:
eb:98:10:ec:01:37:41:73:8c:24:c8:a5:4a:d3:76:79:5c:bd:
f9:80:1b:6e:7d:71:c7:58:65:6d:ae:e6:ca:1c:fb:62:b7:f2:
7b:53:0d:cf:00:35:f1:83:77:b4:98:01:10:d1:78:18:14:62:
90:db:37:40:bb:6d:c4:23:33:26:45:2e:55:6a:d2:e7:eb:4f:
3d:7b:df:c7:eb:f0:d0:2c:29:cf:ac:e0:3c:b1:85:9d:28:af:
e3:d5:be:e4:0b:92:78:ca:a7:c0:70:e3:68:f8:5f:7f:15:3c:
5e:5f:6c:3f:a4:63:22:50:81:d9:7b:73:42:57:02:a0:be:8b:
7f:51:eb:65:b6:1d:ae:54:04:fc:9c:ad:9f:78:ef:5d:ad:1b:
2d:2b:f8:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOa0BGzjgJ96Yhm09gqsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYWYxMTE1MGNlNWZlOWY3MGYzNmM5ODA2NzQ3YmI2ODJi
MWNhMjEwHhcNMjMwMTAyMDY0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJiYmI3MWFiM2QzYTQ4MzU5YzQzZTRhNGQzMzk3NTc5NWZmYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTaKhqxqcMYef0EOYcsL+E9uRx93
WeKWHcGNhDU0pL+DMu7XHAvSuc8CQcQDXNO73ZZQPUU024Wc7dCbQ9C9vn7VKXXl
qPKDzdO049oS2Zk0jbF6d5+bLQ4O3jpCmC3EduqkGfmkcSD24eQUitlCVR/D7SiR
T+OiWyCUvZtk160YMG27JGIYaGRDJD9Q5J+orBSNPdGUOLDbb4RWXeNLj5BsFYwJ
SI3cCw+Cph1+Eo9yWT+ulsS/go4hnsa7Z0E7n3CnsRT74MIjnRKQbMoIKVuDzO36
VnFEEmMNnGfegnUIEPfR33MKzYXIbo4re+pmuvmcM5VAPosF7d8jZ9/pJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMru3GrPTpINZxD5KTTOXV5X/skMB8GA1UdIwQY
MBaAFEyvERUM5f6fcPNsmAZ0e7aCscohMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEs4UkZRemxfcDl3ODJ5WUJuUjd0b0t4eWlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMzY5NWMtZTM0MC00ZTJmLWFmZWIt
NmI5NWQzYzg5YzkxLzEvSXl1N2NhczlPa2cxbkVQa3BOTTVkWGxmLXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMzY5NWMtZTM0MC00ZTJmLWFmZWItNmI5NWQzYzg5Yzkx
LzEvVEs4UkZRemxfcDl3ODJ5WUJuUjd0b0t4eWlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUNAMA0G
CSqGSIb3DQEBCwUAA4IBAQAjmmlvp2u1z0TKXuQdbhKO8v461zWF97g+rG2lPYOh
u6ZblOoGOVLJ7XVMgR3a2f16C3wFGH0KWPSnkqchCSMxrmJWgYilpiqvJxxmDtyi
KmAHpRzFhOcH6GfyReC2S7AGS1mLtUWV98rjNnfrmBDsATdBc4wkyKVK03Z5XL35
gBtufXHHWGVtrubKHPtit/J7Uw3PADXxg3e0mAEQ0XgYFGKQ2zdAu23EIzMmRS5V
atLn6089e9/H6/DQLCnPrOA8sYWdKK/j1b7kC5J4yqfAcONo+F9/FTxeX2w/pGMi
UIHZe3NCVwKgvot/Uetlth2uVAT8nK2feO9drRstK/hY
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:49 2024 by rpki-client on console.sobornost.net