Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yQWeC8o6yv9X7BNRShLwprLn6kg.roa
File: yQWeC8o6yv9X7BNRShLwprLn6kg.roa (raw, json)
Hash identifier: jtNaoXOtF1sHMS5jqaipTFc8CE4Tkc+3Rmom3gqTfCc=
Subject key identifier: C9:05:9E:0B:CA:3A:CA:FF:57:EC:13:51:4A:12:F0:A6:B2:E7:EA:48
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E428EE6278D7E7465F7634BE7A6BCC937
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yQWeC8o6yv9X7BNRShLwprLn6kg.roa
Signing time: Fri 15 Mar 2024 14:40:45 +0000
ROA not before: Fri 15 Mar 2024 14:40:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 45.132.181.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 13:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:8e:e6:27:8d:7e:74:65:f7:63:4b:e7:a6:bc:c9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 15 14:40:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9059e0bca3acaff57ec13514a12f0a6b2e7ea48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:2e:a7:a0:67:c9:04:ba:e6:0b:22:25:9c:
58:98:e9:85:39:bb:b0:88:b8:ab:1f:65:9c:3d:6c:
e4:f6:c0:2d:f4:3f:c1:84:ff:61:73:a3:c4:f7:e9:
25:04:27:ae:4e:5d:95:1a:7f:99:d3:c7:da:98:4d:
a2:6e:8c:34:ef:0f:c5:66:6c:21:fe:c1:91:80:ef:
af:50:da:62:d2:be:87:37:10:c1:7c:4e:bc:1d:49:
9f:3a:87:29:16:2f:e5:01:7b:d2:0a:68:a7:ac:ea:
78:04:ae:81:99:f4:a5:9b:3f:36:48:62:e0:b7:96:
70:7c:9c:a6:c3:59:72:d2:4a:a6:70:78:eb:24:67:
c2:59:44:e2:a1:1b:36:18:51:f7:1f:1d:03:ce:b4:
a7:31:1f:1a:9c:35:d9:0e:20:fc:1a:6c:70:71:87:
e4:e6:d7:61:23:3a:55:53:f0:61:9a:05:16:b7:2b:
d7:f4:35:fb:ba:38:cb:54:db:99:0b:da:45:80:1e:
22:f3:af:7f:68:63:16:0e:bd:1d:90:f7:a6:3a:a0:
31:5a:6b:a7:33:cd:17:da:b0:85:8e:3b:e9:10:16:
0a:60:60:64:3b:ff:42:c4:aa:7a:a6:f8:90:8f:b0:
63:c4:a8:1c:26:b7:7e:1a:ce:8b:49:7b:2e:00:86:
95:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:05:9E:0B:CA:3A:CA:FF:57:EC:13:51:4A:12:F0:A6:B2:E7:EA:48
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/yQWeC8o6yv9X7BNRShLwprLn6kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.181.0/24
45.151.3.0/24
Signature Algorithm: sha256WithRSAEncryption
33:e4:5e:ad:82:50:18:72:14:6b:96:ba:1f:81:d2:9f:9b:91:
71:e6:b5:06:14:a0:4e:3e:6c:e7:78:ca:c0:a0:38:ba:40:45:
b2:bc:55:df:3c:da:49:c6:02:ee:b0:78:ac:78:7a:14:e8:25:
d4:aa:59:0d:be:d1:61:d2:9a:e7:ca:c8:5c:78:eb:ff:ec:47:
6b:01:93:33:a0:c2:44:66:23:cb:49:91:34:60:7b:8e:16:9d:
b2:94:7d:81:dd:6d:ab:4c:a1:12:91:44:08:2f:84:37:c9:5e:
cd:f7:49:d6:2a:bd:10:a5:e4:ec:61:2c:c6:1c:0f:63:e8:12:
79:1a:1c:f2:0d:eb:fa:88:d2:db:9a:4e:00:68:03:34:fa:be:
14:d6:8a:55:9b:3e:0d:53:bb:8c:f7:7f:1b:76:8c:60:d1:d9:
1c:41:6d:08:cd:50:6c:f1:a6:4c:e9:96:52:f8:86:b4:de:f8:
64:16:ea:6f:21:25:ff:0a:bb:8c:33:af:7c:12:ae:4e:04:61:
a0:30:54:fa:67:b4:a5:e0:8f:d6:df:33:0f:84:1a:b4:7d:56:
55:7e:a4:d1:e3:25:37:e1:34:8c:2a:e2:9a:b4:37:d0:ac:3f:
42:01:7a:85:34:39:7d:16:19:9b:8f:cc:aa:78:aa:2a:35:66:
4d:6a:38:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5CjuYnjX50ZfdjS+emvMk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzE1MTQ0MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA1OWUwYmNhM2FjYWZmNTdlYzEzNTE0YTEyZjBhNmIyZTdlYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAsup6BnyQS65gsiJZxYmOmFObuw
iLirH2WcPWzk9sAt9D/BhP9hc6PE9+klBCeuTl2VGn+Z08famE2ibow07w/FZmwh
/sGRgO+vUNpi0r6HNxDBfE68HUmfOocpFi/lAXvSCminrOp4BK6BmfSlmz82SGLg
t5ZwfJymw1ly0kqmcHjrJGfCWUTioRs2GFH3Hx0DzrSnMR8anDXZDiD8GmxwcYfk
5tdhIzpVU/BhmgUWtyvX9DX7ujjLVNuZC9pFgB4i869/aGMWDr0dkPemOqAxWmun
M80X2rCFjjvpEBYKYGBkO/9CxKp6pviQj7BjxKgcJrd+Gs6LSXsuAIaVWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMkFngvKOsr/V+wTUUoS8Kay5+pIMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveVFXZUM4bzZ5djlYN0JOUlNoTHdwckxuNmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYS1AwQA
LZcDMA0GCSqGSIb3DQEBCwUAA4IBAQAz5F6tglAYchRrlrofgdKfm5Fx5rUGFKBO
PmzneMrAoDi6QEWyvFXfPNpJxgLusHiseHoU6CXUqlkNvtFh0prnyshceOv/7Edr
AZMzoMJEZiPLSZE0YHuOFp2ylH2B3W2rTKESkUQIL4Q3yV7N90nWKr0QpeTsYSzG
HA9j6BJ5GhzyDev6iNLbmk4AaAM0+r4U1opVmz4NU7uM938bdoxg0dkcQW0IzVBs
8aZM6ZZS+Ia03vhkFupvISX/CruMM698Eq5OBGGgMFT6Z7Sl4I/W3zMPhBq0fVZV
fqTR4yU34TSMKuKatDfQrD9CAXqFNDl9Fhmbj8yqeKoqNWZNajgY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org