Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/2xzQQF_de27uGBp6TD7GUhHuQE8.roa
File: 2xzQQF_de27uGBp6TD7GUhHuQE8.roa (raw, json)
Hash identifier: X64cPZHYe9h1k1L1eVIPB7cFQlp2l2JQFKZVmbbXo54=
Subject key identifier: DB:1C:D0:40:5F:DD:7B:6E:EE:18:1A:7A:4C:3E:C6:52:11:EE:40:4F
Certificate issuer: /CN=b68a994e42e60da4f4a5475b15f5e27516c7cf14
Certificate serial: 01856F4B47AB6BEBFAF646F09845D67AF3F8
Authority key identifier: B6:8A:99:4E:42:E6:0D:A4:F4:A5:47:5B:15:F5:E2:75:16:C7:CF:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toqZTkLmDaT0pUdbFfXidRbHzxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/2xzQQF_de27uGBp6TD7GUhHuQE8.roa
Signing time: Sun 01 Jan 2023 21:44:42 +0000
ROA not before: Sun 01 Jan 2023 21:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46616
IP address blocks: 45.149.121.0/24 maxlen: 24
45.149.120.0/22 maxlen: 22
45.149.120.0/24 maxlen: 24
45.149.123.0/24 maxlen: 24
45.149.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:47:ab:6b:eb:fa:f6:46:f0:98:45:d6:7a:f3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b68a994e42e60da4f4a5475b15f5e27516c7cf14
Validity
Not Before: Jan 1 21:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db1cd0405fdd7b6eee181a7a4c3ec65211ee404f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:db:7f:88:1b:bb:83:d6:bb:1a:c2:ea:7c:39:
a0:78:86:32:1b:0c:14:db:9b:d8:31:0c:42:e5:66:
80:00:94:3b:01:c3:23:2c:e7:2b:6c:62:0c:9c:fc:
d0:19:21:a4:c9:25:64:c8:da:1d:09:86:c1:45:3e:
28:f7:56:6e:c1:7e:e3:71:88:cf:9a:71:6c:c6:69:
0b:f4:18:a9:83:ba:db:eb:ed:06:92:6b:c9:66:b9:
fa:91:72:ad:bc:81:df:67:60:e4:da:e1:55:0c:ca:
93:a5:b0:86:9f:2e:bd:8d:10:d0:d6:d9:dc:6c:89:
3c:6b:63:86:a7:a4:e0:03:15:01:c7:70:5d:68:89:
d6:2c:e0:6e:8d:c4:c8:ec:f7:be:40:86:54:30:0d:
4d:8d:f9:83:44:c3:be:b7:3e:e2:6c:a1:28:81:e8:
54:2a:b6:e8:f4:88:61:8c:41:d0:fe:fc:e9:52:6a:
3d:96:fb:c4:ac:40:4e:c3:53:0e:97:07:a6:fa:26:
21:88:9d:f7:4a:58:8c:04:e4:3b:9d:16:6b:05:21:
aa:8b:10:31:7a:1b:04:56:1f:91:59:3b:3a:84:1c:
5a:18:8f:5e:66:84:27:27:af:24:47:b4:1e:f8:c1:
9e:77:cf:0c:7a:c6:61:c8:1f:ab:15:4f:cc:66:67:
5f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1C:D0:40:5F:DD:7B:6E:EE:18:1A:7A:4C:3E:C6:52:11:EE:40:4F
X509v3 Authority Key Identifier:
keyid:B6:8A:99:4E:42:E6:0D:A4:F4:A5:47:5B:15:F5:E2:75:16:C7:CF:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toqZTkLmDaT0pUdbFfXidRbHzxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/2xzQQF_de27uGBp6TD7GUhHuQE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f3804d-e8ad-4d08-990e-bd3bebcddeb3/1/toqZTkLmDaT0pUdbFfXidRbHzxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.120.0/22
Signature Algorithm: sha256WithRSAEncryption
87:0f:59:2d:bf:79:4c:a6:64:02:87:61:9f:5c:07:ad:c8:ba:
2e:9e:c2:8c:0b:d4:01:e5:29:87:70:06:ee:3d:59:a5:45:15:
79:8f:28:69:ad:16:de:5d:f2:ec:a6:06:7a:30:ff:e7:fd:37:
e8:42:1f:1e:7d:78:b9:41:48:e5:4c:a3:6e:34:13:3b:3d:bf:
d5:4e:57:eb:44:2a:24:a1:ed:16:93:69:6e:fa:7b:3c:8c:00:
4e:75:e8:7b:65:ee:d7:43:eb:c7:37:2b:7a:a1:8d:a6:41:ad:
95:20:33:ad:ef:d6:f3:a7:3e:fa:cc:1e:89:82:24:c9:65:a3:
2d:3d:d1:08:c2:ab:1c:54:88:83:ac:b7:f6:32:86:40:8b:5e:
7d:91:02:6e:74:5e:28:32:2b:66:0d:dd:4a:38:0c:cf:c5:5c:
a4:88:96:99:bd:5c:62:0d:ff:e3:d6:b4:27:c7:98:95:1a:93:
b2:07:d1:33:6c:42:63:83:b3:74:c0:95:c6:cb:81:9a:a3:ae:
41:3b:3a:90:78:24:2a:28:84:3f:5d:67:54:32:b0:82:57:89:
a6:2a:30:45:17:de:64:bb:51:66:e3:5b:55:ff:09:93:c6:2c:
7a:92:b7:da:c2:bb:0e:69:4a:b5:95:c1:8a:a0:5c:4d:0e:73:
ca:b6:6c:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS0era+v69kbwmEXWevP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OGE5OTRlNDJlNjBkYTRmNGE1NDc1YjE1ZjVlMjc1MTZj
N2NmMTQwHhcNMjMwMTAxMjE0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFjZDA0MDVmZGQ3YjZlZWUxODFhN2E0YzNlYzY1MjExZWU0MDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdt/iBu7g9a7GsLqfDmgeIYyGwwU
25vYMQxC5WaAAJQ7AcMjLOcrbGIMnPzQGSGkySVkyNodCYbBRT4o91ZuwX7jcYjP
mnFsxmkL9Bipg7rb6+0GkmvJZrn6kXKtvIHfZ2Dk2uFVDMqTpbCGny69jRDQ1tnc
bIk8a2OGp6TgAxUBx3BdaInWLOBujcTI7Pe+QIZUMA1NjfmDRMO+tz7ibKEogehU
Krbo9IhhjEHQ/vzpUmo9lvvErEBOw1MOlwem+iYhiJ33SliMBOQ7nRZrBSGqixAx
ehsEVh+RWTs6hBxaGI9eZoQnJ68kR7Qe+MGed88MesZhyB+rFU/MZmdf7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsc0EBf3Xtu7hgaekw+xlIR7kBPMB8GA1UdIwQY
MBaAFLaKmU5C5g2k9KVHWxX14nUWx88UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9xWlRrTG1EYVQwcFVkYkZmWGlkUmJIenhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mMzgwNGQtZThhZC00ZDA4LTk5MGUt
YmQzYmViY2RkZWIzLzEvMnh6UVFGX2RlMjd1R0JwNlREN0dVaEh1UUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mMzgwNGQtZThhZC00ZDA4LTk5MGUtYmQzYmViY2RkZWIz
LzEvdG9xWlRrTG1EYVQwcFVkYkZmWGlkUmJIenhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZV4MA0G
CSqGSIb3DQEBCwUAA4IBAQCHD1ktv3lMpmQCh2GfXAetyLounsKMC9QB5SmHcAbu
PVmlRRV5jyhprRbeXfLspgZ6MP/n/TfoQh8efXi5QUjlTKNuNBM7Pb/VTlfrRCok
oe0Wk2lu+ns8jABOdeh7Ze7XQ+vHNyt6oY2mQa2VIDOt79bzpz76zB6JgiTJZaMt
PdEIwqscVIiDrLf2MoZAi159kQJudF4oMitmDd1KOAzPxVykiJaZvVxiDf/j1rQn
x5iVGpOyB9EzbEJjg7N0wJXGy4Gao65BOzqQeCQqKIQ/XWdUMrCCV4mmKjBFF95k
u1Fm41tV/wmTxix6krfawrsOaUq1lcGKoFxNDnPKtmzu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:53 2024 by rpki-client on console-ams.rpki-client.org