Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/2H0bJLJf_3lQBcFkX3cE_iPs6Rs.roa
File: 2H0bJLJf_3lQBcFkX3cE_iPs6Rs.roa (raw, json)
Hash identifier: WJb4rBuD7fadjl0g2ZyB6kLiX0IkLwCiNSuZRG4JAGM=
Subject key identifier: D8:7D:1B:24:B2:5F:FF:79:50:05:C1:64:5F:77:04:FE:23:EC:E9:1B
Certificate issuer: /CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Certificate serial: 018BBF3D72F4A28E11207EBB2BEB03F82254
Authority key identifier: 25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/2H0bJLJf_3lQBcFkX3cE_iPs6Rs.roa
Signing time: Sat 11 Nov 2023 16:35:57 +0000
ROA not before: Sat 11 Nov 2023 16:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49127
IP address blocks: 45.66.35.0/24 maxlen: 24
45.66.33.0/24 maxlen: 24
45.66.32.0/24 maxlen: 24
45.66.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Nov 2023 16:45:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bf:3d:72:f4:a2:8e:11:20:7e:bb:2b:eb:03:f8:22:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Validity
Not Before: Nov 11 16:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d87d1b24b25fff795005c1645f7704fe23ece91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5b:39:84:0a:f7:86:a7:9a:22:da:4d:c4:7b:
02:b9:83:17:a9:44:36:ed:fb:64:bd:5e:26:e6:63:
19:df:ca:c3:d4:75:29:48:61:5c:a7:7c:22:cc:4c:
3d:9e:5c:0a:dc:84:dd:53:68:97:1b:8c:31:5c:b1:
29:07:44:f6:39:13:0d:29:63:62:b1:dc:5d:f6:75:
79:d5:df:83:ae:6e:55:6c:8c:db:2a:4d:1a:3a:1f:
d6:11:33:cf:d1:99:1e:f7:ed:22:cf:63:83:af:62:
2a:47:66:45:e1:29:70:e2:42:96:01:d5:06:15:74:
87:55:88:65:cb:93:08:fb:74:d1:6a:1f:52:dc:fb:
e9:62:85:8b:c7:80:fa:86:5d:48:fa:e7:fe:3f:85:
7a:55:ec:45:b8:60:23:f4:76:bd:20:aa:8e:64:d8:
03:71:b6:42:28:86:14:58:c9:88:fa:6b:9c:36:e3:
2e:0d:bd:c9:af:82:9e:99:09:29:9a:88:c9:4b:00:
d5:bb:bc:3e:dd:62:eb:fa:4f:d6:41:27:39:f5:21:
3f:17:7e:25:63:3f:e1:2c:59:dd:99:d0:e7:7c:03:
8f:43:65:a5:59:78:1b:00:67:c7:df:a1:c6:af:1a:
9d:90:99:73:96:2a:98:a3:59:c1:33:b9:e9:02:4a:
a5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7D:1B:24:B2:5F:FF:79:50:05:C1:64:5F:77:04:FE:23:EC:E9:1B
X509v3 Authority Key Identifier:
keyid:25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/2H0bJLJf_3lQBcFkX3cE_iPs6Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.32.0/22
Signature Algorithm: sha256WithRSAEncryption
64:52:18:f3:13:23:ce:fe:b6:a6:63:83:73:a4:41:a9:93:b6:
74:c8:dd:c6:8f:05:d6:c6:c4:bb:46:eb:43:d9:37:a6:4c:e6:
52:b5:44:c7:10:4c:39:ae:cd:b0:8b:e6:4b:89:5b:9e:52:c2:
ea:83:3b:77:52:89:c1:db:db:78:b5:35:aa:2b:46:ad:bf:bd:
74:2b:27:08:09:5f:d1:4f:6e:e2:fa:d0:85:4e:63:05:49:5b:
58:9c:25:bc:40:50:95:3c:7a:db:a7:99:95:0b:53:45:a2:65:
9b:30:2d:e5:05:6e:70:1c:17:b2:27:6a:3f:99:35:e3:a0:ef:
1d:42:e4:1c:12:81:22:a9:e4:c4:23:67:05:a4:cb:af:dc:2f:
a8:31:5f:03:24:d0:31:eb:c0:4c:55:84:18:cf:c5:e6:97:ee:
dc:4b:06:3f:4c:2d:31:0a:de:ba:58:ef:39:ff:be:aa:aa:13:
c0:e3:38:d2:ee:94:96:1c:7c:9b:5f:aa:ef:25:49:d8:70:a9:
5e:83:d7:51:47:2e:98:97:5f:f3:98:38:f1:ab:7f:d2:aa:20:
1d:f3:b6:07:a4:4e:32:0b:de:b1:12:53:49:d1:c2:bd:7f:50:
d5:df:e3:f9:77:2d:e6:88:46:23:80:8f:17:29:17:ea:29:bf:
03:b9:0b:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu/PXL0oo4RIH67K+sD+CJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Y2Y5ZDhkNTUyY2RjN2Q4YzBkYzZmNjQ5YjMwMWYyMzUx
NDA5ZWUwHhcNMjMxMTExMTYzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdkMWIyNGIyNWZmZjc5NTAwNWMxNjQ1Zjc3MDRmZTIzZWNlOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Fs5hAr3hqeaItpNxHsCuYMXqUQ2
7ftkvV4m5mMZ38rD1HUpSGFcp3wizEw9nlwK3ITdU2iXG4wxXLEpB0T2ORMNKWNi
sdxd9nV51d+Drm5VbIzbKk0aOh/WETPP0Zke9+0iz2ODr2IqR2ZF4Slw4kKWAdUG
FXSHVYhly5MI+3TRah9S3PvpYoWLx4D6hl1I+uf+P4V6VexFuGAj9Ha9IKqOZNgD
cbZCKIYUWMmI+mucNuMuDb3Jr4KemQkpmojJSwDVu7w+3WLr+k/WQSc59SE/F34l
Yz/hLFndmdDnfAOPQ2WlWXgbAGfH36HGrxqdkJlzliqYo1nBM7npAkqlvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNh9GySyX/95UAXBZF93BP4j7OkbMB8GA1UdIwQY
MBaAFCXPnY1VLNx9jA3G9kmzAfI1FAnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQt
YTEwNjkwYTc0NGU0LzEvMkgwYkpMSmZfM2xRQmNGa1gzY0VfaVBzNlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQtYTEwNjkwYTc0NGU0
LzEvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUIgMA0G
CSqGSIb3DQEBCwUAA4IBAQBkUhjzEyPO/ramY4NzpEGpk7Z0yN3GjwXWxsS7RutD
2TemTOZStUTHEEw5rs2wi+ZLiVueUsLqgzt3UonB29t4tTWqK0atv710KycICV/R
T27i+tCFTmMFSVtYnCW8QFCVPHrbp5mVC1NFomWbMC3lBW5wHBeyJ2o/mTXjoO8d
QuQcEoEiqeTEI2cFpMuv3C+oMV8DJNAx68BMVYQYz8Xml+7cSwY/TC0xCt66WO85
/76qqhPA4zjS7pSWHHybX6rvJUnYcKleg9dRRy6Yl1/zmDjxq3/SqiAd87YHpE4y
C96xElNJ0cK9f1DV3+P5dy3miEYjgI8XKRfqKb8DuQuF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:54 2024 by rpki-client on console-ams.rpki-client.org