Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/A96W5b1onHj-Vqv8K_Ohgs8S_6g.roa
File: A96W5b1onHj-Vqv8K_Ohgs8S_6g.roa (raw, json)
Hash identifier: 5CESODDogDbVH1pvBDm6USKTLRMPQMMqYxmKSLwjE/w=
Subject key identifier: 03:DE:96:E5:BD:68:9C:78:FE:56:AB:FC:2B:F3:A1:82:CF:12:FF:A8
Certificate issuer: /CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Certificate serial: 018BBFF6630013476B5EC61EE89D83B6CD9B
Authority key identifier: 25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/A96W5b1onHj-Vqv8K_Ohgs8S_6g.roa
Signing time: Sat 11 Nov 2023 19:57:57 +0000
ROA not before: Sat 11 Nov 2023 19:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61125
IP address blocks: 45.66.35.0/24 maxlen: 24
45.66.34.0/24 maxlen: 24
2a09:61c4::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 09 Dec 2023 16:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bf:f6:63:00:13:47:6b:5e:c6:1e:e8:9d:83:b6:cd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Validity
Not Before: Nov 11 19:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03de96e5bd689c78fe56abfc2bf3a182cf12ffa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cb:3a:ab:06:58:f3:9d:14:db:d5:4b:03:8d:
14:24:01:90:3f:8c:b3:ed:e9:ce:cf:0f:4b:17:6b:
de:3f:36:a6:3f:87:8b:29:27:a4:11:f1:0b:92:5c:
1c:99:97:a5:a0:9d:12:97:51:5d:42:1e:da:81:78:
87:05:46:a2:7c:00:1a:f9:19:46:b5:29:3d:4e:77:
a4:43:93:dc:2e:24:1b:53:ca:14:fb:db:45:cf:e2:
c9:dc:06:95:7f:1d:d4:9a:85:55:c2:12:87:47:8b:
a1:bf:c5:6f:cf:31:ad:f7:8f:c0:4b:0d:76:d4:be:
75:17:e4:0f:26:af:be:1b:e7:30:f0:fc:6a:b9:4f:
fe:fb:3b:fa:8a:63:94:b5:72:e0:74:7a:72:37:84:
bf:c5:bf:08:01:88:6c:65:19:78:1c:9a:53:cf:9f:
62:aa:29:2d:c4:05:51:d9:6d:e7:44:35:4d:f0:1a:
07:9e:a2:fe:a1:87:f3:d5:4c:19:ce:0e:88:98:0a:
12:3c:7f:34:c7:01:d6:63:f2:d0:73:d0:5f:8c:20:
b8:3d:74:13:f6:76:eb:49:65:dd:af:65:8f:44:1c:
f8:e0:ff:7b:66:9f:66:ab:a1:72:4e:b5:5f:0e:34:
1d:5d:ef:3c:c9:3e:a4:0c:11:7c:45:af:27:9a:cd:
35:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DE:96:E5:BD:68:9C:78:FE:56:AB:FC:2B:F3:A1:82:CF:12:FF:A8
X509v3 Authority Key Identifier:
keyid:25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/A96W5b1onHj-Vqv8K_Ohgs8S_6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.34.0/23
IPv6:
2a09:61c4::/30
Signature Algorithm: sha256WithRSAEncryption
0a:99:0b:3a:e5:bc:98:87:49:82:1e:9f:4d:ba:60:3d:0f:92:
05:34:05:a5:d5:e3:3a:57:d6:3b:6c:b5:af:ef:e7:85:f6:1a:
31:0e:9a:e7:8d:bb:ee:a2:e9:5a:b5:3e:bb:85:77:63:ed:5e:
65:b5:37:30:c6:9d:c8:e7:ac:1d:77:f9:e8:41:08:f2:f8:6c:
80:29:2e:65:80:a3:24:19:3f:b7:e4:83:80:68:80:77:36:20:
bf:5f:5b:d9:5c:48:6a:fe:83:85:62:73:3d:ea:4d:8f:c3:ea:
c4:df:3e:be:e4:23:42:30:eb:d0:ca:80:74:70:6c:20:76:2b:
ad:2a:7a:95:5e:9a:98:a7:2e:57:aa:95:bd:f6:a9:ba:b7:57:
cd:39:17:cf:35:83:5a:2b:8c:7e:95:86:75:e6:cf:a9:fc:8d:
08:71:7e:64:1b:0f:12:e5:32:c9:46:9c:f0:f8:0e:fb:09:22:
d6:27:43:9e:f5:1f:2a:85:b3:88:b5:d8:7e:f2:07:7d:9f:55:
d2:7d:d6:ca:5d:e9:45:f3:3f:c7:d7:a1:62:e0:a0:b7:66:9e:
af:7e:7e:13:c3:e8:b1:44:61:32:24:6f:2a:6e:05:56:dd:fc:
b5:a7:17:dd:b2:14:10:b9:d3:2c:10:b1:a8:c0:14:14:c5:7a:
a3:0d:64:18
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYu/9mMAE0drXsYe6J2Dts2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Y2Y5ZDhkNTUyY2RjN2Q4YzBkYzZmNjQ5YjMwMWYyMzUx
NDA5ZWUwHhcNMjMxMTExMTk1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RlOTZlNWJkNjg5Yzc4ZmU1NmFiZmMyYmYzYTE4MmNmMTJmZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjss6qwZY850U29VLA40UJAGQP4yz
7enOzw9LF2vePzamP4eLKSekEfELklwcmZeloJ0Sl1FdQh7agXiHBUaifAAa+RlG
tSk9TnekQ5PcLiQbU8oU+9tFz+LJ3AaVfx3UmoVVwhKHR4uhv8VvzzGt94/ASw12
1L51F+QPJq++G+cw8PxquU/++zv6imOUtXLgdHpyN4S/xb8IAYhsZRl4HJpTz59i
qiktxAVR2W3nRDVN8BoHnqL+oYfz1UwZzg6ImAoSPH80xwHWY/LQc9BfjCC4PXQT
9nbrSWXdr2WPRBz44P97Zp9mq6FyTrVfDjQdXe88yT6kDBF8Ra8nms01DwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAPeluW9aJx4/lar/CvzoYLPEv+oMB8GA1UdIwQY
MBaAFCXPnY1VLNx9jA3G9kmzAfI1FAnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQt
YTEwNjkwYTc0NGU0LzEvQTk2VzViMW9uSGotVnF2OEtfT2hnczhTXzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQtYTEwNjkwYTc0NGU0
LzEvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLUIiMA0E
AgACMAcDBQIqCWHEMA0GCSqGSIb3DQEBCwUAA4IBAQAKmQs65byYh0mCHp9NumA9
D5IFNAWl1eM6V9Y7bLWv7+eF9hoxDprnjbvuoulatT67hXdj7V5ltTcwxp3I56wd
d/noQQjy+GyAKS5lgKMkGT+35IOAaIB3NiC/X1vZXEhq/oOFYnM96k2Pw+rE3z6+
5CNCMOvQyoB0cGwgdiutKnqVXpqYpy5XqpW99qm6t1fNORfPNYNaK4x+lYZ15s+p
/I0IcX5kGw8S5TLJRpzw+A77CSLWJ0Oe9R8qhbOItdh+8gd9n1XSfdbKXelF8z/H
16Fi4KC3Zp6vfn4Tw+ixRGEyJG8qbgVW3fy1pxfdshQQudMsELGowBQUxXqjDWQY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:54 2024 by rpki-client on console-ams.rpki-client.org