Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/bakJjt0uDecIqWhCHd6UoxTCfRE.roa
File: bakJjt0uDecIqWhCHd6UoxTCfRE.roa (raw, json)
Hash identifier: bq2Km78VOjG/gwvQTZLk/Sg8h9TLBUPy26SGaf5LGnQ=
Subject key identifier: 6D:A9:09:8E:DD:2E:0D:E7:08:A9:68:42:1D:DE:94:A3:14:C2:7D:11
Certificate issuer: /CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Certificate serial: 01856CF85DAF604E42889E9AB7E63B068178
Authority key identifier: 25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/bakJjt0uDecIqWhCHd6UoxTCfRE.roa
Signing time: Sun 01 Jan 2023 10:54:54 +0000
ROA not before: Sun 01 Jan 2023 10:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47482
IP address blocks: 45.66.35.0/24 maxlen: 24
45.66.32.0/24 maxlen: 24
45.66.33.0/24 maxlen: 24
45.66.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Nov 2023 19:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:5d:af:60:4e:42:88:9e:9a:b7:e6:3b:06:81:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee
Validity
Not Before: Jan 1 10:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6da9098edd2e0de708a968421dde94a314c27d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:36:7c:bd:18:87:17:cb:de:24:92:d9:0d:8f:
ac:29:84:ec:cd:8e:6c:be:76:de:c0:89:44:62:b7:
ef:07:bb:f7:7f:a9:72:39:76:71:41:c0:86:3a:ff:
1a:86:e2:02:14:c5:13:d6:16:3f:5a:17:2b:d5:2c:
b4:f5:fd:4c:2a:6b:47:f3:03:e2:36:5c:6b:2a:71:
48:6e:f5:f7:8c:37:83:2b:53:f8:a8:b4:ce:ce:5b:
c0:f9:66:31:71:b4:8e:fd:c8:8a:99:ae:70:b7:9d:
28:47:79:bf:88:1a:ca:3f:d6:0c:17:da:82:38:d4:
df:03:2f:fe:6e:b6:b0:4a:36:ad:66:e7:1b:b2:cc:
0f:b1:0e:8d:49:28:df:da:a8:a5:56:82:d1:fa:ef:
57:8a:23:5c:81:83:63:54:02:6e:9d:13:f8:9d:80:
a4:ca:73:9a:23:00:2e:9c:cf:ce:42:8f:da:96:cd:
e1:ea:63:18:85:9a:1c:ef:44:54:23:90:b1:52:41:
c7:53:2c:6c:ad:63:b7:04:13:5b:95:03:34:87:ff:
22:f0:34:02:0f:25:11:c8:e2:8f:a9:c2:b3:3a:08:
b4:c2:95:95:35:c3:90:a0:45:12:96:97:74:31:60:
0e:a1:e6:f0:32:34:b9:3d:ea:bb:3a:81:5c:67:fc:
21:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A9:09:8E:DD:2E:0D:E7:08:A9:68:42:1D:DE:94:A3:14:C2:7D:11
X509v3 Authority Key Identifier:
keyid:25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/bakJjt0uDecIqWhCHd6UoxTCfRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.32.0/22
Signature Algorithm: sha256WithRSAEncryption
32:8f:25:b8:45:ea:73:77:04:b7:ef:75:cb:e3:90:25:af:c3:
5a:c4:5e:6f:4a:32:8b:fd:a1:c2:1c:fb:83:20:10:4c:04:fa:
35:d7:56:82:37:5f:d4:60:f8:13:b2:08:3c:fd:9f:f7:5d:c6:
f1:13:4e:66:cd:20:2b:0b:69:9c:75:92:6f:5b:f7:7b:46:56:
69:64:eb:59:88:19:ea:3e:8b:81:1e:68:04:33:9c:a9:4c:71:
b3:44:d2:23:fe:7f:2d:df:46:b0:3e:2f:f4:f1:25:54:30:bf:
c7:bc:92:01:96:50:f1:c6:a8:9d:f4:2d:8a:41:c9:ed:24:3c:
52:10:1d:6a:5d:b8:13:24:16:b0:22:a9:dc:31:f2:c4:f3:5d:
cb:79:22:9f:90:4e:d8:e8:40:c7:d3:a2:8b:2d:06:49:4a:cc:
4b:bb:ce:cd:31:56:54:fc:f1:1d:82:14:a9:29:30:fb:03:87:
19:dd:93:85:e8:de:9d:34:f2:d4:0e:4d:7e:db:89:10:e5:54:
8a:eb:33:c3:1f:03:41:55:c4:93:bd:c6:0a:7f:52:38:25:2e:
30:4d:f8:90:cf:f6:53:ce:3f:44:f4:9d:fe:19:c4:40:61:41:
8d:28:96:ed:a8:10:19:33:36:fe:f9:19:8b:c2:68:1b:98:b0:
1f:e6:73:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+F2vYE5CiJ6at+Y7BoF4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Y2Y5ZDhkNTUyY2RjN2Q4YzBkYzZmNjQ5YjMwMWYyMzUx
NDA5ZWUwHhcNMjMwMTAxMTA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGE5MDk4ZWRkMmUwZGU3MDhhOTY4NDIxZGRlOTRhMzE0YzI3ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizZ8vRiHF8veJJLZDY+sKYTszY5s
vnbewIlEYrfvB7v3f6lyOXZxQcCGOv8ahuICFMUT1hY/Whcr1Sy09f1MKmtH8wPi
NlxrKnFIbvX3jDeDK1P4qLTOzlvA+WYxcbSO/ciKma5wt50oR3m/iBrKP9YMF9qC
ONTfAy/+brawSjatZucbsswPsQ6NSSjf2qilVoLR+u9XiiNcgYNjVAJunRP4nYCk
ynOaIwAunM/OQo/als3h6mMYhZoc70RUI5CxUkHHUyxsrWO3BBNblQM0h/8i8DQC
DyURyOKPqcKzOgi0wpWVNcOQoEUSlpd0MWAOoebwMjS5Peq7OoFcZ/wh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2pCY7dLg3nCKloQh3elKMUwn0RMB8GA1UdIwQY
MBaAFCXPnY1VLNx9jA3G9kmzAfI1FAnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQt
YTEwNjkwYTc0NGU0LzEvYmFrSmp0MHVEZWNJcVdoQ0hkNlVveFRDZlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQtYTEwNjkwYTc0NGU0
LzEvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUIgMA0G
CSqGSIb3DQEBCwUAA4IBAQAyjyW4RepzdwS373XL45Alr8NaxF5vSjKL/aHCHPuD
IBBMBPo111aCN1/UYPgTsgg8/Z/3XcbxE05mzSArC2mcdZJvW/d7RlZpZOtZiBnq
PouBHmgEM5ypTHGzRNIj/n8t30awPi/08SVUML/HvJIBllDxxqid9C2KQcntJDxS
EB1qXbgTJBawIqncMfLE813LeSKfkE7Y6EDH06KLLQZJSsxLu87NMVZU/PEdghSp
KTD7A4cZ3ZOF6N6dNPLUDk1+24kQ5VSK6zPDHwNBVcSTvcYKf1I4JS4wTfiQz/ZT
zj9E9J3+GcRAYUGNKJbtqBAZMzb++RmLwmgbmLAf5nMO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:54 2024 by rpki-client on console-ams.rpki-client.org