Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_M_tXWyKBiBbpyuUhsZ7wTUshQc.roa
File: _M_tXWyKBiBbpyuUhsZ7wTUshQc.roa (raw, json)
Hash identifier: gf0cEah8Nyj2Col1FIiTlRIsTWzy7LkQEZVLH86wUII=
Subject key identifier: FC:CF:ED:5D:6C:8A:06:20:5B:A7:2B:94:86:C6:7B:C1:35:2C:85:07
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018BB9F621BC46EFB75F42DA4D7C3867D20E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_M_tXWyKBiBbpyuUhsZ7wTUshQc.roa
Signing time: Fri 10 Nov 2023 15:59:57 +0000
ROA not before: Fri 10 Nov 2023 15:59:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 45.139.4.0/23 maxlen: 24
45.139.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:f6:21:bc:46:ef:b7:5f:42:da:4d:7c:38:67:d2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 10 15:59:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fccfed5d6c8a06205ba72b9486c67bc1352c8507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:db:71:a7:12:a7:09:a2:35:0f:f0:e6:90:c2:
71:ee:91:90:bc:c6:d5:5f:68:b0:8b:48:af:ef:ae:
07:b2:6d:b2:1a:6e:8c:ed:2c:64:f7:1d:71:9c:1a:
59:b2:d4:4c:ff:80:7c:ae:54:09:96:37:fa:e1:3f:
8d:d2:0a:e1:8f:5a:d1:7e:3d:56:8a:47:f8:8a:e7:
20:ce:ba:d7:01:9b:fd:49:8b:7d:42:e5:1e:e2:27:
ea:f9:24:06:9b:9f:81:70:0d:dc:64:38:50:b1:e9:
bf:98:7e:a2:f4:a2:30:b7:12:66:49:13:ca:65:c9:
7a:7e:26:e4:0a:15:ef:ad:de:b3:6f:b9:79:0b:43:
b7:05:e7:72:6d:8a:27:2d:1a:bb:70:74:f6:e0:16:
65:8b:75:61:00:99:1c:83:a3:05:0f:dc:5f:71:a1:
98:35:00:4e:6e:4a:38:ca:09:c6:e2:59:60:c0:06:
1c:a8:1d:bc:62:25:dd:78:77:34:a0:11:4f:5f:1c:
c1:cf:ec:d0:3c:e8:01:bf:cf:d4:ff:85:a3:1d:54:
6b:cf:c3:58:af:36:49:fa:b0:ae:d8:e7:22:f2:ae:
94:88:8a:93:b0:a0:ac:42:11:e8:61:6c:af:2c:4b:
47:9c:e4:37:92:57:4e:0e:8f:1e:c9:ac:79:84:d7:
85:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:CF:ED:5D:6C:8A:06:20:5B:A7:2B:94:86:C6:7B:C1:35:2C:85:07
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_M_tXWyKBiBbpyuUhsZ7wTUshQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.4.0/22
Signature Algorithm: sha256WithRSAEncryption
95:ce:33:23:6b:3d:97:a5:6e:ce:be:3c:46:04:6e:12:d0:b4:
be:20:1b:7e:5b:40:71:50:32:18:34:45:7c:27:f4:ab:b3:7d:
af:74:4d:b4:7e:ec:26:09:e8:8a:86:e0:36:b1:fa:a4:1a:fd:
1a:5f:46:a5:f4:e4:af:b0:1d:c8:95:18:cb:ed:14:29:27:1f:
29:f5:f2:9e:fb:a2:6c:9c:13:38:1f:55:08:4f:e5:71:8c:1a:
06:a2:82:9b:44:d4:1f:d8:7a:db:8b:de:58:e9:10:0d:d7:89:
2e:82:ae:3f:3a:bd:81:f3:29:61:59:d1:87:cb:bb:e8:b7:49:
d3:f9:6d:e1:66:cb:4c:22:79:de:8b:1a:e6:e0:d0:4a:7f:8c:
9e:ac:92:05:2d:cc:f9:de:ae:0f:bc:f3:bd:40:f9:48:8a:76:
98:00:43:9c:57:0c:cd:e9:49:46:3a:cc:e6:66:38:3e:d8:7f:
61:16:27:ae:dd:bc:38:d7:d6:b3:21:3d:97:7c:c3:96:17:20:
5c:a8:ac:4f:0d:65:f4:46:f4:c7:ae:3e:1f:e6:6b:71:29:40:
f0:29:7c:02:af:d4:0e:95:cf:51:71:6b:e1:08:bb:a3:c7:78:
49:22:4a:3e:83:e6:52:4e:09:af:98:a2:21:34:95:f3:b6:d2:
bc:81:a0:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu59iG8Ru+3X0LaTXw4Z9IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMTEwMTU1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2NmZWQ1ZDZjOGEwNjIwNWJhNzJiOTQ4NmM2N2JjMTM1MmM4NTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdtxpxKnCaI1D/DmkMJx7pGQvMbV
X2iwi0iv764Hsm2yGm6M7Sxk9x1xnBpZstRM/4B8rlQJljf64T+N0grhj1rRfj1W
ikf4iucgzrrXAZv9SYt9QuUe4ifq+SQGm5+BcA3cZDhQsem/mH6i9KIwtxJmSRPK
Zcl6fibkChXvrd6zb7l5C0O3BedybYonLRq7cHT24BZli3VhAJkcg6MFD9xfcaGY
NQBObko4ygnG4llgwAYcqB28YiXdeHc0oBFPXxzBz+zQPOgBv8/U/4WjHVRrz8NY
rzZJ+rCu2Oci8q6UiIqTsKCsQhHoYWyvLEtHnOQ3kldODo8eyax5hNeFsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzP7V1sigYgW6crlIbGe8E1LIUHMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvX01fdFhXeUtCaUJicHl1VWhzWjd3VFVzaFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYsEMA0G
CSqGSIb3DQEBCwUAA4IBAQCVzjMjaz2XpW7OvjxGBG4S0LS+IBt+W0BxUDIYNEV8
J/Srs32vdE20fuwmCeiKhuA2sfqkGv0aX0al9OSvsB3IlRjL7RQpJx8p9fKe+6Js
nBM4H1UIT+VxjBoGooKbRNQf2Hrbi95Y6RAN14kugq4/Or2B8ylhWdGHy7vot0nT
+W3hZstMInneixrm4NBKf4yerJIFLcz53q4PvPO9QPlIinaYAEOcVwzN6UlGOszm
Zjg+2H9hFieu3bw419azIT2XfMOWFyBcqKxPDWX0RvTHrj4f5mtxKUDwKXwCr9QO
lc9RcWvhCLujx3hJIko+g+ZSTgmvmKIhNJXzttK8gaAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org