Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ow4NMarO7qOUSDyc0Bi0W4r0vw8.roa
File: ow4NMarO7qOUSDyc0Bi0W4r0vw8.roa (raw, json)
Hash identifier: kL11Nq7PJ+Zjmr5Z6YXGwESruCwWtPiHXkpzpPFqan8=
Subject key identifier: A3:0E:0D:31:AA:CE:EE:A3:94:48:3C:9C:D0:18:B4:5B:8A:F4:BF:0F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018E869091CA985F424CCDD84447A27D1CBB
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ow4NMarO7qOUSDyc0Bi0W4r0vw8.roa
Signing time: Thu 28 Mar 2024 19:36:45 +0000
ROA not before: Thu 28 Mar 2024 19:36:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.145.248.0/24 maxlen: 24
2a07:e345:100::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 09:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:90:91:ca:98:5f:42:4c:cd:d8:44:47:a2:7d:1c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 28 19:36:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30e0d31aaceeea394483c9cd018b45b8af4bf0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d8:f2:3c:e8:a6:ec:d2:e3:60:cc:92:37:b8:
e8:d8:85:87:79:8f:7e:71:98:35:17:aa:d3:bf:91:
5f:d8:1b:e5:7a:30:d9:b3:ab:9d:de:01:77:03:e0:
81:5e:db:67:8b:d3:c6:37:32:67:ad:13:79:46:49:
c6:ac:d2:2e:b7:9a:a4:cb:0c:d1:71:6d:c8:30:17:
65:2a:4c:2e:c9:91:d6:93:ea:46:ff:e3:bf:b0:fb:
24:23:c3:14:91:47:ff:bb:67:86:9b:d8:e0:6a:d6:
07:f1:c2:0f:bf:4c:2b:13:d9:e8:4f:19:51:0e:39:
8e:69:63:5c:bd:a4:c7:7e:52:21:80:2c:e7:c3:52:
d9:a7:21:54:08:04:d4:0f:0c:20:84:62:ef:82:36:
d8:2e:cd:04:e3:cc:7e:16:13:78:0e:92:90:bc:d3:
fe:87:f3:c1:e8:0c:39:40:62:e6:e3:b0:87:6b:66:
af:c1:07:de:0c:8c:e5:f3:9b:35:c2:da:1e:fc:ad:
7c:dc:d1:74:75:89:c5:c1:e1:67:4b:e0:39:69:e6:
f8:19:1f:2e:5b:20:c1:9e:e5:bf:2c:28:70:49:ed:
aa:be:c9:3f:d9:13:fd:66:c6:f4:ed:2c:0d:12:b5:
b4:d4:1c:f3:af:75:a7:22:9a:d2:bf:d2:33:b3:44:
aa:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0E:0D:31:AA:CE:EE:A3:94:48:3C:9C:D0:18:B4:5B:8A:F4:BF:0F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ow4NMarO7qOUSDyc0Bi0W4r0vw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.248.0/24
IPv6:
2a07:e345:100::/40
Signature Algorithm: sha256WithRSAEncryption
67:dd:f5:5e:42:ce:9f:92:4d:09:9b:58:43:d4:77:04:8f:51:
ad:a7:69:67:c8:fc:18:83:5a:f2:f7:b9:a2:f0:cb:23:c3:8f:
e6:28:03:43:45:fb:0f:48:ce:10:d1:0c:c2:75:08:85:97:bd:
9b:77:88:5a:e3:43:f4:67:f8:12:ca:f4:c9:8b:c5:62:64:44:
59:45:e3:22:de:b7:b5:12:68:de:29:65:49:0a:86:88:2e:c2:
12:5f:41:a9:e2:1f:bf:2e:a0:da:ad:bb:34:67:63:14:68:c0:
7f:0b:46:a5:22:cb:66:cb:09:8f:8f:fd:5c:c9:fb:65:79:8e:
75:84:b6:4f:8d:e6:66:3c:67:f8:e0:ac:9b:66:f5:92:27:a5:
59:8a:56:58:bd:9d:b0:34:ae:31:0b:1e:b3:c5:f4:e7:37:79:
09:dc:b3:88:bf:6f:8a:fc:78:42:2a:09:05:e6:9e:62:e4:4f:
f8:a9:a1:55:b3:b4:ea:8c:0b:d9:7d:c8:4a:62:b3:51:55:97:
03:6f:7d:ca:a7:1c:8b:62:1e:dd:5b:cf:02:46:62:87:da:34:
a4:e7:18:58:56:67:c4:b1:77:9e:df:47:9c:03:30:46:59:9e:
a0:12:fb:58:07:05:e0:a1:cc:da:1c:36:d6:11:e7:f4:f3:e3:
15:06:ea:a3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY6GkJHKmF9CTM3YREeifRy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMzI4MTkzNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBlMGQzMWFhY2VlZWEzOTQ0ODNjOWNkMDE4YjQ1YjhhZjRiZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktjyPOim7NLjYMySN7jo2IWHeY9+
cZg1F6rTv5Ff2BvlejDZs6ud3gF3A+CBXttni9PGNzJnrRN5RknGrNIut5qkywzR
cW3IMBdlKkwuyZHWk+pG/+O/sPskI8MUkUf/u2eGm9jgatYH8cIPv0wrE9noTxlR
DjmOaWNcvaTHflIhgCznw1LZpyFUCATUDwwghGLvgjbYLs0E48x+FhN4DpKQvNP+
h/PB6Aw5QGLm47CHa2avwQfeDIzl85s1wtoe/K183NF0dYnFweFnS+A5aeb4GR8u
WyDBnuW/LChwSe2qvsk/2RP9Zsb07SwNErW01Bzzr3WnIprSv9Izs0SqMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFKMODTGqzu6jlEg8nNAYtFuK9L8PMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvb3c0Tk1hck83cU9VU0R5YzBCaTBXNHIwdnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALZH4MA4E
AgACMAgDBgAqB+NFATANBgkqhkiG9w0BAQsFAAOCAQEAZ931XkLOn5JNCZtYQ9R3
BI9RradpZ8j8GINa8ve5ovDLI8OP5igDQ0X7D0jOENEMwnUIhZe9m3eIWuND9Gf4
Esr0yYvFYmREWUXjIt63tRJo3illSQqGiC7CEl9BqeIfvy6g2q27NGdjFGjAfwtG
pSLLZssJj4/9XMn7ZXmOdYS2T43mZjxn+OCsm2b1kielWYpWWL2dsDSuMQses8X0
5zd5CdyziL9vivx4QioJBeaeYuRP+KmhVbO06owL2X3ISmKzUVWXA299yqcci2Ie
3VvPAkZih9o0pOcYWFZnxLF3nt9HnAMwRlmeoBL7WAcF4KHM2hw21hHn9PPjFQbq
ow==
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:25:19 2024 by rpki-client on console-fra.rpki-client.org