Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/1-tebuJybAhk3F0Sx5OVTRcoPCAk.roa
File: 1-tebuJybAhk3F0Sx5OVTRcoPCAk.roa (raw, json)
Hash identifier: CejOag4nnpwpf7g5im27pRZWb54qeBAg8zd5SsfH28E=
Subject key identifier: FA:D7:9B:B8:9C:9B:02:19:37:17:44:B1:E4:E5:53:45:CA:0F:08:09
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 0190FEBD47583002876F049A5AE61F7A3DB9
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/1-tebuJybAhk3F0Sx5OVTRcoPCAk.roa
Signing time: Mon 29 Jul 2024 13:45:35 +0000
ROA not before: Mon 29 Jul 2024 13:45:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 45.150.238.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jul 2024 23:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:bd:47:58:30:02:87:6f:04:9a:5a:e6:1f:7a:3d:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jul 29 13:45:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fad79bb89c9b0219371744b1e4e55345ca0f0809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cd:3c:b9:99:34:b1:a7:70:43:43:b6:5b:ff:
45:cc:c3:a4:41:e9:e5:e8:9c:dc:b8:20:40:91:ac:
1c:d8:b2:61:91:f6:f5:c9:51:6c:a9:51:a0:f5:71:
67:b2:f6:2d:d3:06:5c:21:7b:e8:37:8b:a9:6e:5b:
bd:76:9a:87:74:4c:58:45:d8:ff:8f:c7:4f:9a:53:
62:f1:6f:76:51:63:df:3f:87:61:a9:a3:99:67:23:
99:52:4a:d0:b9:c5:32:52:6c:3a:31:1e:bd:b6:ac:
ef:b8:53:f6:d7:0a:dc:52:f5:6e:ca:93:79:3d:1a:
2c:3f:b7:b0:64:0d:23:24:db:ba:30:16:51:1d:74:
ca:0e:a8:90:f1:82:41:20:b6:31:05:ab:7e:dd:c4:
5f:7c:77:be:f2:69:92:dd:88:7f:cd:3d:55:90:a5:
cb:f6:86:d0:5f:6b:30:d6:e2:48:b7:1f:a4:95:1a:
66:88:70:7a:62:8a:aa:79:a0:22:0c:d3:07:66:8f:
20:c2:59:28:fc:71:63:36:8b:9e:87:8e:c2:44:f5:
84:5d:86:23:95:ba:23:68:b0:c7:e6:2a:1b:cb:d0:
9f:cd:26:27:8a:74:f2:37:e4:36:51:d5:1a:87:31:
0f:7f:87:b4:da:b7:b3:68:de:72:55:1d:cf:c4:06:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D7:9B:B8:9C:9B:02:19:37:17:44:B1:E4:E5:53:45:CA:0F:08:09
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/1-tebuJybAhk3F0Sx5OVTRcoPCAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.238.0/23
Signature Algorithm: sha256WithRSAEncryption
32:5a:c7:9e:44:d9:db:04:0b:52:9c:bf:20:d1:94:e4:26:b0:
d5:f3:11:85:43:a5:4e:12:72:93:b5:f8:c7:b6:2e:ac:9a:c8:
3d:fa:72:fd:d5:18:13:2d:da:49:a0:34:74:cc:db:94:b2:28:
78:e9:53:5b:b0:11:6c:79:86:9b:0f:dd:ca:89:55:27:3d:19:
7f:dd:63:6a:d4:9f:3e:54:da:a2:68:bf:29:66:d4:fc:bb:6a:
2b:f8:3a:72:43:33:74:16:3d:60:10:37:31:e6:0d:4b:fd:ea:
f2:db:60:e4:2c:d6:cb:78:23:42:55:3e:f0:ef:db:a1:6a:6f:
bd:4c:11:67:95:69:81:3a:27:32:56:0a:1f:56:e9:f8:9a:57:
c8:84:c2:ef:a4:12:7d:9a:54:5d:fd:af:d2:51:78:64:9c:a2:
a9:c0:f1:f6:f7:cf:d8:96:c2:b4:6f:8d:98:40:81:0c:cc:46:
5b:51:ca:47:d0:12:51:e3:e9:f9:e6:3b:69:59:f8:bc:20:6a:
6d:7c:53:56:0e:14:38:71:27:a2:45:16:dc:8f:e3:06:75:85:
8a:8f:3b:ab:55:a9:fd:63:08:bb:15:9c:62:1e:f7:fd:0b:fe:
b5:c9:14:0b:17:7b:7f:25:c5:86:89:1d:6f:67:92:95:bb:7d:
d5:d7:b0:a0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZD+vUdYMAKHbwSaWuYfej25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjQwNzI5MTM0NTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ3OWJiODljOWIwMjE5MzcxNzQ0YjFlNGU1NTM0NWNhMGYwODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy808uZk0sadwQ0O2W/9FzMOkQenl
6JzcuCBAkawc2LJhkfb1yVFsqVGg9XFnsvYt0wZcIXvoN4upblu9dpqHdExYRdj/
j8dPmlNi8W92UWPfP4dhqaOZZyOZUkrQucUyUmw6MR69tqzvuFP21wrcUvVuypN5
PRosP7ewZA0jJNu6MBZRHXTKDqiQ8YJBILYxBat+3cRffHe+8mmS3Yh/zT1VkKXL
9obQX2sw1uJItx+klRpmiHB6YoqqeaAiDNMHZo8gwlko/HFjNoueh47CRPWEXYYj
lbojaLDH5ioby9CfzSYninTyN+Q2UdUahzEPf4e02rezaN5yVR3PxAbwjQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPrXm7icmwIZNxdEseTlU0XKDwgJMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvMS10ZWJ1SnliQWhrM0YwU3g1T1ZUUmNvUENBay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmEvMTQzZDI5LWNmNzItNGQwMS05MThjLTE2YWZjNGRmZmRk
NC8xL09nQ0FkcGp3c0pmV21yT1NhUmZSM01nNHBpUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2W7jAN
BgkqhkiG9w0BAQsFAAOCAQEAMlrHnkTZ2wQLUpy/INGU5Caw1fMRhUOlThJyk7X4
x7YurJrIPfpy/dUYEy3aSaA0dMzblLIoeOlTW7ARbHmGmw/dyolVJz0Zf91jatSf
PlTaomi/KWbU/LtqK/g6ckMzdBY9YBA3MeYNS/3q8ttg5CzWy3gjQlU+8O/boWpv
vUwRZ5VpgTonMlYKH1bp+JpXyITC76QSfZpUXf2v0lF4ZJyiqcDx9vfP2JbCtG+N
mECBDMxGW1HKR9ASUePp+eY7aVn4vCBqbXxTVg4UOHEnokUW3I/jBnWFio87q1Wp
/WMIuxWcYh73/Qv+tckUCxd7fyXFhokdb2eSlbt91dewoA==
-----END CERTIFICATE-----
Generated at Wed Jul 31 01:05:54 2024 by rpki-client on console-ams.rpki-client.org