Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/_X3RekYxJrNKE6AtG3Hb1zZQ_e0.roa
File: _X3RekYxJrNKE6AtG3Hb1zZQ_e0.roa (raw, json)
Hash identifier: Xx1qABTsWNCzynkqjvoUNb6E6wMGXTX6EDLUbghgBdY=
Subject key identifier: FD:7D:D1:7A:46:31:26:B3:4A:13:A0:2D:1B:71:DB:D7:36:50:FD:ED
Certificate issuer: /CN=f6af433974df373b70abd76b13e1c70c775f554b
Certificate serial: 018BD37D2BA225FE5CFC828DF5E51CF672C1
Authority key identifier: F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/_X3RekYxJrNKE6AtG3Hb1zZQ_e0.roa
Signing time: Wed 15 Nov 2023 14:57:57 +0000
ROA not before: Wed 15 Nov 2023 14:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48314
IP address blocks: 45.89.140.0/22 maxlen: 22
45.85.216.0/22 maxlen: 22
2a0e:cb80::/29 maxlen: 29
2a12:3e80:400::/48 maxlen: 48
2a12:3e80:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Dec 2023 11:59:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:7d:2b:a2:25:fe:5c:fc:82:8d:f5:e5:1c:f6:72:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6af433974df373b70abd76b13e1c70c775f554b
Validity
Not Before: Nov 15 14:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd7dd17a463126b34a13a02d1b71dbd73650fded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:65:5c:2f:f0:0c:bb:77:0e:de:64:60:70:
fb:c9:93:fd:55:11:67:b2:a9:31:5f:1f:3d:9f:68:
71:cc:e1:d4:58:cc:4f:72:d2:eb:43:9f:68:3e:f8:
65:b2:01:ed:19:18:f7:9c:26:37:37:e1:25:a7:9a:
fc:35:64:5d:e2:95:af:09:b2:cb:c6:85:60:fa:96:
73:f4:5b:05:d5:eb:c5:44:ee:86:92:b0:90:f3:4d:
99:78:2a:27:6e:9b:34:da:8b:10:31:cb:82:ef:db:
50:29:34:1f:96:85:d9:a1:b0:0d:bf:96:4b:cf:61:
dd:3d:e2:c6:8d:04:82:3a:db:2c:86:68:c9:d8:bf:
e3:ad:a9:67:fd:98:14:6c:8b:44:36:75:9e:ba:42:
9f:37:87:cb:68:98:24:57:3b:bb:2f:56:ce:8c:4a:
38:bf:7b:aa:8d:0f:e1:fd:f0:8a:0a:2e:45:b4:09:
a7:fb:fe:55:56:24:34:e6:cf:1e:db:25:b1:94:11:
34:54:c4:8d:68:d4:a2:21:da:29:ae:02:43:08:e0:
f7:a5:80:5a:93:eb:d9:9b:90:0e:2b:b7:72:fb:a2:
c5:e2:54:91:74:08:23:f1:14:fb:eb:9a:10:b8:02:
6a:70:a8:ee:fb:ee:c4:5f:5d:ec:bc:3c:9e:4b:14:
ad:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:7D:D1:7A:46:31:26:B3:4A:13:A0:2D:1B:71:DB:D7:36:50:FD:ED
X509v3 Authority Key Identifier:
keyid:F6:AF:43:39:74:DF:37:3B:70:AB:D7:6B:13:E1:C7:0C:77:5F:55:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q9DOXTfNztwq9drE-HHDHdfVUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/_X3RekYxJrNKE6AtG3Hb1zZQ_e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f9caf0-2c2e-4897-8a3b-a26bc653b06b/1/9q9DOXTfNztwq9drE-HHDHdfVUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.216.0/22
45.89.140.0/22
IPv6:
2a0e:cb80::/29
2a12:3e80:100::/48
2a12:3e80:400::/48
Signature Algorithm: sha256WithRSAEncryption
3d:96:38:24:5d:eb:5c:47:32:b8:a7:4a:03:b7:59:9c:11:04:
c2:f7:48:0a:0c:69:32:27:48:23:3a:49:82:63:66:48:fc:13:
50:30:df:08:1c:b3:f3:bc:74:79:e6:35:93:28:bc:9e:ba:15:
1c:fb:69:1a:62:7f:a7:13:6d:5b:98:ba:2d:a7:db:a3:bd:28:
c5:23:0b:0e:44:46:92:72:e1:64:91:5e:f4:d9:64:9a:df:c2:
dc:2c:60:e4:6a:9a:b4:2b:58:38:6d:c8:fa:e7:8b:ed:60:4f:
d4:31:b7:be:5e:f3:af:52:59:4d:d0:cd:7c:c8:71:2e:d9:fd:
37:19:dc:11:02:d6:f9:de:78:4d:9f:72:3d:10:cf:d4:6a:59:
23:35:bf:7e:77:a1:08:78:68:e0:0b:63:79:2a:c3:95:94:a9:
15:cd:b5:da:30:36:84:8c:bb:7f:a4:0e:f4:90:22:33:5d:85:
40:e3:5a:f1:1b:eb:61:51:51:f7:c5:6d:d8:3c:44:82:0c:cc:
9f:4d:03:6b:2c:6a:97:04:b5:c3:d7:aa:b3:e7:28:f9:49:d9:
20:57:f6:fb:74:04:36:cd:61:2f:5b:16:8e:53:d8:5c:7e:87:
b6:64:ad:3d:1a:df:ed:3b:b7:ab:97:f4:0f:52:9a:9a:0e:47:
26:98:92:ed
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYvTfSuiJf5c/IKN9eUc9nLBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWY0MzM5NzRkZjM3M2I3MGFiZDc2YjEzZTFjNzBjNzc1
ZjU1NGIwHhcNMjMxMTE1MTQ1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDdkZDE3YTQ2MzEyNmIzNGExM2EwMmQxYjcxZGJkNzM2NTBmZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoxlXC/wDLt3Dt5kYHD7yZP9VRFn
sqkxXx89n2hxzOHUWMxPctLrQ59oPvhlsgHtGRj3nCY3N+Elp5r8NWRd4pWvCbLL
xoVg+pZz9FsF1evFRO6GkrCQ802ZeConbps02osQMcuC79tQKTQfloXZobANv5ZL
z2HdPeLGjQSCOtsshmjJ2L/jraln/ZgUbItENnWeukKfN4fLaJgkVzu7L1bOjEo4
v3uqjQ/h/fCKCi5FtAmn+/5VViQ05s8e2yWxlBE0VMSNaNSiIdoprgJDCOD3pYBa
k+vZm5AOK7dy+6LF4lSRdAgj8RT765oQuAJqcKju++7EX13svDyeSxStPwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP190XpGMSazShOgLRtx29c2UP3tMB8GA1UdIwQY
MBaAFPavQzl03zc7cKvXaxPhxwx3X1VLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2It
YTI2YmM2NTNiMDZiLzEvX1gzUmVrWXhKck5LRTZBdEczSGIxelpRX2UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mOWNhZjAtMmMyZS00ODk3LThhM2ItYTI2YmM2NTNiMDZi
LzEvOXE5RE9YVGZOenR3cTlkckUtSEhESGRmVlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTASBAIAATAMAwQCLVXYAwQC
LVmMMB8EAgACMBkDBQMqDsuAAwcAKhI+gAEAAwcAKhI+gAQAMA0GCSqGSIb3DQEB
CwUAA4IBAQA9ljgkXetcRzK4p0oDt1mcEQTC90gKDGkyJ0gjOkmCY2ZI/BNQMN8I
HLPzvHR55jWTKLyeuhUc+2kaYn+nE21bmLotp9ujvSjFIwsOREaScuFkkV702WSa
38LcLGDkapq0K1g4bcj654vtYE/UMbe+XvOvUllN0M18yHEu2f03GdwRAtb53nhN
n3I9EM/UalkjNb9+d6EIeGjgC2N5KsOVlKkVzbXaMDaEjLt/pA70kCIzXYVA41rx
G+thUVH3xW3YPESCDMyfTQNrLGqXBLXD16qz5yj5SdkgV/b7dAQ2zWEvWxaOU9hc
foe2ZK09Gt/tO7erl/QPUpqaDkcmmJLt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:18 2024 by rpki-client on console-ams.rpki-client.org