Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/IwBkTVH7-XphG-w9QLdLrFEqhp0.roa
File: IwBkTVH7-XphG-w9QLdLrFEqhp0.roa (raw, json)
Hash identifier: CleGL6HbMmITsXdnyJhTOStCCuvkB+eDGFh0F4OS8sU=
Subject key identifier: 23:00:64:4D:51:FB:F9:7A:61:1B:EC:3D:40:B7:4B:AC:51:2A:86:9D
Certificate issuer: /CN=ed3ff7836530d1c474f4d088b6b36224fbf6982d
Certificate serial: 01856D5418CAF25276233AF12B5379E5176A
Authority key identifier: ED:3F:F7:83:65:30:D1:C4:74:F4:D0:88:B6:B3:62:24:FB:F6:98:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7T_3g2Uw0cR09NCItrNiJPv2mC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/IwBkTVH7-XphG-w9QLdLrFEqhp0.roa
Signing time: Sun 01 Jan 2023 12:35:05 +0000
ROA not before: Sun 01 Jan 2023 12:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 45.88.30.0/24 maxlen: 24
45.88.31.0/24 maxlen: 24
45.88.28.0/24 maxlen: 24
45.88.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:18:ca:f2:52:76:23:3a:f1:2b:53:79:e5:17:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed3ff7836530d1c474f4d088b6b36224fbf6982d
Validity
Not Before: Jan 1 12:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2300644d51fbf97a611bec3d40b74bac512a869d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4a:46:9e:6c:92:b9:ca:ba:18:84:95:ab:c3:
c7:33:57:6b:d6:a5:6c:90:9d:0f:86:b9:6a:cf:74:
7e:5c:26:69:71:f6:b5:45:70:08:41:a5:62:c8:57:
f7:72:a5:d1:30:99:3f:65:ac:b7:4e:4a:44:23:08:
fc:25:78:4f:15:dc:e6:a5:13:b7:d7:b3:e0:38:bf:
22:3e:02:c9:f5:2c:07:17:3d:f4:01:12:73:b3:5c:
e4:ee:56:19:4f:fc:f9:32:18:70:63:f6:98:b0:bf:
39:e7:41:92:86:a2:b0:20:44:33:ef:92:af:23:d1:
3a:52:46:82:5e:18:f9:4e:47:f7:a6:43:6f:7e:a3:
5d:c2:b1:29:33:cd:08:f5:ba:1c:7a:fc:c9:97:ae:
6d:5b:39:28:6d:95:57:12:e6:b3:8b:7b:39:55:6d:
4f:24:fb:5b:02:dc:0f:66:cd:d8:9b:1a:c5:6c:a9:
2e:d9:8a:87:0f:18:9b:b0:b2:0b:33:0b:db:fd:05:
53:16:f8:e9:9a:f7:a5:ba:5c:19:02:2c:93:e6:cf:
98:4b:ee:b7:d0:0e:bf:70:f7:90:29:45:20:71:be:
0d:3c:da:a0:6c:7d:ca:80:e3:58:e9:21:9c:07:ca:
2c:f1:04:dd:8c:9d:86:0a:46:0b:52:26:3a:ec:f7:
20:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:00:64:4D:51:FB:F9:7A:61:1B:EC:3D:40:B7:4B:AC:51:2A:86:9D
X509v3 Authority Key Identifier:
keyid:ED:3F:F7:83:65:30:D1:C4:74:F4:D0:88:B6:B3:62:24:FB:F6:98:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7T_3g2Uw0cR09NCItrNiJPv2mC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/IwBkTVH7-XphG-w9QLdLrFEqhp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/6ade9b-3216-4fef-8049-f3e24e075e35/1/7T_3g2Uw0cR09NCItrNiJPv2mC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:19:f6:43:43:ba:a7:83:65:a1:10:9b:ee:e2:f2:39:44:b2:
e8:ac:85:6b:79:34:fc:aa:22:e9:b0:9a:5d:c9:63:16:f3:bf:
86:42:60:a7:c9:65:25:c2:07:b5:6d:b9:68:fd:66:66:85:ba:
c6:25:6f:c1:2f:13:aa:ea:15:72:25:22:e3:1c:35:7f:ce:7f:
f4:29:54:21:c4:a8:8d:6c:fa:bb:1b:33:1f:e6:b1:16:a7:4e:
60:32:c9:c0:e1:62:5e:4c:8c:fb:e9:9c:74:2e:d2:a2:30:6c:
33:c5:7c:7f:52:7e:06:7c:d1:58:76:54:26:ea:a2:b7:63:97:
ff:c1:c7:d7:ed:b3:e2:40:71:63:98:af:c2:1f:b3:42:58:cc:
92:34:15:f7:0b:86:92:56:86:f2:8a:22:da:88:83:34:03:fc:
2d:76:e7:7e:b2:17:a2:57:db:39:b8:2d:9e:79:37:65:49:d3:
dc:66:a9:5f:6d:a6:70:b7:87:21:19:56:f1:9f:b8:28:23:e3:
19:1a:25:83:45:d0:28:e3:11:78:16:6b:3f:fb:f7:25:f9:70:
51:9e:03:bf:f4:98:10:6b:d2:f1:f7:9b:c6:16:c6:e5:36:df:
08:1f:f9:3b:0a:90:9a:a2:e9:59:ec:bd:e1:01:73:1c:04:e1:
b3:6d:a3:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtVBjK8lJ2IzrxK1N55RdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkM2ZmNzgzNjUzMGQxYzQ3NGY0ZDA4OGI2YjM2MjI0ZmJm
Njk4MmQwHhcNMjMwMTAxMTIzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAwNjQ0ZDUxZmJmOTdhNjExYmVjM2Q0MGI3NGJhYzUxMmE4NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkpGnmySucq6GISVq8PHM1dr1qVs
kJ0Phrlqz3R+XCZpcfa1RXAIQaViyFf3cqXRMJk/Zay3TkpEIwj8JXhPFdzmpRO3
17PgOL8iPgLJ9SwHFz30ARJzs1zk7lYZT/z5MhhwY/aYsL8550GShqKwIEQz75Kv
I9E6UkaCXhj5Tkf3pkNvfqNdwrEpM80I9bocevzJl65tWzkobZVXEuazi3s5VW1P
JPtbAtwPZs3YmxrFbKku2YqHDxibsLILMwvb/QVTFvjpmvelulwZAiyT5s+YS+63
0A6/cPeQKUUgcb4NPNqgbH3KgONY6SGcB8os8QTdjJ2GCkYLUiY67PcgTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMAZE1R+/l6YRvsPUC3S6xRKoadMB8GA1UdIwQY
MBaAFO0/94NlMNHEdPTQiLazYiT79pgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RfM2cyVXcwY1IwOU5DSXRyTmlKUHYybUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82YWRlOWItMzIxNi00ZmVmLTgwNDkt
ZjNlMjRlMDc1ZTM1LzEvSXdCa1RWSDctWHBoRy13OVFMZExyRkVxaHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82YWRlOWItMzIxNi00ZmVmLTgwNDktZjNlMjRlMDc1ZTM1
LzEvN1RfM2cyVXcwY1IwOU5DSXRyTmlKUHYybUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVgcMA0G
CSqGSIb3DQEBCwUAA4IBAQBdGfZDQ7qng2WhEJvu4vI5RLLorIVreTT8qiLpsJpd
yWMW87+GQmCnyWUlwge1bblo/WZmhbrGJW/BLxOq6hVyJSLjHDV/zn/0KVQhxKiN
bPq7GzMf5rEWp05gMsnA4WJeTIz76Zx0LtKiMGwzxXx/Un4GfNFYdlQm6qK3Y5f/
wcfX7bPiQHFjmK/CH7NCWMySNBX3C4aSVobyiiLaiIM0A/wtdud+sheiV9s5uC2e
eTdlSdPcZqlfbaZwt4chGVbxn7goI+MZGiWDRdAo4xF4Fms/+/cl+XBRngO/9JgQ
a9Lx95vGFsblNt8IH/k7CpCaoulZ7L3hAXMcBOGzbaNU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:29 2024 by rpki-client on console-ams.rpki-client.org