Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/1k_TNbNxQx53yOqB9HvXcf9258I.roa
File: 1k_TNbNxQx53yOqB9HvXcf9258I.roa (raw, json)
Hash identifier: mY5LIIUOXLSj/SXc2sG+GHufeLF4ZHSTXE3hoS8jQf8=
Subject key identifier: D6:4F:D3:35:B3:71:43:1E:77:C8:EA:81:F4:7B:D7:71:FF:76:E7:C2
Certificate issuer: /CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Certificate serial: 018BF700B898A94FF4BE7EC1A22097E6C073
Authority key identifier: E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/1k_TNbNxQx53yOqB9HvXcf9258I.roa
Signing time: Wed 22 Nov 2023 12:28:21 +0000
ROA not before: Wed 22 Nov 2023 12:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.139.44.0/22 maxlen: 24
45.83.152.0/22 maxlen: 24
45.139.56.0/22 maxlen: 24
45.139.64.0/22 maxlen: 24
45.83.124.0/22 maxlen: 24
45.83.132.0/22 maxlen: 24
45.83.144.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:00:b8:98:a9:4f:f4:be:7e:c1:a2:20:97:e6:c0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Validity
Not Before: Nov 22 12:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d64fd335b371431e77c8ea81f47bd771ff76e7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2e:5a:08:c0:0d:7f:05:4d:31:73:e8:73:52:
bb:5e:35:a6:c0:0a:c8:93:2f:27:2a:1f:f0:59:08:
0f:4e:1e:70:84:a7:9a:4c:f2:16:2c:a3:90:91:e7:
f8:4b:2d:8e:77:ff:fc:e2:13:ca:12:86:4f:b5:4e:
ae:ad:a8:c6:aa:42:a0:38:b0:13:da:48:aa:29:31:
61:25:6c:94:3e:3d:f4:ca:01:32:40:ea:f8:c4:81:
ff:63:da:6f:6f:05:aa:4e:5c:aa:e4:7d:08:b1:d8:
47:43:3b:f0:88:b4:0a:12:95:34:86:e7:5e:9f:d8:
a6:43:d1:03:65:1d:57:f8:41:66:0c:df:71:02:61:
81:8e:2c:d4:c6:09:4f:1a:4b:f0:6a:a6:56:23:65:
77:fc:cb:7a:f3:ac:5b:5d:13:22:51:82:d0:cf:73:
63:cf:15:da:85:61:f9:76:24:c4:cb:83:af:1e:35:
f2:61:5d:86:dc:34:8c:f8:c9:4c:93:5c:91:77:cf:
d2:10:55:0c:83:99:32:c8:04:4f:83:5e:6e:5b:47:
39:61:15:03:8e:d0:97:3a:1e:94:07:e4:70:3e:ef:
71:e0:51:09:bc:4f:b6:5a:a5:bf:8c:60:d0:e7:35:
ff:f4:42:9f:7b:7b:c7:10:b7:06:e2:88:1d:4e:44:
48:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:4F:D3:35:B3:71:43:1E:77:C8:EA:81:F4:7B:D7:71:FF:76:E7:C2
X509v3 Authority Key Identifier:
keyid:E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/1k_TNbNxQx53yOqB9HvXcf9258I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.124.0/22
45.83.132.0/22
45.83.144.0/22
45.83.152.0/22
45.139.44.0/22
45.139.56.0/22
45.139.64.0/22
Signature Algorithm: sha256WithRSAEncryption
57:b2:7b:1b:03:4a:9b:f7:a8:5a:bf:66:bf:bc:b4:b0:e9:53:
d4:66:51:21:39:be:41:7f:ed:41:83:ab:1a:5a:29:df:95:01:
c0:e2:b5:43:64:a8:cd:e5:e8:ff:6c:b8:3e:5c:fa:a7:0f:37:
af:d6:46:57:30:9a:ba:d3:35:f7:91:81:29:63:35:17:24:7e:
b0:2d:42:3e:e1:7a:d0:d7:fa:2b:05:8a:9c:0a:76:ba:3d:57:
c9:d2:7d:ba:a2:9a:0b:f9:7c:67:d5:fb:e2:f3:f7:4f:47:f3:
df:b7:18:d0:e0:50:50:57:c1:37:eb:41:1d:e5:58:2d:6b:46:
97:07:4a:3e:38:2c:de:91:f4:04:fb:1c:d8:c1:91:4a:ac:00:
e0:b6:ca:1e:da:0b:24:2b:02:6a:c1:09:8e:7a:2a:c8:01:f2:
38:c7:77:7d:44:12:0e:47:fb:ee:af:fd:20:00:fb:4d:13:07:
0f:2e:23:88:38:91:49:8a:df:c3:64:c6:eb:db:ba:1c:5f:ea:
3b:d3:6f:0e:89:51:0d:b9:0e:c4:64:cb:95:f8:d7:5f:67:25:
c3:28:10:30:89:fa:88:a5:ec:dd:82:64:2e:57:30:2b:dc:81:
5e:36:f6:e5:5f:49:14:f1:8c:1e:e4:14:b7:3a:40:72:42:3e:
46:59:d0:d9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYv3ALiYqU/0vn7BoiCX5sBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTgwOGYzZjkyMWJjOGMzZWVhODdjNzU4NGM1ODRjMTAw
MGIwNTEwHhcNMjMxMTIyMTIyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRmZDMzNWIzNzE0MzFlNzdjOGVhODFmNDdiZDc3MWZmNzZlN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS5aCMANfwVNMXPoc1K7XjWmwArI
ky8nKh/wWQgPTh5whKeaTPIWLKOQkef4Sy2Od//84hPKEoZPtU6urajGqkKgOLAT
2kiqKTFhJWyUPj30ygEyQOr4xIH/Y9pvbwWqTlyq5H0IsdhHQzvwiLQKEpU0hude
n9imQ9EDZR1X+EFmDN9xAmGBjizUxglPGkvwaqZWI2V3/Mt686xbXRMiUYLQz3Nj
zxXahWH5diTEy4OvHjXyYV2G3DSM+MlMk1yRd8/SEFUMg5kyyARPg15uW0c5YRUD
jtCXOh6UB+RwPu9x4FEJvE+2WqW/jGDQ5zX/9EKfe3vHELcG4ogdTkRI6QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNZP0zWzcUMed8jqgfR713H/dufCMB8GA1UdIwQY
MBaAFOFYCPP5IbyMPuqHx1hMWEwQALBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAt
YWIxOWZjYjBjZTY0LzEvMWtfVE5iTnhReDUzeU9xQjlIdlhjZjkyNThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAtYWIxOWZjYjBjZTY0
LzEvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLVN8AwQC
LVOEAwQCLVOQAwQCLVOYAwQCLYssAwQCLYs4AwQCLYtAMA0GCSqGSIb3DQEBCwUA
A4IBAQBXsnsbA0qb96hav2a/vLSw6VPUZlEhOb5Bf+1Bg6saWinflQHA4rVDZKjN
5ej/bLg+XPqnDzev1kZXMJq60zX3kYEpYzUXJH6wLUI+4XrQ1/orBYqcCna6PVfJ
0n26opoL+Xxn1fvi8/dPR/PftxjQ4FBQV8E360Ed5Vgta0aXB0o+OCzekfQE+xzY
wZFKrADgtsoe2gskKwJqwQmOeirIAfI4x3d9RBIOR/vur/0gAPtNEwcPLiOIOJFJ
it/DZMbr27ocX+o7028OiVENuQ7EZMuV+NdfZyXDKBAwifqIpezdgmQuVzAr3IFe
NvblX0kU8Ywe5BS3OkByQj5GWdDZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:46 2024 by rpki-client on console-fra.rpki-client.org