Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/k5I3CvRm0KoDTpGQsTs0bBVZ65w.roa
File: k5I3CvRm0KoDTpGQsTs0bBVZ65w.roa (raw, json)
Hash identifier: GAj7HJSzcL9e6DvO+IDcgLTmgckV1gSZKJ8aNXpjZ+Q=
Subject key identifier: 93:92:37:0A:F4:66:D0:AA:03:4E:91:90:B1:3B:34:6C:15:59:EB:9C
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018D1B89CAEFE0FC12263CB37C90978071E5
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/k5I3CvRm0KoDTpGQsTs0bBVZ65w.roa
Signing time: Thu 18 Jan 2024 07:47:11 +0000
ROA not before: Thu 18 Jan 2024 07:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 45.66.248.0/24 maxlen: 24
45.66.249.0/24 maxlen: 24
45.150.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 09:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:89:ca:ef:e0:fc:12:26:3c:b3:7c:90:97:80:71:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 18 07:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9392370af466d0aa034e9190b13b346c1559eb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0c:85:37:d3:00:00:46:50:37:3d:30:2e:43:
39:76:94:6b:7a:c4:56:39:18:9d:2c:24:a3:bd:e6:
58:2a:bc:dd:8b:85:18:6c:eb:35:5d:20:7a:d0:75:
06:da:84:f1:37:22:50:c0:7a:6d:76:a6:1f:c2:19:
be:10:6e:98:d1:60:56:dc:ff:12:e0:32:c4:6e:bf:
b3:9f:ae:d8:eb:61:cd:7c:e9:86:2c:3e:91:fc:8d:
c9:ef:81:8e:b8:58:d5:3a:f4:2b:19:cd:e0:9a:80:
f8:49:d4:2d:99:1a:1d:b3:42:ef:0f:2c:6f:b9:e8:
15:c7:c8:8b:df:8c:88:87:14:31:9c:1f:8b:92:f8:
99:51:6b:92:16:7a:37:c4:f0:fb:97:fe:fc:ec:e2:
d6:3b:02:21:de:40:c7:20:7e:eb:9c:bc:3e:bb:25:
38:c4:2f:71:3a:b0:78:cf:50:f1:ff:ce:f5:e5:5f:
a6:99:59:74:4b:44:e3:6f:63:ec:3c:63:6e:cb:09:
09:cd:b3:30:00:27:00:3d:36:6e:2b:bc:d2:1b:04:
eb:57:16:a5:68:83:2a:9d:c0:d7:6f:4a:d9:10:76:
0c:e2:00:22:4f:68:9f:1a:81:d8:36:7a:d0:c3:4c:
b9:0b:18:7c:00:72:3d:55:41:9d:c9:d5:a9:50:79:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:92:37:0A:F4:66:D0:AA:03:4E:91:90:B1:3B:34:6C:15:59:EB:9C
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/k5I3CvRm0KoDTpGQsTs0bBVZ65w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.248.0/23
45.150.108.0/24
Signature Algorithm: sha256WithRSAEncryption
60:11:d7:ee:a7:ba:8d:7e:7e:c0:9f:d3:30:ec:bc:5a:c7:d4:
9c:a8:ab:48:52:85:7c:4f:45:38:43:d1:da:41:5b:80:43:d1:
25:ad:74:9c:f3:21:3a:ea:13:41:1c:bf:91:9c:b3:34:43:e1:
74:6d:f8:3f:00:fd:04:35:b9:ac:34:87:56:f8:fe:ea:65:9b:
0b:e0:68:10:31:84:1b:ff:ac:76:58:83:85:76:86:01:60:85:
82:d9:c8:0d:6f:47:f6:30:b0:0a:ad:10:a5:fa:9c:6b:00:a3:
9a:53:56:b9:f9:6f:e4:a1:3d:77:ef:64:b4:9d:bc:0d:b6:9b:
61:82:1d:53:91:67:bc:17:76:f1:d2:53:5b:75:4b:2d:31:73:
cc:ee:6c:c2:1f:63:fc:1f:cd:9f:38:d3:4e:df:d5:62:d2:36:
3d:8b:9e:a1:78:85:2c:01:74:4d:47:7d:0b:90:c1:c1:2c:18:
b7:ef:61:69:c8:5d:21:19:c6:57:e2:13:57:6c:1c:17:ed:b1:
f0:44:d4:71:c2:2d:30:dd:ed:eb:1f:4a:d0:8d:d0:e5:90:5c:
67:ec:44:2e:0f:e8:8d:c3:35:f4:ae:f4:fa:13:7b:dc:10:52:
49:8d:9e:2b:1b:ec:d6:38:36:d4:db:30:9f:e5:d2:ec:cf:81:
5b:bf:cf:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0bicrv4PwSJjyzfJCXgHHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwMTE4MDc0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzkyMzcwYWY0NjZkMGFhMDM0ZTkxOTBiMTNiMzQ2YzE1NTllYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAyFN9MAAEZQNz0wLkM5dpRresRW
ORidLCSjveZYKrzdi4UYbOs1XSB60HUG2oTxNyJQwHptdqYfwhm+EG6Y0WBW3P8S
4DLEbr+zn67Y62HNfOmGLD6R/I3J74GOuFjVOvQrGc3gmoD4SdQtmRods0LvDyxv
uegVx8iL34yIhxQxnB+LkviZUWuSFno3xPD7l/787OLWOwIh3kDHIH7rnLw+uyU4
xC9xOrB4z1Dx/8715V+mmVl0S0Tjb2PsPGNuywkJzbMwACcAPTZuK7zSGwTrVxal
aIMqncDXb0rZEHYM4gAiT2ifGoHYNnrQw0y5Cxh8AHI9VUGdydWpUHnucQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJOSNwr0ZtCqA06RkLE7NGwVWeucMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvazVJM0N2Um0wS29EVHBHUXNUczBiQlZaNjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUL4AwQA
LZZsMA0GCSqGSIb3DQEBCwUAA4IBAQBgEdfup7qNfn7An9Mw7Lxax9ScqKtIUoV8
T0U4Q9HaQVuAQ9ElrXSc8yE66hNBHL+RnLM0Q+F0bfg/AP0ENbmsNIdW+P7qZZsL
4GgQMYQb/6x2WIOFdoYBYIWC2cgNb0f2MLAKrRCl+pxrAKOaU1a5+W/koT1372S0
nbwNtpthgh1TkWe8F3bx0lNbdUstMXPM7mzCH2P8H82fONNO39Vi0jY9i56heIUs
AXRNR30LkMHBLBi372FpyF0hGcZX4hNXbBwX7bHwRNRxwi0w3e3rH0rQjdDlkFxn
7EQuD+iNwzX0rvT6E3vcEFJJjZ4rG+zWODbU2zCf5dLsz4Fbv88b
-----END CERTIFICATE-----
Generated at Wed Jul 24 12:45:19 2024 by rpki-client on console-ams.rpki-client.org