Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/w_KcGjFiIGHVBGzMJpRQiu5hC2Y.roa
File: w_KcGjFiIGHVBGzMJpRQiu5hC2Y.roa (raw, json)
Hash identifier: Bf1a5UmiAv3z0KrEB9AGLxAnb+xnM6NzUCMN3a6EQ6A=
Subject key identifier: C3:F2:9C:1A:31:62:20:61:D5:04:6C:CC:26:94:50:8A:EE:61:0B:66
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0190E4088FA2EE2672B91589EDC498A5F4F2
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/w_KcGjFiIGHVBGzMJpRQiu5hC2Y.roa
Signing time: Wed 24 Jul 2024 09:18:04 +0000
ROA not before: Wed 24 Jul 2024 09:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 45.66.248.0/24 maxlen: 24
45.66.249.0/24 maxlen: 24
45.143.166.0/23 maxlen: 24
45.150.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Oct 2024 13:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:08:8f:a2:ee:26:72:b9:15:89:ed:c4:98:a5:f4:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jul 24 09:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3f29c1a31622061d5046ccc2694508aee610b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:90:0d:6a:b3:eb:eb:a6:5f:d7:42:d6:cc:
92:76:56:7b:ae:1d:bf:78:f3:f9:b1:77:ba:9d:d2:
95:6a:c0:6e:a1:b8:48:ee:01:7d:96:34:62:3a:b5:
d4:b3:e9:ad:f0:3c:25:f0:c2:f1:a9:cd:4f:34:18:
66:9f:09:a3:54:37:62:2b:9f:72:ba:07:90:fa:00:
33:3f:e3:19:12:9b:e5:4b:2a:00:ff:95:6d:b1:c9:
d6:c2:ce:a7:b2:8b:d2:ad:59:73:61:16:7d:f1:bb:
12:f5:07:7c:a0:6e:6b:fb:d2:66:39:22:e4:6d:6d:
8b:92:96:ef:dd:df:cf:fe:2b:37:90:16:fb:94:88:
f0:3a:6f:21:cd:11:7e:3e:84:c5:72:3e:d5:a4:f1:
ea:1c:02:b1:b9:9b:97:b2:eb:05:86:90:75:38:8e:
6d:de:8f:81:0b:ed:40:7d:94:99:8a:7d:dd:d9:ed:
e5:0f:aa:b4:4c:b4:cc:00:c6:66:0e:9a:68:4e:3c:
ad:1f:e3:1e:4d:d4:01:51:18:28:a3:f2:11:ba:a8:
73:72:dd:f4:44:52:09:3f:d5:0e:5a:e2:cf:a4:b4:
8d:a0:49:f1:12:d4:60:33:0b:5a:ec:1f:47:7e:df:
0f:fd:de:d4:76:d9:8a:03:52:65:c7:57:86:57:bd:
d6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F2:9C:1A:31:62:20:61:D5:04:6C:CC:26:94:50:8A:EE:61:0B:66
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/w_KcGjFiIGHVBGzMJpRQiu5hC2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.248.0/23
45.143.166.0/23
45.150.108.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:11:7f:7b:41:b7:60:e7:10:cf:17:4a:c1:0d:d0:4d:09:1a:
7f:c9:d0:ce:cd:bc:18:1c:fb:a6:cf:99:8b:b9:46:d4:34:4c:
61:d2:26:c7:18:6d:39:fb:70:01:8a:b9:cd:2e:46:a1:56:7e:
69:53:f0:3a:06:d3:d5:c8:7d:3a:9a:0e:e6:d0:5f:1f:a8:cf:
39:b4:38:a2:05:f0:d9:d7:e9:54:63:03:5d:b4:f6:fc:ac:85:
8b:aa:55:06:f8:50:2e:4c:44:0b:4e:ad:9c:f0:fe:6e:16:48:
43:68:e2:06:a7:8e:69:35:b1:0f:70:ff:13:cb:ee:7c:81:90:
9b:eb:9f:61:fc:04:2e:ff:9b:16:40:dc:9a:a3:db:82:c8:12:
28:c3:23:48:3c:c2:e5:53:01:02:6f:f3:d0:df:1f:82:c8:77:
f8:52:7f:57:c3:74:79:80:47:db:f1:a2:04:56:7a:82:6b:d3:
b5:c7:98:8b:ba:9a:cb:6a:54:f7:5b:93:c8:9a:cf:28:20:04:
3a:61:a9:65:84:da:54:59:d9:9e:60:44:83:1f:72:78:12:b0:
95:e3:8d:9d:68:d0:f9:bd:17:af:0b:b1:9d:c4:7f:d2:77:b3:
7b:80:d0:d7:4b:bb:13:8f:a5:17:b5:ff:98:3b:33:4b:3e:94:
ed:aa:69:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDkCI+i7iZyuRWJ7cSYpfTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwNzI0MDkxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2YyOWMxYTMxNjIyMDYxZDUwNDZjY2MyNjk0NTA4YWVlNjEwYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vuQDWqz6+umX9dC1sySdlZ7rh2/
ePP5sXe6ndKVasBuobhI7gF9ljRiOrXUs+mt8Dwl8MLxqc1PNBhmnwmjVDdiK59y
ugeQ+gAzP+MZEpvlSyoA/5VtscnWws6nsovSrVlzYRZ98bsS9Qd8oG5r+9JmOSLk
bW2Lkpbv3d/P/is3kBb7lIjwOm8hzRF+PoTFcj7VpPHqHAKxuZuXsusFhpB1OI5t
3o+BC+1AfZSZin3d2e3lD6q0TLTMAMZmDppoTjytH+MeTdQBURgoo/IRuqhzct30
RFIJP9UOWuLPpLSNoEnxEtRgMwta7B9Hft8P/d7UdtmKA1Jlx1eGV73WUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMPynBoxYiBh1QRszCaUUIruYQtmMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvd19LY0dqRmlJR0hWQkd6TUpwUlFpdTVoQzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLUL4AwQB
LY+mAwQALZZsMA0GCSqGSIb3DQEBCwUAA4IBAQA6EX97Qbdg5xDPF0rBDdBNCRp/
ydDOzbwYHPumz5mLuUbUNExh0ibHGG05+3ABirnNLkahVn5pU/A6BtPVyH06mg7m
0F8fqM85tDiiBfDZ1+lUYwNdtPb8rIWLqlUG+FAuTEQLTq2c8P5uFkhDaOIGp45p
NbEPcP8Ty+58gZCb659h/AQu/5sWQNyao9uCyBIowyNIPMLlUwECb/PQ3x+CyHf4
Un9Xw3R5gEfb8aIEVnqCa9O1x5iLuprLalT3W5PIms8oIAQ6YallhNpUWdmeYESD
H3J4ErCV442daND5vRevC7GdxH/Sd7N7gNDXS7sTj6UXtf+YOzNLPpTtqmnT
-----END CERTIFICATE-----
Generated at Sat Oct 19 15:10:59 2024 by rpki-client on console-ams.rpki-client.org