Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vAvOhf4w4esaESXo-jzEzB_NRJs.roa
File: vAvOhf4w4esaESXo-jzEzB_NRJs.roa (raw, json)
Hash identifier: ydLXmOL2ZLY2ue0ysFHspmXiL5cH0fkH1RZL7rJ6lf4=
Subject key identifier: BC:0B:CE:85:FE:30:E1:EB:1A:11:25:E8:FA:3C:C4:CC:1F:CD:44:9B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01877908A509C4DED0198C8001C2D1ABA79B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vAvOhf4w4esaESXo-jzEzB_NRJs.roa
Signing time: Thu 13 Apr 2023 05:13:42 +0000
ROA not before: Thu 13 Apr 2023 05:13:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60446
IP address blocks: 45.14.164.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
2.59.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 May 2023 13:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:08:a5:09:c4:de:d0:19:8c:80:01:c2:d1:ab:a7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 13 05:13:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc0bce85fe30e1eb1a1125e8fa3cc4cc1fcd449b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a1:79:4b:83:6f:2f:dd:b4:d2:85:56:64:52:
08:61:06:a0:70:9c:a1:d6:f4:8d:55:5c:61:5d:0a:
be:27:18:0d:ae:a8:d8:ab:21:74:08:83:08:d6:aa:
23:ad:43:4f:20:85:9e:f9:d3:2c:ae:07:99:60:63:
77:31:dc:98:61:21:c0:b7:f0:ce:50:63:ff:56:6b:
27:0b:43:99:47:35:90:a4:08:ab:7c:20:60:e1:8e:
ad:94:61:8d:a3:0a:3e:1d:60:c0:df:02:8e:b9:36:
f6:e1:d7:99:d9:7c:7f:a4:27:f3:09:8f:50:14:e5:
b6:72:7d:81:2e:85:d5:fc:f1:83:b4:ed:0e:12:fc:
b6:fd:6a:bc:5e:3e:ed:6c:c2:f9:0a:ee:d0:96:2f:
e9:2c:86:35:b4:79:c4:f6:60:bd:a1:33:b8:92:e7:
09:f4:56:c8:db:e7:97:76:cc:f1:9f:a9:8f:35:bc:
3c:55:8b:24:24:a4:43:3f:d0:dc:aa:e2:58:c9:74:
94:86:16:a3:0f:50:d4:f5:3e:2f:f1:9d:7e:39:b4:
e3:96:90:eb:e0:71:c2:0c:83:53:96:68:f1:1a:8e:
28:21:f1:90:28:ae:3c:e4:c7:7b:2b:00:96:69:ea:
d4:02:0f:ce:e2:c1:e6:be:34:1e:3e:31:6d:a6:bc:
94:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0B:CE:85:FE:30:E1:EB:1A:11:25:E8:FA:3C:C4:CC:1F:CD:44:9B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vAvOhf4w4esaESXo-jzEzB_NRJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.252.0/24
45.9.157.0/24
45.14.164.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:66:e5:5f:3e:31:ce:40:75:78:d7:26:07:48:f4:0c:77:db:
70:f3:cc:15:30:6f:29:75:39:82:ae:ee:54:f4:eb:78:f3:48:
9c:78:4e:3f:fe:3f:94:a7:8d:6c:8f:3b:74:82:73:9e:ba:01:
86:a6:ae:7b:98:f2:02:5a:9b:24:c1:3b:69:13:02:e3:3d:c0:
03:e0:ec:58:d4:26:64:67:7e:b5:d4:f5:04:f2:e3:84:de:96:
58:9a:82:1b:69:96:fc:b0:b9:58:4a:d5:5f:15:0f:a5:ed:80:
79:d7:f9:ab:c8:25:70:82:5f:7b:02:7d:95:cd:98:96:95:f4:
2f:2b:18:e5:94:8f:d8:a9:01:6b:50:fb:86:5c:a2:0a:c3:6c:
65:0a:c9:7c:5c:d3:8c:53:f5:37:c5:34:0f:45:78:bd:b4:f8:
ca:9d:4c:bf:7f:43:53:64:f7:83:47:e7:ce:8b:f3:46:cd:3b:
3a:00:2d:f0:4f:9c:2e:3b:63:fa:d1:97:a2:30:89:ea:8d:7b:
d7:5e:1d:9d:4d:8d:fc:06:e7:2c:7c:07:97:2f:e2:3d:63:a1:
d5:30:b6:43:c4:59:75:ef:78:cf:86:3b:3f:32:b6:c6:00:a9:
ac:ba:c4:c9:8c:40:95:cf:14:05:16:0e:c6:ab:aa:fc:14:4b:
ea:c8:0c:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd5CKUJxN7QGYyAAcLRq6ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEzMDUxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzBiY2U4NWZlMzBlMWViMWExMTI1ZThmYTNjYzRjYzFmY2Q0NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqF5S4NvL9200oVWZFIIYQagcJyh
1vSNVVxhXQq+JxgNrqjYqyF0CIMI1qojrUNPIIWe+dMsrgeZYGN3MdyYYSHAt/DO
UGP/VmsnC0OZRzWQpAirfCBg4Y6tlGGNowo+HWDA3wKOuTb24deZ2Xx/pCfzCY9Q
FOW2cn2BLoXV/PGDtO0OEvy2/Wq8Xj7tbML5Cu7Qli/pLIY1tHnE9mC9oTO4kucJ
9FbI2+eXdszxn6mPNbw8VYskJKRDP9DcquJYyXSUhhajD1DU9T4v8Z1+ObTjlpDr
4HHCDINTlmjxGo4oIfGQKK485Md7KwCWaerUAg/O4sHmvjQePjFtpryUhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLwLzoX+MOHrGhEl6Po8xMwfzUSbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdkF2T2hmNHc0ZXNhRVNYby1qekV6Ql9OUkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjv8AwQA
LQmdAwQALQ6kMA0GCSqGSIb3DQEBCwUAA4IBAQCiZuVfPjHOQHV41yYHSPQMd9tw
88wVMG8pdTmCru5U9Ot480iceE4//j+Up41sjzt0gnOeugGGpq57mPICWpskwTtp
EwLjPcAD4OxY1CZkZ3611PUE8uOE3pZYmoIbaZb8sLlYStVfFQ+l7YB51/mryCVw
gl97An2VzZiWlfQvKxjllI/YqQFrUPuGXKIKw2xlCsl8XNOMU/U3xTQPRXi9tPjK
nUy/f0NTZPeDR+fOi/NGzTs6AC3wT5wuO2P60ZeiMInqjXvXXh2dTY38BucsfAeX
L+I9Y6HVMLZDxFl173jPhjs/MrbGAKmsusTJjECVzxQFFg7Gq6r8FEvqyAx3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:21 2024 by rpki-client on console-fra.rpki-client.org