Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/G0Dd9QLgfYWkLRUyaSKoM_OQjug.roa
File: G0Dd9QLgfYWkLRUyaSKoM_OQjug.roa (raw, json)
Hash identifier: PDb83lhNZ99xjrJmuedTkHuii2AZeF7ObrI7EwC6pY0=
Subject key identifier: 1B:40:DD:F5:02:E0:7D:85:A4:2D:15:32:69:22:A8:33:F3:90:8E:E8
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 018CC3B6F5CE590854B7E6C2F2EFA8CB3187
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/G0Dd9QLgfYWkLRUyaSKoM_OQjug.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 45.148.145.0/24 maxlen: 24
45.88.0.0/24 maxlen: 24
45.142.1.0/24 maxlen: 24
45.142.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 13:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f5:ce:59:08:54:b7:e6:c2:f2:ef:a8:cb:31:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b40ddf502e07d85a42d15326922a833f3908ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bb:45:01:98:90:97:35:db:09:ad:12:1f:3c:
96:62:0c:68:91:5e:f0:ef:8d:86:f0:a7:2d:13:7c:
ee:6f:cc:8a:bb:44:4a:d8:1d:57:de:37:72:f7:51:
94:b2:c5:c4:d2:a2:fa:00:73:7e:95:eb:b8:45:de:
32:91:56:0d:82:b2:17:27:a3:22:ad:fb:2c:91:81:
18:bf:0c:b6:72:1b:10:8b:28:ad:51:c6:65:8a:15:
0f:05:f7:89:f9:10:23:b5:27:ec:58:52:d4:fc:e8:
7c:3f:6d:54:9e:8a:cc:e4:93:86:c0:fb:17:76:2e:
a5:b6:87:03:2d:0a:fa:07:d3:55:83:b0:ed:ee:f6:
70:db:0f:c1:61:3e:e9:82:64:aa:ca:dd:cb:78:04:
c2:26:ff:8e:a5:0c:45:75:81:4f:4e:8c:52:ec:a6:
32:7a:88:c6:e2:27:75:68:e2:d3:42:6d:e7:3d:3f:
48:11:c9:40:2e:c1:e9:ca:f1:f0:1b:c0:e9:e8:be:
b9:bb:4b:e8:f6:8c:32:cc:0a:95:8b:0c:f2:d8:04:
5f:98:57:18:e6:8f:20:99:e3:75:a7:8e:a7:7a:f4:
90:b8:0b:83:57:ea:77:cb:7a:ee:c5:8f:a5:6d:df:
e5:a7:74:08:7d:8d:6f:c1:13:b9:05:e2:87:bb:98:
31:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:40:DD:F5:02:E0:7D:85:A4:2D:15:32:69:22:A8:33:F3:90:8E:E8
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/G0Dd9QLgfYWkLRUyaSKoM_OQjug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.0.0/24
45.142.1.0-45.142.2.255
45.148.145.0/24
Signature Algorithm: sha256WithRSAEncryption
29:4a:b7:ae:c6:ba:ae:18:18:75:5a:08:42:54:9d:5b:e2:99:
07:19:71:ea:38:49:58:d8:75:bd:e2:44:0e:ec:d8:58:4a:53:
10:d2:4c:b8:bf:fc:46:25:7b:2b:c4:0a:a6:60:22:f8:04:dd:
a7:1c:b3:36:95:46:d2:2d:8d:8c:e0:da:54:3e:f5:c5:63:75:
96:2b:7e:6c:6d:0e:a5:ae:15:6c:8b:c2:9d:ec:a0:18:d2:cf:
05:b3:f6:54:24:e0:c2:4b:c3:3b:c5:a0:82:00:0a:0d:2b:0e:
30:33:0f:8e:0e:0c:8b:c8:8b:05:40:87:e8:7a:22:4d:7a:78:
00:37:09:ed:a9:e1:9e:7e:9f:d1:39:d6:ee:03:e3:28:ec:e9:
3c:54:ab:90:ad:40:fd:c1:e8:09:51:b9:d6:a4:73:e6:4c:69:
d4:70:1a:9b:fc:53:78:47:23:c0:4e:04:89:58:c3:8e:01:16:
82:b7:e3:f3:69:63:0f:ea:ae:30:48:63:33:0d:39:be:80:0f:
d3:f1:ec:8f:df:70:bf:39:04:a6:4c:55:54:7a:c3:0d:f5:a8:
a9:ed:54:19:12:ce:5e:ff:8b:d2:65:4f:13:ba:e6:2e:4d:bd:
d7:90:4a:84:b5:37:60:f3:e3:24:9c:64:df:fc:d5:b8:dc:1e:
fb:31:a5:0c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDtvXOWQhUt+bC8u+oyzGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQwZGRmNTAyZTA3ZDg1YTQyZDE1MzI2OTIyYTgzM2YzOTA4ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLtFAZiQlzXbCa0SHzyWYgxokV7w
742G8KctE3zub8yKu0RK2B1X3jdy91GUssXE0qL6AHN+leu4Rd4ykVYNgrIXJ6Mi
rfsskYEYvwy2chsQiyitUcZlihUPBfeJ+RAjtSfsWFLU/Oh8P21UnorM5JOGwPsX
di6ltocDLQr6B9NVg7Dt7vZw2w/BYT7pgmSqyt3LeATCJv+OpQxFdYFPToxS7KYy
eojG4id1aOLTQm3nPT9IEclALsHpyvHwG8Dp6L65u0vo9owyzAqViwzy2ARfmFcY
5o8gmeN1p46nevSQuAuDV+p3y3ruxY+lbd/lp3QIfY1vwRO5BeKHu5gxtwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBtA3fUC4H2FpC0VMmkiqDPzkI7oMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvRzBEZDlRTGdmWVdrTFJVeWFTS29NX09RanVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVgAMAwD
BAAtjgEDBAAtjgIDBAAtlJEwDQYJKoZIhvcNAQELBQADggEBAClKt67Guq4YGHVa
CEJUnVvimQcZceo4SVjYdb3iRA7s2FhKUxDSTLi//EYleyvECqZgIvgE3accszaV
RtItjYzg2lQ+9cVjdZYrfmxtDqWuFWyLwp3soBjSzwWz9lQk4MJLwzvFoIIACg0r
DjAzD44ODIvIiwVAh+h6Ik16eAA3Ce2p4Z5+n9E51u4D4yjs6TxUq5CtQP3B6AlR
udakc+ZMadRwGpv8U3hHI8BOBIlYw44BFoK34/NpYw/qrjBIYzMNOb6AD9Px7I/f
cL85BKZMVVR6ww31qKntVBkSzl7/i9JlTxO65i5NvdeQSoS1N2Dz4yScZN/81bjc
HvsxpQw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org