Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/cdtMPnrH2APfi081uOJOReLoEZM.roa
File: cdtMPnrH2APfi081uOJOReLoEZM.roa (raw, json)
Hash identifier: TvyOSJl5h1DO7P7pb6UnLPryzhbBCaqAs0vDmGW7AVE=
Subject key identifier: 71:DB:4C:3E:7A:C7:D8:03:DF:8B:4F:35:B8:E2:4E:45:E2:E8:11:93
Certificate issuer: /CN=28178243a0866b091272d1e1eb451e71e413b99a
Certificate serial: 018FA4F2213D502BEC05F579D138FA8D4620
Authority key identifier: 28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/cdtMPnrH2APfi081uOJOReLoEZM.roa
Signing time: Thu 23 May 2024 10:14:42 +0000
ROA not before: Thu 23 May 2024 10:14:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208152
IP address blocks: 45.85.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 20 Nov 2024 10:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:f2:21:3d:50:2b:ec:05:f5:79:d1:38:fa:8d:46:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28178243a0866b091272d1e1eb451e71e413b99a
Validity
Not Before: May 23 10:14:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71db4c3e7ac7d803df8b4f35b8e24e45e2e81193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:53:e6:90:f7:f8:bc:a8:32:f1:18:05:5f:bd:
64:b7:20:e2:69:39:24:79:1b:2b:df:d2:fc:27:0c:
19:b4:0b:57:04:be:56:5f:61:95:ac:e6:1c:e8:09:
0f:c5:70:d9:7c:6a:74:f3:10:1d:c3:fa:f1:f0:f5:
76:82:2a:9b:b8:a4:33:be:47:4f:a7:1d:2d:80:3a:
aa:fc:e6:60:17:53:55:f7:68:51:df:b6:4f:e0:73:
17:71:6c:a0:36:e6:d6:d1:42:07:4a:a2:56:b3:43:
a1:60:dd:17:f4:f2:15:d8:cb:eb:bc:bb:89:9a:d6:
a4:c8:6f:33:4f:86:2f:fa:b0:72:e1:b2:be:c3:b7:
23:43:b6:85:60:62:f0:1b:b5:d4:fb:c7:29:df:f5:
ad:2b:68:53:ac:e6:4f:23:7d:c2:3d:82:95:be:82:
92:63:8c:5a:a1:3c:0d:4b:eb:09:8e:c3:d3:f8:1b:
20:a3:b1:ef:64:17:42:44:98:69:13:bc:d0:aa:0c:
09:a5:20:1a:8d:64:8d:ad:1c:b8:dc:7f:b0:4f:20:
19:06:01:04:57:46:f5:dc:8b:3f:3a:d1:65:b4:4c:
bb:c1:d1:64:88:e6:33:b1:62:e3:2e:89:77:ca:8b:
4f:2d:d3:6c:ef:c2:5d:47:7a:5b:cf:33:32:91:8d:
33:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DB:4C:3E:7A:C7:D8:03:DF:8B:4F:35:B8:E2:4E:45:E2:E8:11:93
X509v3 Authority Key Identifier:
keyid:28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/cdtMPnrH2APfi081uOJOReLoEZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.220.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:8a:24:70:98:94:48:82:aa:f2:b8:45:7f:c4:cc:de:40:81:
45:0d:64:04:ad:a3:1f:f6:a1:e1:e7:81:4a:eb:d1:35:68:65:
27:7c:de:9c:f9:29:ac:4a:50:6c:d1:0e:31:65:6f:25:ec:33:
6a:f7:cd:59:0a:e6:ae:63:64:73:e7:94:e6:2e:60:bc:82:08:
80:7b:ad:aa:62:45:8e:07:55:40:d5:c4:61:3d:6e:13:13:f5:
3a:90:74:58:8d:e9:7d:70:b7:37:0b:dc:1f:39:be:52:2b:8d:
40:bc:7e:e3:d0:f4:a5:66:a3:09:be:a6:a8:55:45:cd:74:09:
7b:a0:7d:50:62:c8:0f:7a:52:0f:37:c0:7c:71:7c:eb:11:4a:
17:a7:0e:10:c5:18:86:fe:c5:b7:9e:b7:60:82:a5:8a:c9:e4:
c6:f1:2d:7c:23:40:2f:a5:33:07:31:20:5a:9a:db:37:69:bb:
23:b9:9a:c5:af:6a:3b:db:9a:1f:f3:32:b0:38:45:31:42:ce:
b1:55:5c:7c:65:a9:0c:7e:1a:34:93:b5:f8:45:a5:9d:78:e8:
0f:a5:aa:64:18:60:79:81:42:a4:6a:93:23:f2:17:2a:7b:04:
77:91:cd:d5:9c:6d:57:57:12:2d:dd:b1:e2:78:cb:2d:af:64:
4c:00:81:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+k8iE9UCvsBfV50Tj6jUYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTc4MjQzYTA4NjZiMDkxMjcyZDFlMWViNDUxZTcxZTQx
M2I5OWEwHhcNMjQwNTIzMTAxNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWRiNGMzZTdhYzdkODAzZGY4YjRmMzViOGUyNGU0NWUyZTgxMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslPmkPf4vKgy8RgFX71ktyDiaTkk
eRsr39L8JwwZtAtXBL5WX2GVrOYc6AkPxXDZfGp08xAdw/rx8PV2giqbuKQzvkdP
px0tgDqq/OZgF1NV92hR37ZP4HMXcWygNubW0UIHSqJWs0OhYN0X9PIV2MvrvLuJ
mtakyG8zT4Yv+rBy4bK+w7cjQ7aFYGLwG7XU+8cp3/WtK2hTrOZPI33CPYKVvoKS
Y4xaoTwNS+sJjsPT+Bsgo7HvZBdCRJhpE7zQqgwJpSAajWSNrRy43H+wTyAZBgEE
V0b13Is/OtFltEy7wdFkiOYzsWLjLol3yotPLdNs78JdR3pbzzMykY0zbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHHbTD56x9gD34tPNbjiTkXi6BGTMB8GA1UdIwQY
MBaAFCgXgkOghmsJEnLR4etFHnHkE7maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzIt
NmNlM2MwM2ExMzRjLzEvY2R0TVBuckgyQVBmaTA4MXVPSk9SZUxvRVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzItNmNlM2MwM2ExMzRj
LzEvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVXcMA0G
CSqGSIb3DQEBCwUAA4IBAQAviiRwmJRIgqryuEV/xMzeQIFFDWQEraMf9qHh54FK
69E1aGUnfN6c+SmsSlBs0Q4xZW8l7DNq981ZCuauY2Rz55TmLmC8ggiAe62qYkWO
B1VA1cRhPW4TE/U6kHRYjel9cLc3C9wfOb5SK41AvH7j0PSlZqMJvqaoVUXNdAl7
oH1QYsgPelIPN8B8cXzrEUoXpw4QxRiG/sW3nrdggqWKyeTG8S18I0AvpTMHMSBa
mts3absjuZrFr2o725of8zKwOEUxQs6xVVx8ZakMfho0k7X4RaWdeOgPpapkGGB5
gUKkapMj8hcqewR3kc3VnG1XVxIt3bHieMstr2RMAIET
-----END CERTIFICATE-----
Generated at Wed Nov 20 14:28:25 2024 by rpki-client on console-ams.rpki-client.org