Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/N1AFvwBBU-Bb9h6czLDkbKuGMIc.roa
File: N1AFvwBBU-Bb9h6czLDkbKuGMIc.roa (raw, json)
Hash identifier: Q6dmgwVUE9wYEGGf47KAF1deYpdrwj5co/unzjA6Tm0=
Subject key identifier: 37:50:05:BF:00:41:53:E0:5B:F6:1E:9C:CC:B0:E4:6C:AB:86:30:87
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D28407E520E05A5667C9262582BE2242B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/N1AFvwBBU-Bb9h6czLDkbKuGMIc.roa
Signing time: Sat 20 Jan 2024 19:02:11 +0000
ROA not before: Sat 20 Jan 2024 19:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59504
IP address blocks: 147.45.46.0/24 maxlen: 24
147.45.112.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 15 Feb 2024 13:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:28:40:7e:52:0e:05:a5:66:7c:92:62:58:2b:e2:24:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 20 19:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=375005bf004153e05bf61e9cccb0e46cab863087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:55:a2:8a:39:27:3d:e7:f6:30:ec:6a:a3:f0:
7d:de:01:ee:77:e2:47:a7:07:8f:54:d0:9a:56:13:
a0:22:64:00:45:39:70:65:c4:45:56:2f:b0:3a:d8:
f8:fc:59:5f:5c:74:9e:ac:41:b3:7d:73:bc:4f:fb:
94:55:7e:6e:17:65:e9:d3:c2:45:10:8b:e4:48:61:
ef:06:62:72:36:85:19:e0:b1:0d:fe:f2:44:ce:ed:
f2:19:b8:6e:82:07:9f:9c:63:3f:ce:c0:62:8d:d8:
e5:d3:d7:32:9d:73:86:70:b1:9f:3e:be:fb:7e:25:
09:89:38:43:c7:45:36:86:b4:42:92:92:52:f1:e6:
ef:7b:11:ad:dc:b3:5c:47:60:9e:26:d3:ff:ef:83:
2c:f7:c5:20:60:3b:2b:4e:28:65:43:56:e1:27:25:
09:41:87:74:3d:7d:79:4a:b3:22:60:47:44:43:a6:
b7:c5:8d:2b:70:24:d2:bd:e3:29:40:7a:37:8c:24:
79:0e:0a:b9:9b:95:70:56:a9:12:bb:ab:85:5d:9d:
95:1f:da:b7:9e:6c:c8:d7:bd:cc:3d:50:db:98:98:
52:87:f9:cf:00:b6:8c:51:fe:e8:0a:e9:bd:48:ac:
70:99:2d:c6:14:47:b1:e9:33:12:4e:a9:f0:28:2a:
88:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:50:05:BF:00:41:53:E0:5B:F6:1E:9C:CC:B0:E4:6C:AB:86:30:87
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/N1AFvwBBU-Bb9h6czLDkbKuGMIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.46.0/24
147.45.112.0/22
Signature Algorithm: sha256WithRSAEncryption
01:fd:40:57:4e:a7:21:f5:32:34:2a:b5:16:fa:c5:cc:77:58:
e1:df:fc:0b:10:bc:84:29:98:8a:f2:ab:f4:cc:ef:85:a7:28:
9c:54:fa:a1:f7:c4:fc:b1:ef:43:fd:96:d3:e6:85:eb:7d:72:
28:e8:0b:16:48:47:27:ee:4e:28:ec:06:2a:69:66:a9:3c:cf:
6c:14:a9:3a:90:33:d7:12:60:13:f8:37:ec:37:6b:e8:a0:ae:
e4:2d:25:75:ce:8b:09:9b:c4:07:f5:67:9a:60:8b:53:9a:c9:
b4:a4:72:3e:b2:35:e6:85:34:f3:06:c6:ae:2c:29:fe:b7:6f:
52:a4:03:67:e5:04:8f:cf:5d:03:0f:53:74:a3:8f:6c:1b:df:
49:af:87:65:90:71:a8:3e:e5:33:b3:3c:a5:99:62:e9:29:bb:
c2:81:e1:f1:20:69:77:c1:53:1d:fc:a9:28:81:95:98:a3:db:
6d:e6:e0:dc:9b:72:c4:cc:55:29:09:9c:5a:e7:d3:5e:bc:2f:
8b:e6:27:77:23:9f:87:82:26:96:74:9d:15:31:88:ca:3e:ed:
11:f3:d2:0b:21:a4:b6:05:28:43:57:7e:4b:52:d3:ce:34:70:
b3:93:f7:c9:8b:dd:1b:e3:e0:f0:5c:c0:21:f5:82:21:3d:03:
c0:29:9c:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0oQH5SDgWlZnySYlgr4iQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTIwMTkwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUwMDViZjAwNDE1M2UwNWJmNjFlOWNjY2IwZTQ2Y2FiODYzMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1WiijknPef2MOxqo/B93gHud+JH
pwePVNCaVhOgImQARTlwZcRFVi+wOtj4/FlfXHSerEGzfXO8T/uUVX5uF2Xp08JF
EIvkSGHvBmJyNoUZ4LEN/vJEzu3yGbhuggefnGM/zsBijdjl09cynXOGcLGfPr77
fiUJiThDx0U2hrRCkpJS8ebvexGt3LNcR2CeJtP/74Ms98UgYDsrTihlQ1bhJyUJ
QYd0PX15SrMiYEdEQ6a3xY0rcCTSveMpQHo3jCR5Dgq5m5VwVqkSu6uFXZ2VH9q3
nmzI173MPVDbmJhSh/nPALaMUf7oCum9SKxwmS3GFEex6TMSTqnwKCqI9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdQBb8AQVPgW/YenMyw5GyrhjCHMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvTjFBRnZ3QkJVLUJiOWg2Y3pMRGtiS3VHTUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky0uAwQC
ky1wMA0GCSqGSIb3DQEBCwUAA4IBAQAB/UBXTqch9TI0KrUW+sXMd1jh3/wLELyE
KZiK8qv0zO+FpyicVPqh98T8se9D/ZbT5oXrfXIo6AsWSEcn7k4o7AYqaWapPM9s
FKk6kDPXEmAT+DfsN2vooK7kLSV1zosJm8QH9WeaYItTmsm0pHI+sjXmhTTzBsau
LCn+t29SpANn5QSPz10DD1N0o49sG99Jr4dlkHGoPuUzszylmWLpKbvCgeHxIGl3
wVMd/KkogZWYo9tt5uDcm3LEzFUpCZxa59NevC+L5id3I5+HgiaWdJ0VMYjKPu0R
89ILIaS2BShDV35LUtPONHCzk/fJi90b4+DwXMAh9YIhPQPAKZxq
-----END CERTIFICATE-----
Generated at Thu Feb 15 15:57:06 2024 by rpki-client on console-ams.rpki-client.org