Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/idbzqT0sqwet9jiztOg3jI146fg.roa
File: idbzqT0sqwet9jiztOg3jI146fg.roa (raw, json)
Hash identifier: 8AaWzrll9YbHHpa2f3zDcG/qbGcFugHpIZMHGSTafwE=
Subject key identifier: 89:D6:F3:A9:3D:2C:AB:07:AD:F6:38:B3:B4:E8:37:8C:8D:78:E9:F8
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018DA96E6AD9C574BF534B024FEF46C92550
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/idbzqT0sqwet9jiztOg3jI146fg.roa
Signing time: Wed 14 Feb 2024 21:03:22 +0000
ROA not before: Wed 14 Feb 2024 21:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 147.45.116.0/24 maxlen: 24
147.45.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 10:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a9:6e:6a:d9:c5:74:bf:53:4b:02:4f:ef:46:c9:25:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 14 21:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89d6f3a93d2cab07adf638b3b4e8378c8d78e9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:3f:16:90:82:d1:d8:29:e9:4f:74:a0:bb:
8c:29:1b:8c:50:f5:34:11:ff:cb:2f:bb:70:cb:ed:
ce:f7:bf:08:db:54:19:81:3f:f4:fd:3e:ed:d7:eb:
bc:fe:46:bf:cc:ce:48:30:5b:87:44:78:2e:64:c6:
2c:77:b1:4f:b4:09:00:f4:26:db:d9:10:0c:5f:8f:
3c:00:24:03:7d:4f:bf:dc:33:0f:92:fd:b4:bc:80:
0b:69:52:51:94:9e:08:89:14:3b:53:4e:fa:eb:84:
49:74:34:32:2f:91:dc:a5:b1:e0:3e:d6:46:44:17:
4c:3d:f5:4a:cd:b1:f2:37:b9:5c:6e:fc:70:46:65:
e6:3e:20:bd:ed:73:90:cc:a7:12:72:e0:fb:90:3f:
7d:2e:3e:f9:6b:e5:12:ff:ed:83:cd:d5:c4:cd:07:
13:25:09:12:60:2e:c0:c7:51:a6:5f:8a:20:46:40:
90:ae:32:07:78:99:07:0b:78:5a:ac:6c:b6:d3:f4:
96:e9:fd:48:20:e6:be:9a:4a:ef:63:d0:8f:30:fa:
5a:4c:d1:e1:01:5a:c8:b3:cd:b2:08:e1:a5:8a:65:
9f:94:7d:42:6a:20:fd:98:b0:e5:4d:d9:1f:36:09:
7f:41:fc:c8:39:d8:ab:c2:9b:4b:bc:a3:8b:d2:08:
29:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D6:F3:A9:3D:2C:AB:07:AD:F6:38:B3:B4:E8:37:8C:8D:78:E9:F8
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/idbzqT0sqwet9jiztOg3jI146fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.116.0/24
147.45.204.0/24
Signature Algorithm: sha256WithRSAEncryption
60:8f:cc:06:e4:d2:98:d6:c6:e0:64:7f:dc:f9:3b:56:cc:0b:
98:e9:b1:62:05:de:3d:dc:6c:05:67:41:63:92:8c:27:09:f0:
3b:e8:f7:bd:c7:5b:b7:e0:82:03:83:e2:25:3e:de:95:94:2b:
4e:61:92:2b:b0:2e:e2:f0:68:ec:9b:18:ef:6b:05:6c:8e:db:
a8:03:4d:ce:56:ce:b3:e9:fd:bd:ca:42:c2:90:36:69:06:b4:
5d:e0:aa:a5:4e:e1:33:b7:e6:6c:70:fd:d8:33:2b:1a:bf:5b:
31:bd:af:1d:ed:29:05:c6:3d:19:89:e3:d1:58:df:8e:b7:95:
1f:a0:1c:77:b1:6a:73:cd:b2:f9:3d:8e:ac:9d:fe:ee:34:c1:
55:dc:2e:73:e3:31:ee:e6:57:b9:1a:d5:35:54:58:65:b4:44:
aa:26:92:91:da:4c:60:bb:f6:c7:6f:3e:27:31:77:17:47:96:
f3:2c:de:5d:aa:eb:da:7d:d7:42:b9:d0:3d:6e:b4:86:29:bb:
fc:09:9b:46:f3:7e:09:1f:7c:2e:70:3c:42:c3:42:26:15:77:
49:18:06:16:cf:fc:7e:97:c2:64:e2:b7:2c:3f:a3:03:00:b7:
82:7d:4a:65:7d:c0:7e:d3:97:88:c1:ff:e7:b4:0b:9e:4d:b0:
47:5d:22:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2pbmrZxXS/U0sCT+9GySVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjE0MjEwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ2ZjNhOTNkMmNhYjA3YWRmNjM4YjNiNGU4Mzc4YzhkNzhlOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZI/FpCC0dgp6U90oLuMKRuMUPU0
Ef/LL7twy+3O978I21QZgT/0/T7t1+u8/ka/zM5IMFuHRHguZMYsd7FPtAkA9Cbb
2RAMX488ACQDfU+/3DMPkv20vIALaVJRlJ4IiRQ7U07664RJdDQyL5HcpbHgPtZG
RBdMPfVKzbHyN7lcbvxwRmXmPiC97XOQzKcScuD7kD99Lj75a+US/+2DzdXEzQcT
JQkSYC7Ax1GmX4ogRkCQrjIHeJkHC3harGy20/SW6f1IIOa+mkrvY9CPMPpaTNHh
AVrIs82yCOGlimWflH1CaiD9mLDlTdkfNgl/QfzIOdirwptLvKOL0ggp1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFInW86k9LKsHrfY4s7ToN4yNeOn4MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaWRienFUMHNxd2V0OWppenRPZzNqSTE0NmZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky10AwQA
ky3MMA0GCSqGSIb3DQEBCwUAA4IBAQBgj8wG5NKY1sbgZH/c+TtWzAuY6bFiBd49
3GwFZ0FjkownCfA76Pe9x1u34IIDg+IlPt6VlCtOYZIrsC7i8GjsmxjvawVsjtuo
A03OVs6z6f29ykLCkDZpBrRd4KqlTuEzt+ZscP3YMysav1sxva8d7SkFxj0ZiePR
WN+Ot5UfoBx3sWpzzbL5PY6snf7uNMFV3C5z4zHu5le5GtU1VFhltESqJpKR2kxg
u/bHbz4nMXcXR5bzLN5dquvafddCudA9brSGKbv8CZtG834JH3wucDxCw0ImFXdJ
GAYWz/x+l8Jk4rcsP6MDALeCfUplfcB+05eIwf/ntAueTbBHXSIB
-----END CERTIFICATE-----
Generated at Thu Feb 22 15:54:49 2024 by rpki-client on console-ams.rpki-client.org