Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/x_oJHhQ6V3XmL7ZEHElWv2kLAVQ.roa
File: x_oJHhQ6V3XmL7ZEHElWv2kLAVQ.roa (raw, json)
Hash identifier: f8tK0cOOfJH7/vPVxf9Gs3pTpQkYp+Rw8dsH0mkzuGU=
Subject key identifier: C7:FA:09:1E:14:3A:57:75:E6:2F:B6:44:1C:49:56:BF:69:0B:01:54
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E33DCFFE5DDBB724DFEADA6CA8C5DB0E8
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/x_oJHhQ6V3XmL7ZEHElWv2kLAVQ.roa
Signing time: Tue 12 Mar 2024 18:11:45 +0000
ROA not before: Tue 12 Mar 2024 18:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 147.45.50.0/24 maxlen: 24
147.45.51.0/24 maxlen: 24
147.45.84.0/24 maxlen: 24
147.45.85.0/24 maxlen: 24
147.45.86.0/24 maxlen: 24
147.45.87.0/24 maxlen: 24
147.45.116.0/24 maxlen: 24
147.45.200.0/23 maxlen: 23
147.45.202.0/23 maxlen: 23
147.45.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 09:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:dc:ff:e5:dd:bb:72:4d:fe:ad:a6:ca:8c:5d:b0:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 12 18:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7fa091e143a5775e62fb6441c4956bf690b0154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7c:91:a9:c1:2a:c6:75:02:c0:91:28:f2:5a:
56:f0:36:70:d1:51:ff:7b:ad:50:55:aa:c2:d7:56:
00:a2:61:03:30:27:b0:31:af:e0:ec:fd:36:68:90:
3c:74:52:59:51:13:a8:46:08:be:62:ee:8c:01:2d:
ed:5c:ac:25:fe:71:4b:92:3f:e7:17:e5:b2:4f:f3:
ab:09:a4:f0:cc:a4:32:34:dc:70:3d:93:46:95:bf:
6d:4d:9d:6f:e5:68:cc:20:ec:6e:da:7a:b4:3d:a3:
c5:9a:cf:69:3b:69:76:82:97:99:2b:69:23:99:15:
48:ff:66:a0:a5:68:f3:d5:94:91:1f:b9:86:57:c1:
82:57:e6:52:84:f9:e3:ff:c9:2e:1c:00:26:98:7d:
bb:99:13:30:6f:33:38:39:d3:9b:5f:ce:27:13:12:
e9:65:14:3a:73:5e:c1:5d:cf:df:1a:e8:50:d5:77:
ca:1b:a4:06:ad:ef:b1:a3:21:da:24:a6:9f:d8:cd:
fa:7b:93:fd:39:70:a6:b1:b7:8f:04:67:20:0c:1a:
28:12:93:c1:24:bf:5f:5a:57:3c:5f:a9:41:b3:8a:
06:c4:30:00:68:99:3d:2f:46:3d:29:0b:c8:6b:2a:
2c:6c:bd:9f:8c:fa:24:f9:74:0a:3a:fe:61:90:53:
4f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FA:09:1E:14:3A:57:75:E6:2F:B6:44:1C:49:56:BF:69:0B:01:54
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/x_oJHhQ6V3XmL7ZEHElWv2kLAVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.50.0/23
147.45.84.0/22
147.45.116.0/24
147.45.200.0-147.45.204.255
Signature Algorithm: sha256WithRSAEncryption
93:ba:d9:1d:7d:39:5c:91:07:3c:7a:b5:1f:b8:a5:5b:36:9e:
34:aa:87:87:51:ba:48:60:c6:5c:d0:ad:8e:f8:70:2a:ad:2b:
76:5d:14:eb:6b:e4:c3:39:3a:80:03:06:c1:5d:1c:0a:3b:19:
10:5e:9e:6e:31:4b:18:f8:b1:91:6f:d4:ba:18:60:1c:77:7c:
dd:53:5a:f5:f9:cd:78:7c:02:0b:db:9f:f7:ae:de:9e:77:af:
da:2a:b6:20:88:12:01:81:10:c1:60:4e:1f:64:4f:b4:86:51:
7d:25:30:87:bd:cd:73:93:62:43:af:95:80:8e:3a:a4:29:e7:
4f:07:07:e6:68:f6:4a:36:dd:1a:d4:ea:53:7b:04:b4:1a:e5:
61:b4:22:cb:52:9c:6a:a3:59:c4:11:81:d3:2f:36:27:0f:1e:
4f:46:a9:0b:00:e2:ea:27:2b:db:14:b4:8a:1e:b1:87:f1:be:
ee:d2:09:7f:5b:87:ee:a0:4f:2d:75:0c:85:1a:d9:d3:c3:ee:
06:36:bd:b6:b2:b1:97:53:96:b4:d2:da:c1:7c:cc:c5:c0:c8:
1a:b2:a2:41:bd:6e:73:1f:bf:20:5b:84:8a:73:40:86:7e:d9:
b9:ce:cf:e1:4d:9b:cd:08:bf:59:3b:10:47:91:b0:f0:4f:e3:
2c:82:ae:01
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY4z3P/l3btyTf6tpsqMXbDoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzEyMTgxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZhMDkxZTE0M2E1Nzc1ZTYyZmI2NDQxYzQ5NTZiZjY5MGIwMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXyRqcEqxnUCwJEo8lpW8DZw0VH/
e61QVarC11YAomEDMCewMa/g7P02aJA8dFJZUROoRgi+Yu6MAS3tXKwl/nFLkj/n
F+WyT/OrCaTwzKQyNNxwPZNGlb9tTZ1v5WjMIOxu2nq0PaPFms9pO2l2gpeZK2kj
mRVI/2agpWjz1ZSRH7mGV8GCV+ZShPnj/8kuHAAmmH27mRMwbzM4OdObX84nExLp
ZRQ6c17BXc/fGuhQ1XfKG6QGre+xoyHaJKaf2M36e5P9OXCmsbePBGcgDBooEpPB
JL9fWlc8X6lBs4oGxDAAaJk9L0Y9KQvIayosbL2fjPok+XQKOv5hkFNP/QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMf6CR4UOld15i+2RBxJVr9pCwFUMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveF9vSkhoUTZWM1htTDdaRUhFbFd2MmtMQVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBky0yAwQC
ky1UAwQAky10MAwDBAOTLcgDBACTLcwwDQYJKoZIhvcNAQELBQADggEBAJO62R19
OVyRBzx6tR+4pVs2njSqh4dRukhgxlzQrY74cCqtK3ZdFOtr5MM5OoADBsFdHAo7
GRBenm4xSxj4sZFv1LoYYBx3fN1TWvX5zXh8Agvbn/eu3p53r9oqtiCIEgGBEMFg
Th9kT7SGUX0lMIe9zXOTYkOvlYCOOqQp508HB+Zo9ko23RrU6lN7BLQa5WG0IstS
nGqjWcQRgdMvNicPHk9GqQsA4uonK9sUtIoesYfxvu7SCX9bh+6gTy11DIUa2dPD
7gY2vbaysZdTlrTS2sF8zMXAyBqyokG9bnMfvyBbhIpzQIZ+2bnOz+FNm80Iv1k7
EEeRsPBP4yyCrgE=
-----END CERTIFICATE-----
Generated at Tue Mar 19 12:34:48 2024 by rpki-client on console-fra.rpki-client.org