Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yrwNuWXLAQF5O6qP0_ZcxBCXhz8.roa
File: yrwNuWXLAQF5O6qP0_ZcxBCXhz8.roa (raw, json)
Hash identifier: 1PgThHYzOckRrmGHgM2rr883yPB0TIRhVrjIq/S3xNU=
Subject key identifier: CA:BC:0D:B9:65:CB:01:01:79:3B:AA:8F:D3:F6:5C:C4:10:97:87:3F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018EBEBD7AA120CCD0DAD848A4788E106CD9
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yrwNuWXLAQF5O6qP0_ZcxBCXhz8.roa
Signing time: Mon 08 Apr 2024 17:24:32 +0000
ROA not before: Mon 08 Apr 2024 17:24:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57494
IP address blocks: 147.45.102.0/24 maxlen: 24
147.45.147.0/24 maxlen: 24
147.45.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 13:05:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:bd:7a:a1:20:cc:d0:da:d8:48:a4:78:8e:10:6c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 8 17:24:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cabc0db965cb0101793baa8fd3f65cc41097873f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:53:0a:1e:9b:94:66:c7:72:a3:1e:e9:40:24:
6f:8c:e2:a7:71:b4:05:1b:6e:70:7a:f6:fb:72:c7:
b9:95:2c:21:de:a5:bc:ff:a6:03:41:fe:c1:c0:27:
9a:16:1f:6e:a6:e1:fd:b1:1e:3b:de:d5:8e:39:85:
34:00:95:60:eb:b9:98:7d:12:f7:a4:59:c8:c8:9e:
25:05:c1:12:8d:f3:2a:05:7c:2d:91:14:00:86:05:
d4:aa:7f:1a:ff:1f:b7:9e:86:24:83:ca:59:8b:e0:
9a:86:8b:2f:56:24:63:f5:e2:5d:62:f4:b8:5f:37:
8a:49:01:5a:b4:f9:ba:95:f7:59:c4:1e:e4:63:75:
b0:1a:32:3b:35:46:ec:8a:0a:88:09:dd:bc:30:0f:
e9:77:d4:36:78:23:0f:99:33:06:4e:54:eb:11:e5:
46:30:2c:c2:17:67:2d:de:ee:34:76:94:86:70:37:
5b:35:78:cb:5a:de:c6:d3:c3:49:5e:a1:84:d6:2b:
6b:c1:f9:27:bc:24:f2:39:e3:70:20:ce:0a:e2:9d:
8d:73:b8:ac:e1:ad:b2:27:d0:5c:0a:b0:e3:45:e8:
7b:f5:e5:53:f4:69:03:cd:93:ad:d5:12:0f:bf:82:
87:9e:27:a0:ba:11:fe:7b:4c:4c:5a:19:2a:47:cf:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BC:0D:B9:65:CB:01:01:79:3B:AA:8F:D3:F6:5C:C4:10:97:87:3F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/yrwNuWXLAQF5O6qP0_ZcxBCXhz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.102.0/24
147.45.147.0/24
147.45.158.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:89:0c:08:e2:7b:e3:93:e5:7a:30:97:95:22:82:11:c1:09:
5a:be:f2:9a:cf:d0:de:75:23:cb:8f:9f:69:0d:8f:3e:9e:06:
5e:c8:3a:ac:15:ec:c4:3a:d6:44:d1:c0:66:26:c3:6b:7b:b7:
5c:60:1c:20:2f:a0:86:e2:28:a4:85:2c:20:cc:b2:aa:1e:c0:
49:bc:d0:b7:ea:21:35:33:88:1c:0f:20:29:20:d5:f8:17:e2:
6f:4b:18:6b:04:9a:d2:60:ce:f5:93:62:75:21:28:0d:0a:26:
99:58:8c:5e:ee:85:b3:39:b4:03:e2:22:21:04:10:d1:14:e9:
01:e7:c1:eb:85:2a:87:fe:45:03:31:71:81:f3:90:49:46:02:
c9:e4:47:84:a0:26:9d:22:02:42:d3:cf:c6:60:5b:dc:f3:02:
71:b4:48:ad:39:cd:4c:dd:fd:64:dd:1a:bb:f7:73:37:48:14:
11:b0:ad:04:e6:6e:a1:fd:da:9e:28:fe:0a:6d:ec:f9:cd:e3:
64:a5:57:13:a5:3b:b1:42:fe:3f:2a:3c:63:98:76:9c:39:68:
eb:a2:21:42:e0:4f:92:12:a7:60:61:2f:5e:ee:2a:b2:15:0c:
12:ca:f7:c7:69:df:a8:88:4f:f4:69:ab:29:4c:07:d0:6b:28:
b9:63:fc:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6+vXqhIMzQ2thIpHiOEGzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNDA4MTcyNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJjMGRiOTY1Y2IwMTAxNzkzYmFhOGZkM2Y2NWNjNDEwOTc4NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFMKHpuUZsdyox7pQCRvjOKncbQF
G25wevb7cse5lSwh3qW8/6YDQf7BwCeaFh9upuH9sR473tWOOYU0AJVg67mYfRL3
pFnIyJ4lBcESjfMqBXwtkRQAhgXUqn8a/x+3noYkg8pZi+CahosvViRj9eJdYvS4
XzeKSQFatPm6lfdZxB7kY3WwGjI7NUbsigqICd28MA/pd9Q2eCMPmTMGTlTrEeVG
MCzCF2ct3u40dpSGcDdbNXjLWt7G08NJXqGE1itrwfknvCTyOeNwIM4K4p2Nc7is
4a2yJ9BcCrDjReh79eVT9GkDzZOt1RIPv4KHnieguhH+e0xMWhkqR8+8owIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMq8DbllywEBeTuqj9P2XMQQl4c/MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEveXJ3TnVXWExBUUY1TzZxUDBfWmN4QkNYaHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAky1mAwQA
ky2TAwQAky2eMA0GCSqGSIb3DQEBCwUAA4IBAQBNiQwI4nvjk+V6MJeVIoIRwQla
vvKaz9DedSPLj59pDY8+ngZeyDqsFezEOtZE0cBmJsNre7dcYBwgL6CG4iikhSwg
zLKqHsBJvNC36iE1M4gcDyApINX4F+JvSxhrBJrSYM71k2J1ISgNCiaZWIxe7oWz
ObQD4iIhBBDRFOkB58HrhSqH/kUDMXGB85BJRgLJ5EeEoCadIgJC08/GYFvc8wJx
tEitOc1M3f1k3Rq793M3SBQRsK0E5m6h/dqeKP4Kbez5zeNkpVcTpTuxQv4/Kjxj
mHacOWjroiFC4E+SEqdgYS9e7iqyFQwSyvfHad+oiE/0aaspTAfQayi5Y/zW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:33 2024 by rpki-client on console-ams.rpki-client.org