Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/O3ieVqOXKk_uu_Ckr0OWvLwLeu4.roa
File: O3ieVqOXKk_uu_Ckr0OWvLwLeu4.roa (raw, json)
Hash identifier: tkOzOhbctGRotA39AlzUxx6rWtVpzWwlrSGNKd2f72M=
Subject key identifier: 3B:78:9E:56:A3:97:2A:4F:EE:BB:F0:A4:AF:43:96:BC:BC:0B:7A:EE
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018CC56DE8087811BE2E1C8712964CE07EEA
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/O3ieVqOXKk_uu_Ckr0OWvLwLeu4.roa
Signing time: Mon 01 Jan 2024 14:29:23 +0000
ROA not before: Mon 01 Jan 2024 14:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56980
IP address blocks: 45.133.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 20:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e8:08:78:11:be:2e:1c:87:12:96:4c:e0:7e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jan 1 14:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b789e56a3972a4feebbf0a4af4396bcbc0b7aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:a0:01:40:38:88:77:09:d0:25:bb:4a:3d:
d5:cc:d2:2f:1c:f8:68:a7:56:b0:82:63:f6:fd:f2:
70:5e:88:a4:68:31:14:c3:f1:e0:11:ef:75:64:c9:
b3:7e:1d:f2:4a:57:07:fe:66:07:e6:6d:04:ce:c1:
48:f0:16:ed:c6:4a:b0:8a:38:96:5c:bf:91:25:ef:
f6:99:56:24:29:76:2a:d1:d5:8f:c1:ee:4e:fe:80:
e1:e6:2f:44:fd:0b:5b:11:b6:cb:5c:a0:e9:d2:ba:
04:be:a4:c8:19:e4:79:00:b3:3b:3f:a2:ad:90:02:
36:53:f2:1a:00:e9:79:72:eb:d9:87:68:ef:ce:e6:
9d:28:0e:66:14:5f:84:e7:72:0d:76:a3:51:50:e0:
1b:eb:8f:b9:a0:cb:ec:2f:bc:d4:50:51:29:e3:38:
5f:a4:d9:88:90:d1:64:49:18:d4:62:de:87:14:e4:
f1:23:21:9d:a8:72:03:23:13:36:fb:3f:5b:5b:39:
89:4a:5b:a6:ba:57:ac:dc:b8:96:67:6b:a9:7a:9a:
2a:ff:64:d2:e1:be:4d:44:42:1d:55:40:49:35:b6:
c3:e0:ae:c1:a9:ab:a7:bd:eb:80:4d:4b:54:4e:33:
d9:b8:db:b9:b0:56:b8:cd:7a:c1:d5:29:91:82:99:
ec:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:78:9E:56:A3:97:2A:4F:EE:BB:F0:A4:AF:43:96:BC:BC:0B:7A:EE
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/O3ieVqOXKk_uu_Ckr0OWvLwLeu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.38.0/24
Signature Algorithm: sha256WithRSAEncryption
13:e1:1f:79:22:3f:61:4d:23:b5:a3:01:f8:57:e7:53:49:1f:
6b:07:1f:e9:bb:ed:9c:3d:8c:43:1f:e9:c7:24:2a:86:7a:92:
3c:57:d0:1e:27:a3:96:19:73:02:04:00:22:51:6b:15:0a:1a:
e9:6f:b8:16:20:e3:6e:fe:4f:aa:47:90:65:16:18:48:00:80:
3a:cc:e0:43:91:cb:65:d8:ae:1d:56:d1:f0:58:b9:d0:60:9e:
92:3b:2d:31:26:5f:c8:35:73:d1:c5:6b:cd:06:07:41:e9:47:
2e:a2:3a:a0:55:2e:0e:64:e0:7a:99:f9:75:6d:43:93:8d:70:
cc:37:01:eb:ec:e1:10:c9:4b:01:11:af:bc:ea:00:8e:b6:90:
d2:b6:6c:0d:60:02:88:c8:b6:a4:b1:66:9c:4b:50:8c:ba:83:
fd:56:84:37:e1:5f:1d:11:09:95:48:e6:66:36:f4:f1:f7:dd:
67:df:b0:94:4f:cc:29:08:ea:08:ac:84:c4:1c:11:15:1e:d3:
8c:79:26:c8:05:08:fc:a0:31:45:31:84:69:11:e1:14:4b:ad:
a0:b6:c5:59:06:ec:fd:14:40:4d:80:8b:06:42:5a:39:d7:ef:
2c:59:23:c0:07:00:9a:75:80:77:e7:7e:d8:ba:ef:d5:c7:95:
6e:da:26:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbegIeBG+LhyHEpZM4H7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwMTAxMTQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc4OWU1NmEzOTcyYTRmZWViYmYwYTRhZjQzOTZiY2JjMGI3YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfWgAUA4iHcJ0CW7Sj3VzNIvHPho
p1awgmP2/fJwXoikaDEUw/HgEe91ZMmzfh3ySlcH/mYH5m0EzsFI8BbtxkqwijiW
XL+RJe/2mVYkKXYq0dWPwe5O/oDh5i9E/QtbEbbLXKDp0roEvqTIGeR5ALM7P6Kt
kAI2U/IaAOl5cuvZh2jvzuadKA5mFF+E53INdqNRUOAb64+5oMvsL7zUUFEp4zhf
pNmIkNFkSRjUYt6HFOTxIyGdqHIDIxM2+z9bWzmJSlumules3LiWZ2upepoq/2TS
4b5NREIdVUBJNbbD4K7BqaunveuATUtUTjPZuNu5sFa4zXrB1SmRgpnszwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDt4nlajlypP7rvwpK9Dlry8C3ruMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvTzNpZVZxT1hLa191dV9Da3IwT1d2THdMZXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYUmMA0G
CSqGSIb3DQEBCwUAA4IBAQAT4R95Ij9hTSO1owH4V+dTSR9rBx/pu+2cPYxDH+nH
JCqGepI8V9AeJ6OWGXMCBAAiUWsVChrpb7gWIONu/k+qR5BlFhhIAIA6zOBDkctl
2K4dVtHwWLnQYJ6SOy0xJl/INXPRxWvNBgdB6UcuojqgVS4OZOB6mfl1bUOTjXDM
NwHr7OEQyUsBEa+86gCOtpDStmwNYAKIyLaksWacS1CMuoP9VoQ34V8dEQmVSOZm
NvTx991n37CUT8wpCOoIrITEHBEVHtOMeSbIBQj8oDFFMYRpEeEUS62gtsVZBuz9
FEBNgIsGQlo51+8sWSPABwCadYB3537Yuu/Vx5Vu2iaa
-----END CERTIFICATE-----
Generated at Wed Sep 11 22:06:29 2024 by rpki-client on console-ams.rpki-client.org