Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Nku2MxtEqMJKD1BzGyTEG0gOCuA.roa
File: Nku2MxtEqMJKD1BzGyTEG0gOCuA.roa (raw, json)
Hash identifier: dDtHczNuca/i4qRwC6zN2P2kzItWsv0f8OQut8P0VQQ=
Subject key identifier: 36:4B:B6:33:1B:44:A8:C2:4A:0F:50:73:1B:24:C4:1B:48:0E:0A:E0
Certificate issuer: /CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Certificate serial: 018CC56E06BE5C5ED792AD9AAF5AEE775754
Authority key identifier: 7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Nku2MxtEqMJKD1BzGyTEG0gOCuA.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.11.172.0/23 maxlen: 23
45.11.174.0/24 maxlen: 24
45.11.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jan 2024 17:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:06:be:5c:5e:d7:92:ad:9a:af:5a:ee:77:57:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=364bb6331b44a8c24a0f50731b24c41b480e0ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d8:30:51:59:71:50:66:b4:9c:90:a9:33:f8:
07:1f:0a:58:9f:bd:37:4d:77:07:28:48:fe:d7:86:
4d:97:25:f0:36:44:5f:c7:f9:9d:f1:c6:e0:2c:69:
15:0b:66:f3:c4:28:98:c7:4b:5a:47:70:72:c4:8f:
c6:de:3f:4c:13:4f:19:7e:7f:81:7f:71:8f:83:80:
53:1f:e7:38:8a:29:a1:c4:8f:18:4e:d1:47:f7:94:
e7:57:0c:31:8a:c7:b6:4c:be:08:36:71:a8:29:a0:
3e:9c:b4:00:96:d1:8a:f7:e8:5c:10:e5:95:96:a8:
3a:08:43:8e:15:23:fa:52:e8:5d:34:83:f0:64:93:
28:c4:ee:38:85:2f:13:7e:65:eb:29:38:2e:46:da:
c1:47:e0:ce:a3:7a:c6:ce:25:9d:59:3c:a6:f9:a6:
f9:9a:65:31:54:99:8f:05:55:fb:a8:6b:5d:ee:9e:
81:79:89:29:d6:66:ae:9f:b8:8e:ef:0d:5c:c5:c4:
83:33:19:37:79:cd:d0:53:99:0b:ae:bc:91:44:6e:
96:d6:63:b3:78:59:20:2f:90:cd:8e:b1:a3:80:eb:
d4:b5:33:fc:38:5c:f9:72:3c:c0:9d:df:94:ab:8e:
87:10:8d:05:44:5b:9b:b4:39:bd:57:74:5c:c7:f0:
43:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:4B:B6:33:1B:44:A8:C2:4A:0F:50:73:1B:24:C4:1B:48:0E:0A:E0
X509v3 Authority Key Identifier:
keyid:7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Nku2MxtEqMJKD1BzGyTEG0gOCuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:a5:72:1e:b5:80:3f:4e:5f:10:d9:ee:68:1f:c3:cb:93:e1:
3c:a2:f5:23:f0:01:e9:b8:29:f4:4f:01:86:42:76:f1:81:c5:
d0:ef:8e:6c:41:ee:e4:28:95:82:fb:dd:59:9a:10:e4:c0:7a:
c2:56:19:ac:4c:08:1c:d2:e0:43:8b:2b:36:40:e4:f5:83:60:
b4:c4:49:b5:c8:a6:27:74:65:eb:6e:96:76:c2:41:e5:a5:ed:
9f:30:51:2c:6f:2b:77:57:3f:87:9f:18:4c:50:3f:a3:be:2c:
39:9a:9e:36:fa:7e:94:06:58:c1:89:25:4e:c5:e4:4b:26:ef:
19:0a:7c:15:d7:66:1a:dd:32:b4:9d:96:90:09:a5:cf:df:09:
1d:f0:5a:3e:31:67:dd:10:28:13:37:71:13:90:23:87:7c:33:
44:fe:e2:10:fd:61:6c:0e:0b:d9:d0:3e:1a:72:33:86:51:b7:
e7:15:10:8f:f2:2b:86:2f:a4:a4:57:33:77:56:e4:fd:74:34:
7d:7e:62:4f:fe:29:49:9c:26:5e:c4:5e:06:bc:b3:95:ee:40:
cd:06:d2:9e:b5:0f:79:b4:d1:7d:6d:92:40:d8:ad:5a:57:6b:
00:fb:83:fc:d1:f5:9e:e7:56:69:fa:5f:93:76:9f:4b:f6:36:
1b:fa:7b:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbga+XF7Xkq2ar1rud1dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTY5NTc4NmY4NDUwZDEwNDFkYzg4YWQ4OTJjYmI1NzBk
NTk3MmIwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRiYjYzMzFiNDRhOGMyNGEwZjUwNzMxYjI0YzQxYjQ4MGUwYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNgwUVlxUGa0nJCpM/gHHwpYn703
TXcHKEj+14ZNlyXwNkRfx/md8cbgLGkVC2bzxCiYx0taR3ByxI/G3j9ME08Zfn+B
f3GPg4BTH+c4iimhxI8YTtFH95TnVwwxise2TL4INnGoKaA+nLQAltGK9+hcEOWV
lqg6CEOOFSP6UuhdNIPwZJMoxO44hS8TfmXrKTguRtrBR+DOo3rGziWdWTym+ab5
mmUxVJmPBVX7qGtd7p6BeYkp1maun7iO7w1cxcSDMxk3ec3QU5kLrryRRG6W1mOz
eFkgL5DNjrGjgOvUtTP8OFz5cjzAnd+Uq46HEI0FRFubtDm9V3Rcx/BDJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZLtjMbRKjCSg9QcxskxBtIDgrgMB8GA1UdIwQY
MBaAFH1WlXhvhFDRBB3IitiSy7Vw1ZcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDIt
NjNiMzM4MDhhNmE4LzEvTmt1Mk14dEVxTUpLRDFCekd5VEVHMGdPQ3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDItNjNiMzM4MDhhNmE4
LzEvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQusMA0G
CSqGSIb3DQEBCwUAA4IBAQB6pXIetYA/Tl8Q2e5oH8PLk+E8ovUj8AHpuCn0TwGG
QnbxgcXQ745sQe7kKJWC+91ZmhDkwHrCVhmsTAgc0uBDiys2QOT1g2C0xEm1yKYn
dGXrbpZ2wkHlpe2fMFEsbyt3Vz+HnxhMUD+jviw5mp42+n6UBljBiSVOxeRLJu8Z
CnwV12Ya3TK0nZaQCaXP3wkd8Fo+MWfdECgTN3ETkCOHfDNE/uIQ/WFsDgvZ0D4a
cjOGUbfnFRCP8iuGL6SkVzN3VuT9dDR9fmJP/ilJnCZexF4GvLOV7kDNBtKetQ95
tNF9bZJA2K1aV2sA+4P80fWe51Zp+l+Tdp9L9jYb+nuq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:12 2024 by rpki-client on console-fra.rpki-client.org