Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/iGPk0LykUbLT-w5XpSR3AfC6RA4.roa
File: iGPk0LykUbLT-w5XpSR3AfC6RA4.roa (raw, json)
Hash identifier: UAP0KniDQWMmGJikY2oN2P74bWryRkj4YyAPRInXLTU=
Subject key identifier: 88:63:E4:D0:BC:A4:51:B2:D3:FB:0E:57:A5:24:77:01:F0:BA:44:0E
Certificate issuer: /CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Certificate serial: 018E70B21DDADB52FB68471089346A2A3E67
Authority key identifier: 7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/iGPk0LykUbLT-w5XpSR3AfC6RA4.roa
Signing time: Sun 24 Mar 2024 13:41:45 +0000
ROA not before: Sun 24 Mar 2024 13:41:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.11.172.0/23 maxlen: 24
45.11.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 14:20:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:70:b2:1d:da:db:52:fb:68:47:10:89:34:6a:2a:3e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Validity
Not Before: Mar 24 13:41:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8863e4d0bca451b2d3fb0e57a5247701f0ba440e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0e:f5:e3:0c:02:0e:db:b3:64:f6:4f:77:ca:
d9:dc:72:01:8a:8f:e1:b3:54:6e:25:0e:da:41:84:
2e:5d:42:2c:a2:a5:4b:26:ca:99:6f:d5:fc:9c:e0:
b7:b1:e3:31:c7:ec:12:fd:d7:00:b5:f8:73:1a:db:
da:b6:af:76:42:18:18:02:e0:20:ba:f7:c3:49:18:
cb:83:d4:f8:02:9c:4c:51:b5:de:11:52:5c:51:b4:
13:33:5d:71:83:e2:26:d4:ef:33:be:61:35:66:cd:
b0:5f:70:89:46:ba:9a:d7:71:23:17:c8:ee:7a:bc:
23:ed:8a:42:5d:a9:c8:e2:e5:c8:cc:ba:73:d6:5d:
c0:44:99:0c:c7:5d:ab:39:ba:9d:24:be:e4:54:34:
40:5d:1a:5f:13:56:ac:81:42:e1:ce:ae:93:e1:9d:
53:dc:3d:85:6d:5c:5a:27:65:31:40:39:0d:c8:f6:
f6:d7:0c:5b:ff:3e:8a:8b:6c:85:97:52:1a:1e:00:
11:6f:fc:78:d1:dc:cb:dd:f5:cf:0d:bb:12:08:c5:
45:7b:a0:90:17:3d:96:a2:41:4c:02:ed:57:13:10:
88:2b:b4:75:3f:1b:cb:1a:21:ff:be:d8:64:61:5e:
3e:d1:f1:36:4b:43:29:07:fb:2c:42:11:e8:f2:57:
17:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:63:E4:D0:BC:A4:51:B2:D3:FB:0E:57:A5:24:77:01:F0:BA:44:0E
X509v3 Authority Key Identifier:
keyid:7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/iGPk0LykUbLT-w5XpSR3AfC6RA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.172.0-45.11.174.255
Signature Algorithm: sha256WithRSAEncryption
53:ca:68:20:44:1d:67:44:07:c7:a2:0e:ae:64:28:aa:57:70:
f2:ff:7f:3f:9a:ab:e9:30:83:38:58:e6:7f:1a:08:21:02:be:
ee:23:fb:d9:15:15:11:de:a0:97:30:79:c3:94:9a:67:50:8a:
d0:7a:f5:7c:b5:7e:3e:6a:64:4c:5b:47:06:fa:8a:df:45:ff:
12:65:7a:cf:8a:30:5d:4e:d7:3e:8b:47:eb:b8:9f:97:ec:d4:
35:5b:12:87:0e:20:19:4c:08:c2:3f:c9:cd:e9:78:5c:ef:3a:
aa:7a:fc:9e:ee:f3:ec:f8:06:e8:95:d7:b6:07:bc:ef:b1:a0:
57:96:bf:f6:85:45:78:c3:67:ad:87:b6:45:96:e6:49:00:9c:
f1:ed:af:4c:c3:0b:1e:e1:87:67:9b:9a:b8:48:1a:53:eb:99:
8b:5c:f4:52:04:ec:e2:15:0a:4c:85:74:b0:c5:82:29:aa:cb:
57:34:82:41:4c:6c:80:ca:bc:4f:48:e5:71:30:b5:0a:64:ed:
8a:98:e3:cd:ab:df:cc:95:4a:d7:de:37:71:33:fa:9b:0a:e7:
cc:23:95:9a:31:fd:34:27:4a:0f:ab:9a:e4:f7:67:56:77:24:
ec:39:c1:02:b0:b4:89:ea:50:69:5b:74:c0:78:38:d1:ff:70:
28:54:ce:a2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5wsh3a21L7aEcQiTRqKj5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTY5NTc4NmY4NDUwZDEwNDFkYzg4YWQ4OTJjYmI1NzBk
NTk3MmIwHhcNMjQwMzI0MTM0MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYzZTRkMGJjYTQ1MWIyZDNmYjBlNTdhNTI0NzcwMWYwYmE0NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg714wwCDtuzZPZPd8rZ3HIBio/h
s1RuJQ7aQYQuXUIsoqVLJsqZb9X8nOC3seMxx+wS/dcAtfhzGtvatq92QhgYAuAg
uvfDSRjLg9T4ApxMUbXeEVJcUbQTM11xg+Im1O8zvmE1Zs2wX3CJRrqa13EjF8ju
erwj7YpCXanI4uXIzLpz1l3ARJkMx12rObqdJL7kVDRAXRpfE1asgULhzq6T4Z1T
3D2FbVxaJ2UxQDkNyPb21wxb/z6Ki2yFl1IaHgARb/x40dzL3fXPDbsSCMVFe6CQ
Fz2WokFMAu1XExCIK7R1PxvLGiH/vthkYV4+0fE2S0MpB/ssQhHo8lcXIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIhj5NC8pFGy0/sOV6UkdwHwukQOMB8GA1UdIwQY
MBaAFH1WlXhvhFDRBB3IitiSy7Vw1ZcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDIt
NjNiMzM4MDhhNmE4LzEvaUdQazBMeWtVYkxULXc1WHBTUjNBZkM2UkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDItNjNiMzM4MDhhNmE4
LzEvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItC6wD
BAAtC64wDQYJKoZIhvcNAQELBQADggEBAFPKaCBEHWdEB8eiDq5kKKpXcPL/fz+a
q+kwgzhY5n8aCCECvu4j+9kVFRHeoJcwecOUmmdQitB69Xy1fj5qZExbRwb6it9F
/xJles+KMF1O1z6LR+u4n5fs1DVbEocOIBlMCMI/yc3peFzvOqp6/J7u8+z4BuiV
17YHvO+xoFeWv/aFRXjDZ62HtkWW5kkAnPHtr0zDCx7hh2ebmrhIGlPrmYtc9FIE
7OIVCkyFdLDFgimqy1c0gkFMbIDKvE9I5XEwtQpk7YqY482r38yVStfeN3Ez+psK
58wjlZox/TQnSg+rmuT3Z1Z3JOw5wQKwtInqUGlbdMB4ONH/cChUzqI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:42 2024 by rpki-client on console-ams.rpki-client.org