Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/KhTFZD30SrG7COKRLt2Na6aSQTs.roa
File: KhTFZD30SrG7COKRLt2Na6aSQTs.roa (raw, json)
Hash identifier: G8R48yxqUSjGrb3Rn5F+YqFM5iswvjO+9gi/nediRHQ=
Subject key identifier: 2A:14:C5:64:3D:F4:4A:B1:BB:08:E2:91:2E:DD:8D:6B:A6:92:41:3B
Certificate issuer: /CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Certificate serial: 018AD85C5FE926758254D25415A3E74283BC
Authority key identifier: 7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/KhTFZD30SrG7COKRLt2Na6aSQTs.roa
Signing time: Wed 27 Sep 2023 20:37:27 +0000
ROA not before: Wed 27 Sep 2023 20:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.151.140.0/24 maxlen: 24
45.151.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Oct 2023 14:13:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d8:5c:5f:e9:26:75:82:54:d2:54:15:a3:e7:42:83:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7fa3f99dba94a307b6cd2e1d90f678dac05681f8
Validity
Not Before: Sep 27 20:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a14c5643df44ab1bb08e2912edd8d6ba692413b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ad:a9:b3:89:0d:10:78:c7:af:23:cd:8a:9d:
29:e3:77:5e:78:d6:7c:d8:6b:65:25:1f:74:96:fc:
9d:68:36:73:c4:28:f9:ac:4d:3c:f6:1c:bb:3d:c4:
54:22:69:8c:1f:e3:86:d6:7a:dc:ea:06:88:fe:c8:
c5:54:ec:c4:fd:40:7a:d3:27:d7:20:d6:43:da:2e:
20:e5:1a:a7:c5:0d:b6:b9:19:39:8e:df:56:39:f3:
c2:a2:8d:6c:56:b8:4e:2a:86:e2:fe:9d:d0:c6:7f:
db:75:52:0e:87:ea:33:a4:1a:1b:f4:da:01:74:0b:
35:a5:04:92:f6:71:e2:57:1c:59:7f:c4:32:8a:4a:
1b:98:3c:ac:d4:cc:8c:4d:3c:aa:cd:a2:f4:38:a4:
3b:38:e4:38:b1:d1:8c:8f:db:30:41:3e:69:d3:e8:
5e:76:d0:47:34:28:a5:99:b8:65:4c:b5:54:01:d0:
1d:ba:88:da:fc:5f:39:28:39:df:cf:dd:30:8f:c1:
ff:33:9c:f7:93:71:71:d3:d7:dd:31:92:43:be:52:
f5:00:12:2f:38:93:a3:42:58:0d:39:69:9c:22:db:
a8:d0:a1:57:2f:5a:e6:a8:8b:b6:36:df:97:31:8e:
60:bd:a6:a8:4c:56:65:d6:6a:6b:fc:14:51:c1:93:
98:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:14:C5:64:3D:F4:4A:B1:BB:08:E2:91:2E:DD:8D:6B:A6:92:41:3B
X509v3 Authority Key Identifier:
keyid:7F:A3:F9:9D:BA:94:A3:07:B6:CD:2E:1D:90:F6:78:DA:C0:56:81:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6P5nbqUowe2zS4dkPZ42sBWgfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/KhTFZD30SrG7COKRLt2Na6aSQTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5ae3c4-4aa4-4c62-8eb5-4ea47cce0c63/1/f6P5nbqUowe2zS4dkPZ42sBWgfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.140.0/24
45.151.142.0/24
Signature Algorithm: sha256WithRSAEncryption
70:0e:3c:92:13:c4:00:05:e4:17:cb:b6:0b:d7:be:2d:c7:71:
5f:e2:18:00:b4:2b:d5:95:12:b1:c6:f3:d1:e0:67:8d:a7:c6:
2a:98:34:75:31:85:2c:47:5f:17:92:49:26:94:ae:a8:22:e3:
ac:b7:08:d2:b6:52:32:ce:02:9f:5e:51:cb:ba:6f:56:fe:06:
d5:0a:7e:23:3d:34:10:fb:e2:d8:70:14:db:8e:45:21:d3:30:
e3:3c:4e:2e:85:5a:5a:53:6a:d6:bf:23:cd:85:b7:bb:18:41:
4a:81:93:cb:83:50:88:c2:a1:3c:90:32:87:e5:15:52:f3:d3:
4e:57:51:0f:70:2a:8b:aa:e0:ce:75:21:4f:65:cf:6f:54:23:
2e:e1:29:73:4a:7f:71:15:a4:f2:74:30:c1:c7:56:d7:58:83:
b5:91:c1:fd:32:83:41:7e:b5:df:1b:1c:49:aa:aa:c5:76:ac:
c8:46:e6:2a:b7:c9:c6:56:41:44:3f:77:98:60:d1:b7:e6:48:
04:e8:c3:ae:2f:98:8c:3c:3f:61:6d:97:ce:2d:28:75:01:92:
34:b4:8d:76:4d:05:17:d8:82:cf:b3:a1:7a:6b:58:71:97:da:
1d:6d:a8:c6:e3:4a:eb:ec:82:82:2f:5e:7e:a8:33:04:32:d9:
5d:4e:e7:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrYXF/pJnWCVNJUFaPnQoO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmYTNmOTlkYmE5NGEzMDdiNmNkMmUxZDkwZjY3OGRhYzA1
NjgxZjgwHhcNMjMwOTI3MjAzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE0YzU2NDNkZjQ0YWIxYmIwOGUyOTEyZWRkOGQ2YmE2OTI0MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh62ps4kNEHjHryPNip0p43deeNZ8
2GtlJR90lvydaDZzxCj5rE089hy7PcRUImmMH+OG1nrc6gaI/sjFVOzE/UB60yfX
INZD2i4g5RqnxQ22uRk5jt9WOfPCoo1sVrhOKobi/p3Qxn/bdVIOh+ozpBob9NoB
dAs1pQSS9nHiVxxZf8QyikobmDys1MyMTTyqzaL0OKQ7OOQ4sdGMj9swQT5p0+he
dtBHNCilmbhlTLVUAdAduoja/F85KDnfz90wj8H/M5z3k3Fx09fdMZJDvlL1ABIv
OJOjQlgNOWmcItuo0KFXL1rmqIu2Nt+XMY5gvaaoTFZl1mpr/BRRwZOYwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoUxWQ99EqxuwjikS7djWumkkE7MB8GA1UdIwQY
MBaAFH+j+Z26lKMHts0uHZD2eNrAVoH4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUt
NGVhNDdjY2UwYzYzLzEvS2hURlpEMzBTckc3Q09LUkx0Mk5hNmFTUVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YWUzYzQtNGFhNC00YzYyLThlYjUtNGVhNDdjY2UwYzYz
LzEvZjZQNW5icVVvd2UyelM0ZGtQWjQyc0JXZ2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZeMAwQA
LZeOMA0GCSqGSIb3DQEBCwUAA4IBAQBwDjySE8QABeQXy7YL174tx3Ff4hgAtCvV
lRKxxvPR4GeNp8YqmDR1MYUsR18XkkkmlK6oIuOstwjStlIyzgKfXlHLum9W/gbV
Cn4jPTQQ++LYcBTbjkUh0zDjPE4uhVpaU2rWvyPNhbe7GEFKgZPLg1CIwqE8kDKH
5RVS89NOV1EPcCqLquDOdSFPZc9vVCMu4SlzSn9xFaTydDDBx1bXWIO1kcH9MoNB
frXfGxxJqqrFdqzIRuYqt8nGVkFEP3eYYNG35kgE6MOuL5iMPD9hbZfOLSh1AZI0
tI12TQUX2ILPs6F6a1hxl9odbajG40rr7IKCL15+qDMEMtldTudp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:03 2024 by rpki-client on console-ams.rpki-client.org