Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/7oDlwyZo1Y3OFlKk2-QjvzNozA0.roa
File: 7oDlwyZo1Y3OFlKk2-QjvzNozA0.roa (raw, json)
Hash identifier: IW95bjGh2NkQBFyXwiHDo3doG9ira1DKSJKEs1ULE0c=
Subject key identifier: EE:80:E5:C3:26:68:D5:8D:CE:16:52:A4:DB:E4:23:BF:33:68:CC:0D
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018944A01E6025F0915741C0DD82420001B5
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/7oDlwyZo1Y3OFlKk2-QjvzNozA0.roa
Signing time: Tue 11 Jul 2023 11:04:51 +0000
ROA not before: Tue 11 Jul 2023 11:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204174
IP address blocks: 45.152.163.0/24 maxlen: 24
45.152.162.0/23 maxlen: 23
45.152.162.0/24 maxlen: 24
45.134.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 02:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:a0:1e:60:25:f0:91:57:41:c0:dd:82:42:00:01:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jul 11 11:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee80e5c32668d58dce1652a4dbe423bf3368cc0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:20:b5:df:d1:62:ec:36:16:2a:41:3b:bd:0f:
51:be:50:0b:2e:6c:61:af:df:0d:32:ce:d7:7f:d5:
03:78:f0:62:d9:ef:71:3c:70:db:c5:91:90:9b:8a:
8b:41:ea:16:2d:20:ea:07:8d:38:50:41:a4:32:03:
44:3a:0a:75:2b:b0:31:5c:47:3d:11:ca:63:3c:03:
00:6d:a9:62:9e:8d:00:17:09:d4:13:a5:42:8e:be:
f5:03:d0:ad:b7:e8:06:cf:8a:f5:05:4a:84:c3:c6:
7d:43:93:19:66:e1:e4:e8:10:0c:78:c3:33:75:f0:
f8:ea:8d:82:5a:50:fb:ba:27:0d:47:67:12:ca:f9:
d9:89:ca:03:8c:ea:aa:83:81:14:e6:da:d2:2d:0d:
e5:9e:14:9b:66:bb:43:70:51:da:26:a0:35:d9:a9:
92:fb:8f:fe:29:19:76:4e:9d:9d:ba:70:d1:78:8c:
b1:42:4b:bc:9f:f3:57:87:73:f5:82:17:67:cf:81:
42:7b:ad:8e:1d:fe:74:30:fc:35:24:f9:87:01:15:
fb:74:5c:0a:b6:33:28:da:c0:e0:4d:cf:48:3e:f9:
fb:8e:da:4a:81:29:fd:78:96:3f:32:99:32:f9:79:
74:26:30:94:ae:43:52:7c:e1:ec:5a:7e:c8:45:62:
c5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:80:E5:C3:26:68:D5:8D:CE:16:52:A4:DB:E4:23:BF:33:68:CC:0D
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/7oDlwyZo1Y3OFlKk2-QjvzNozA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.38.0/24
45.152.162.0/23
Signature Algorithm: sha256WithRSAEncryption
92:58:94:f9:07:bf:f1:ef:e4:e4:59:71:1f:a1:d5:fe:eb:3b:
05:69:6a:5f:66:d7:42:fd:ef:2b:98:80:5b:62:89:bf:33:9a:
65:50:37:ab:4b:2a:77:5d:b4:2b:7e:8e:6b:04:21:86:78:bc:
f9:e5:ef:7b:33:cc:9e:3b:d0:7d:ce:43:05:7b:a1:2c:f6:c4:
67:9c:e2:30:c0:c5:4c:df:af:70:0e:e4:0d:a5:af:21:f0:9c:
1a:aa:99:5e:ce:8a:09:3b:e4:bb:9f:7a:1c:8e:eb:a5:bc:ef:
c7:2f:aa:4d:01:20:84:7a:0f:c2:86:66:64:8b:c8:84:07:47:
ba:be:7b:c9:97:4f:84:3b:7d:a5:8b:df:5a:57:9b:da:bb:eb:
57:c5:ae:72:b4:4d:ca:bd:70:2f:ce:06:6f:c6:46:2b:f4:e8:
04:b7:c5:30:dd:d5:6b:6c:eb:6b:86:9b:ff:00:3b:ac:85:62:
ae:b3:04:32:c2:0a:38:e9:85:25:5f:7a:8f:69:2c:8f:b6:83:
36:be:84:c0:67:d9:20:12:1d:13:fd:ca:de:08:79:2d:0e:c0:
b0:39:d5:63:3c:70:6f:70:c5:bf:f9:ff:e3:c1:f1:30:03:0b:
72:ab:b4:15:d8:74:ce:a0:63:0a:f9:1f:65:7f:11:0f:74:a4:
24:92:66:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlEoB5gJfCRV0HA3YJCAAG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwNzExMTEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTgwZTVjMzI2NjhkNThkY2UxNjUyYTRkYmU0MjNiZjMzNjhjYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSC139Fi7DYWKkE7vQ9RvlALLmxh
r98NMs7Xf9UDePBi2e9xPHDbxZGQm4qLQeoWLSDqB404UEGkMgNEOgp1K7AxXEc9
EcpjPAMAbalino0AFwnUE6VCjr71A9Ctt+gGz4r1BUqEw8Z9Q5MZZuHk6BAMeMMz
dfD46o2CWlD7uicNR2cSyvnZicoDjOqqg4EU5trSLQ3lnhSbZrtDcFHaJqA12amS
+4/+KRl2Tp2dunDReIyxQku8n/NXh3P1ghdnz4FCe62OHf50MPw1JPmHARX7dFwK
tjMo2sDgTc9IPvn7jtpKgSn9eJY/Mpky+Xl0JjCUrkNSfOHsWn7IRWLFMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6A5cMmaNWNzhZSpNvkI78zaMwNMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvN29EbHd5Wm8xWTNPRmxLazItUWp2ek5vekEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYYmAwQB
LZiiMA0GCSqGSIb3DQEBCwUAA4IBAQCSWJT5B7/x7+TkWXEfodX+6zsFaWpfZtdC
/e8rmIBbYom/M5plUDerSyp3XbQrfo5rBCGGeLz55e97M8yeO9B9zkMFe6Es9sRn
nOIwwMVM369wDuQNpa8h8JwaqplezooJO+S7n3ocjuulvO/HL6pNASCEeg/ChmZk
i8iEB0e6vnvJl0+EO32li99aV5vau+tXxa5ytE3KvXAvzgZvxkYr9OgEt8Uw3dVr
bOtrhpv/ADushWKuswQywgo46YUlX3qPaSyPtoM2voTAZ9kgEh0T/creCHktDsCw
OdVjPHBvcMW/+f/jwfEwAwtyq7QV2HTOoGMK+R9lfxEPdKQkkmbw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:13 2024 by rpki-client on console-ams.rpki-client.org