Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/anFiAMxOM-XxKzYzg5XJ1p4q268.roa
File: anFiAMxOM-XxKzYzg5XJ1p4q268.roa (raw, json)
Hash identifier: wQeKFyngCjXY20wDGLAGIKIWhsLZAVVlsXD4+CR4lPQ=
Subject key identifier: 6A:71:62:00:CC:4E:33:E5:F1:2B:36:33:83:95:C9:D6:9E:2A:DB:AF
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0191B30127796F2231864662FDFD00DECB05
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/anFiAMxOM-XxKzYzg5XJ1p4q268.roa
Signing time: Mon 02 Sep 2024 13:51:22 +0000
ROA not before: Mon 02 Sep 2024 13:51:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61112
IP address blocks: 45.92.218.0/23 maxlen: 23
45.92.218.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
45.152.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 14:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:01:27:79:6f:22:31:86:46:62:fd:fd:00:de:cb:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Sep 2 13:51:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a716200cc4e33e5f12b36338395c9d69e2adbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:09:03:b6:8c:b3:7a:1c:a6:6d:00:95:7c:e0:
48:78:f5:02:78:4d:39:1e:69:d0:25:d4:81:17:25:
42:5c:0e:45:57:52:9c:d7:b5:01:aa:52:ae:25:c3:
d8:9c:a8:ae:bf:e1:55:61:b4:e8:d8:9f:73:5a:ca:
24:d3:2c:24:6b:04:21:9a:9e:1d:cc:bd:40:4c:d4:
09:ce:b9:30:b0:30:cd:7f:c0:d6:5d:b7:6a:f4:f9:
47:a3:2b:ac:13:c2:3f:2c:31:b8:96:f7:97:e3:4a:
f7:b9:8f:bb:99:c4:99:81:50:d8:01:e8:f1:77:42:
b3:0a:78:59:52:56:e5:92:a1:3b:f0:89:f1:4f:66:
0f:82:ca:e7:75:c5:e7:ac:b6:da:ed:6e:62:65:dc:
6c:cb:da:2d:e3:c5:05:8a:34:64:57:1d:1e:2f:ab:
b4:45:0b:64:31:59:5d:66:58:85:f9:14:fe:ec:4b:
39:1e:94:8e:a6:c1:08:6c:ff:17:28:72:45:48:4b:
e3:30:47:dd:6b:81:fb:fb:bc:38:54:c8:4e:ae:0a:
12:df:29:1a:82:dc:f0:50:11:be:84:c2:a8:b2:83:
97:cd:8c:5a:9e:cc:ef:58:08:37:5b:2c:8f:f1:f0:
87:b3:bf:f5:7b:2f:6b:8b:2b:45:3a:06:28:40:55:
a2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:71:62:00:CC:4E:33:E5:F1:2B:36:33:83:95:C9:D6:9E:2A:DB:AF
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/anFiAMxOM-XxKzYzg5XJ1p4q268.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.218.0/23
45.152.162.0/24
Signature Algorithm: sha256WithRSAEncryption
01:54:1c:58:ee:f2:15:08:63:89:3d:c4:2e:dd:b2:c0:7c:ed:
ab:e6:f2:51:23:d3:76:f2:e0:da:b5:08:64:1b:56:90:f7:94:
46:e9:b0:fc:ef:6b:a4:af:1a:49:28:15:35:97:e1:00:b5:e3:
93:a8:d1:d7:d5:a7:c6:33:ba:52:75:c9:8f:f1:1f:cc:1a:97:
1d:76:f5:f4:0a:d5:e6:8d:60:25:88:3c:95:02:ff:86:5b:29:
3e:ba:6e:b8:69:14:ea:12:fb:c7:15:68:4d:f9:18:0d:af:cf:
4b:56:6b:c6:66:6d:4d:86:58:ed:e4:d9:b2:96:15:d4:af:02:
23:2d:4e:3c:e8:65:bb:f2:e5:9e:b4:60:17:46:93:91:be:f2:
b4:e1:d5:4c:84:ac:0d:ae:5f:09:72:b2:90:49:3a:b7:e2:20:
99:9b:08:52:cd:0c:6d:43:a7:73:94:da:a7:2a:b9:f9:e3:66:
ec:40:84:55:0f:02:51:bf:14:9f:5c:c6:fc:77:bf:77:63:16:
fc:b5:9e:f6:db:53:24:98:80:3c:3b:e7:1f:04:26:de:3c:5e:
61:96:05:c1:22:eb:ea:aa:0e:4b:4c:94:d5:d7:52:95:f4:d0:
48:0d:a2:e6:4d:3e:0b:a1:85:61:cd:2d:82:5d:5e:69:4e:c2:
f4:c4:10:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGzASd5byIxhkZi/f0A3ssFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwOTAyMTM1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTcxNjIwMGNjNGUzM2U1ZjEyYjM2MzM4Mzk1YzlkNjllMmFkYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gkDtoyzehymbQCVfOBIePUCeE05
HmnQJdSBFyVCXA5FV1Kc17UBqlKuJcPYnKiuv+FVYbTo2J9zWsok0ywkawQhmp4d
zL1ATNQJzrkwsDDNf8DWXbdq9PlHoyusE8I/LDG4lveX40r3uY+7mcSZgVDYAejx
d0KzCnhZUlblkqE78InxT2YPgsrndcXnrLba7W5iZdxsy9ot48UFijRkVx0eL6u0
RQtkMVldZliF+RT+7Es5HpSOpsEIbP8XKHJFSEvjMEfda4H7+7w4VMhOrgoS3yka
gtzwUBG+hMKosoOXzYxanszvWAg3WyyP8fCHs7/1ey9riytFOgYoQFWizwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGpxYgDMTjPl8Ss2M4OVydaeKtuvMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvYW5GaUFNeE9NLVh4S3pZemc1WEoxcDRxMjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVzaAwQA
LZiiMA0GCSqGSIb3DQEBCwUAA4IBAQABVBxY7vIVCGOJPcQu3bLAfO2r5vJRI9N2
8uDatQhkG1aQ95RG6bD872ukrxpJKBU1l+EAteOTqNHX1afGM7pSdcmP8R/MGpcd
dvX0CtXmjWAliDyVAv+GWyk+um64aRTqEvvHFWhN+RgNr89LVmvGZm1Nhljt5Nmy
lhXUrwIjLU486GW78uWetGAXRpORvvK04dVMhKwNrl8JcrKQSTq34iCZmwhSzQxt
Q6dzlNqnKrn542bsQIRVDwJRvxSfXMb8d793Yxb8tZ7221MkmIA8O+cfBCbePF5h
lgXBIuvqqg5LTJTV11KV9NBIDaLmTT4LoYVhzS2CXV5pTsL0xBDF
-----END CERTIFICATE-----
Generated at Tue Nov 12 18:29:13 2024 by rpki-client on console-fra.rpki-client.org