Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Dl96hi-J9558bkCYYyBDyabUVtw.roa
File: Dl96hi-J9558bkCYYyBDyabUVtw.roa (raw, json)
Hash identifier: lOAk979wv61LQB1rFFzIOTgracLaTu/nvNk6YQimmr0=
Subject key identifier: 0E:5F:7A:86:2F:89:F7:9E:7C:6E:40:98:63:20:43:C9:A6:D4:56:DC
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018F153125BCD90DAA687A3CA9B481D87CB9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Dl96hi-J9558bkCYYyBDyabUVtw.roa
Signing time: Thu 25 Apr 2024 12:18:13 +0000
ROA not before: Thu 25 Apr 2024 12:18:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 45.151.3.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jun 2024 20:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:31:25:bc:d9:0d:aa:68:7a:3c:a9:b4:81:d8:7c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 25 12:18:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e5f7a862f89f79e7c6e4098632043c9a6d456dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e2:3a:cb:2a:99:3e:4b:ad:32:31:d5:25:70:
04:42:53:5f:bf:6b:13:61:9e:b1:d7:02:55:a7:cd:
b8:d8:15:ad:64:f8:86:99:6b:3d:55:8a:1f:85:93:
ad:c2:af:95:24:8a:6f:56:af:c4:87:28:37:15:06:
9d:c3:97:be:c7:60:11:46:a3:7f:5c:54:1b:60:20:
38:49:be:07:14:5d:a4:cd:f0:15:26:20:f4:64:9d:
9d:8b:db:80:69:4f:0c:e4:a1:5a:ba:25:13:18:30:
7c:90:d1:0f:26:44:f1:2c:ec:ed:ad:71:44:0c:d0:
87:37:97:ef:e3:ab:b1:9c:7c:1e:50:c2:04:5d:ca:
7b:42:7b:df:09:19:a0:dd:39:0e:92:f9:a6:1e:f8:
96:b8:56:4d:35:ad:fa:ad:95:3d:c7:29:8c:d4:d6:
a9:5b:0f:6d:1f:b5:38:22:b2:05:d6:33:20:4b:5a:
7a:b0:24:7e:bf:e1:e3:37:e6:03:d2:3f:ef:9e:25:
a0:85:e8:bc:c9:b6:49:1c:d9:87:b3:78:f8:10:e9:
ac:16:cc:af:99:e7:cb:75:b7:7c:65:bc:8a:da:67:
d2:fd:22:f4:d2:17:42:c9:1d:cb:24:bc:67:7d:6b:
8f:ef:1f:98:b4:33:80:98:dd:4f:35:97:64:7b:a7:
af:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:5F:7A:86:2F:89:F7:9E:7C:6E:40:98:63:20:43:C9:A6:D4:56:DC
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Dl96hi-J9558bkCYYyBDyabUVtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.3.0/24
146.19.125.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:e5:fc:16:58:6a:7e:80:4b:c6:97:e3:cf:1a:4b:b9:b2:c9:
88:35:bd:f4:0d:eb:fb:aa:3d:85:d9:8d:54:67:43:1e:07:c3:
5a:ae:75:9e:fb:71:d8:c1:4d:0b:da:d1:87:0f:2c:1d:64:a4:
34:d9:11:df:4d:63:df:4a:b2:89:dd:24:c3:0e:64:01:a2:e0:
20:ce:94:36:a9:f1:bc:73:e8:5f:b4:2e:4d:fa:35:2b:a0:3c:
cb:09:7c:4d:27:4e:1c:d1:ba:77:79:16:f5:1d:aa:41:dc:df:
af:54:6c:35:f2:f2:97:3d:88:9b:da:f0:de:5e:5c:5a:e8:0e:
b0:0a:68:c0:30:d7:b0:77:da:60:95:31:c5:67:cd:e8:1c:01:
1e:b4:46:48:ed:32:f4:60:56:5b:f1:16:25:fe:be:a0:2d:7d:
51:31:0b:39:3c:aa:76:8b:4f:07:9f:1e:86:a7:e8:d7:23:9e:
f1:87:b8:59:38:e3:19:84:2b:f6:70:92:18:15:30:ed:0d:f6:
9f:1b:25:6d:66:35:1d:19:52:02:b6:41:a4:67:68:75:22:1f:
d8:a3:de:17:ad:27:ed:ab:31:a9:bc:bb:cd:85:11:8c:e6:85:
a1:fa:13:f4:38:79:23:35:09:6c:9c:22:33:b4:d5:06:0d:f9:
cd:75:aa:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8VMSW82Q2qaHo8qbSB2Hy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDI1MTIxODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTVmN2E4NjJmODlmNzllN2M2ZTQwOTg2MzIwNDNjOWE2ZDQ1NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOI6yyqZPkutMjHVJXAEQlNfv2sT
YZ6x1wJVp8242BWtZPiGmWs9VYofhZOtwq+VJIpvVq/Ehyg3FQadw5e+x2ARRqN/
XFQbYCA4Sb4HFF2kzfAVJiD0ZJ2di9uAaU8M5KFauiUTGDB8kNEPJkTxLOztrXFE
DNCHN5fv46uxnHweUMIEXcp7QnvfCRmg3TkOkvmmHviWuFZNNa36rZU9xymM1Nap
Ww9tH7U4IrIF1jMgS1p6sCR+v+HjN+YD0j/vniWghei8ybZJHNmHs3j4EOmsFsyv
mefLdbd8ZbyK2mfS/SL00hdCyR3LJLxnfWuP7x+YtDOAmN1PNZdke6evEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA5feoYvifeefG5AmGMgQ8mm1FbcMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRGw5NmhpLUo5NTU4YmtDWVl5QkR5YWJVVnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZcDAwQA
khN9MA0GCSqGSIb3DQEBCwUAA4IBAQBK5fwWWGp+gEvGl+PPGku5ssmINb30Dev7
qj2F2Y1UZ0MeB8NarnWe+3HYwU0L2tGHDywdZKQ02RHfTWPfSrKJ3STDDmQBouAg
zpQ2qfG8c+hftC5N+jUroDzLCXxNJ04c0bp3eRb1HapB3N+vVGw18vKXPYib2vDe
Xlxa6A6wCmjAMNewd9pglTHFZ83oHAEetEZI7TL0YFZb8RYl/r6gLX1RMQs5PKp2
i08Hnx6Gp+jXI57xh7hZOOMZhCv2cJIYFTDtDfafGyVtZjUdGVICtkGkZ2h1Ih/Y
o94XrSftqzGpvLvNhRGM5oWh+hP0OHkjNQlsnCIztNUGDfnNdapF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org