Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OHxLGKAIF4Q_xTRnNLCNKzw2Vdg.roa
File: OHxLGKAIF4Q_xTRnNLCNKzw2Vdg.roa (raw, json)
Hash identifier: LPoNTeJ7KhMlB5/E4I//KZKGTgmmDsBl5jVOlUnkNIA=
Subject key identifier: 38:7C:4B:18:A0:08:17:84:3F:C5:34:67:34:B0:8D:2B:3C:36:55:D8
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018D61F842138AAE822B4653B0FC804ED6A1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OHxLGKAIF4Q_xTRnNLCNKzw2Vdg.roa
Signing time: Thu 01 Feb 2024 00:01:16 +0000
ROA not before: Thu 01 Feb 2024 00:01:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.81.114.0/24 maxlen: 24
45.144.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:55:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:61:f8:42:13:8a:ae:82:2b:46:53:b0:fc:80:4e:d6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Feb 1 00:01:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=387c4b18a00817843fc5346734b08d2b3c3655d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ae:c5:dd:fa:ad:72:f1:d1:13:a2:0f:fc:70:
4e:6e:77:d9:69:e7:4a:b0:a3:ca:12:27:9c:b2:2e:
a9:3e:a9:dc:04:0f:eb:20:d2:2c:ce:65:96:21:e9:
a8:8f:19:4f:93:ea:88:12:17:8f:92:4b:75:1b:72:
ae:32:05:7e:f3:f7:d5:50:ac:d2:42:97:56:30:28:
24:93:fe:89:9c:44:c4:43:bc:f6:3d:52:84:97:02:
71:ed:47:0e:84:43:cc:e2:ee:4f:78:8c:ec:85:9b:
22:56:5e:2a:22:45:28:be:18:77:d5:da:de:16:16:
62:b2:2c:dc:d8:09:a4:ed:96:b4:88:55:f6:da:e4:
e4:4f:ca:ed:ef:7e:f8:89:d1:8c:ea:10:03:46:67:
69:f0:b1:91:dc:ae:b6:31:e2:a5:2c:31:91:07:9c:
47:58:c0:5f:0a:9b:1c:dd:7e:e7:1a:63:7b:b7:97:
83:29:3d:43:de:68:cf:dc:55:79:ac:c3:16:13:dc:
93:ad:2d:67:39:b7:1d:f0:af:02:b3:9c:db:e2:cc:
bf:47:5b:69:bf:51:18:7a:45:93:dc:e8:a2:b8:7e:
f6:80:ea:b4:69:de:c0:7c:34:e6:c2:7d:83:14:a4:
d2:46:ab:18:ac:c9:01:45:f6:d1:24:97:40:9f:1c:
1c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7C:4B:18:A0:08:17:84:3F:C5:34:67:34:B0:8D:2B:3C:36:55:D8
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/OHxLGKAIF4Q_xTRnNLCNKzw2Vdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.114.0/24
45.144.215.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:0a:b1:4b:8f:e6:bb:e3:a9:d3:23:9b:03:9b:9c:e6:ab:1b:
d2:de:d7:0b:b8:93:c4:90:47:24:60:a0:bb:0e:2d:7a:38:28:
a1:7b:85:16:2f:46:ad:38:55:95:6c:e7:0d:f9:14:0b:3a:f1:
a1:18:f5:05:e5:38:8e:0d:27:a1:e9:8e:9e:6a:c1:23:c1:2d:
14:3a:e7:24:d2:de:77:cb:f7:95:47:1a:88:95:df:4e:55:63:
9f:9b:70:97:2d:2b:d5:cc:1b:28:9d:96:70:42:22:89:4a:cf:
3c:5e:c1:af:05:f6:1b:3b:d7:63:91:aa:91:96:dd:d7:97:cb:
9b:49:f9:cb:db:9b:9e:d1:f4:1d:5e:76:69:21:e7:f7:96:1b:
46:c5:ae:22:f7:e9:54:b7:d9:c5:4e:f5:0d:bd:8a:9f:89:27:
5a:0f:68:d1:4e:61:50:d0:34:f4:09:8a:31:db:03:52:ab:28:
d7:cf:7b:c1:40:41:e4:e6:ac:2b:f2:ed:5a:94:91:5c:ec:0f:
8b:cf:f7:e4:20:84:c4:20:15:7d:4f:04:94:1e:1b:8b:bb:a8:
73:d4:3b:9a:ff:57:f6:c7:65:75:5c:ce:24:d6:11:69:4b:68:
cf:4d:37:9d:f9:20:03:ea:47:cd:0c:b8:9e:e1:2b:cb:0e:43:
4c:3d:2f:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1h+EITiq6CK0ZTsPyATtahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMjAxMDAwMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdjNGIxOGEwMDgxNzg0M2ZjNTM0NjczNGIwOGQyYjNjMzY1NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa7F3fqtcvHRE6IP/HBObnfZaedK
sKPKEiecsi6pPqncBA/rINIszmWWIemojxlPk+qIEhePkkt1G3KuMgV+8/fVUKzS
QpdWMCgkk/6JnETEQ7z2PVKElwJx7UcOhEPM4u5PeIzshZsiVl4qIkUovhh31dre
FhZisizc2Amk7Za0iFX22uTkT8rt7374idGM6hADRmdp8LGR3K62MeKlLDGRB5xH
WMBfCpsc3X7nGmN7t5eDKT1D3mjP3FV5rMMWE9yTrS1nObcd8K8Cs5zb4sy/R1tp
v1EYekWT3OiiuH72gOq0ad7AfDTmwn2DFKTSRqsYrMkBRfbRJJdAnxwcFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDh8SxigCBeEP8U0ZzSwjSs8NlXYMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvT0h4TEdLQUlGNFFfeFRSbk5MQ05LencyVmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVFyAwQA
LZDXMA0GCSqGSIb3DQEBCwUAA4IBAQCwCrFLj+a746nTI5sDm5zmqxvS3tcLuJPE
kEckYKC7Di16OCihe4UWL0atOFWVbOcN+RQLOvGhGPUF5TiODSeh6Y6easEjwS0U
Ouck0t53y/eVRxqIld9OVWOfm3CXLSvVzBsonZZwQiKJSs88XsGvBfYbO9djkaqR
lt3Xl8ubSfnL25ue0fQdXnZpIef3lhtGxa4i9+lUt9nFTvUNvYqfiSdaD2jRTmFQ
0DT0CYox2wNSqyjXz3vBQEHk5qwr8u1alJFc7A+Lz/fkIITEIBV9TwSUHhuLu6hz
1Dua/1f2x2V1XM4k1hFpS2jPTTed+SAD6kfNDLie4SvLDkNMPS8z
-----END CERTIFICATE-----
Generated at Fri Feb 9 18:37:58 2024 by rpki-client on console-fra.rpki-client.org