Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WmSuQ6qzxHwqNNZ861qaIx9rAE8.roa
File: WmSuQ6qzxHwqNNZ861qaIx9rAE8.roa (raw, json)
Hash identifier: U40JW75VKwcMXTot5jVoS05TgZjCieE/0v1U0NhrC4w=
Subject key identifier: 5A:64:AE:43:AA:B3:C4:7C:2A:34:D6:7C:EB:5A:9A:23:1F:6B:00:4F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F41FE98A7F1B0E158486ADF7CB739
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WmSuQ6qzxHwqNNZ861qaIx9rAE8.roa
Signing time: Tue 02 Jan 2024 04:29:43 +0000
ROA not before: Tue 02 Jan 2024 04:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 45.144.213.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 18:19:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:41:fe:98:a7:f1:b0:e1:58:48:6a:df:7c:b7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a64ae43aab3c47c2a34d67ceb5a9a231f6b004f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:81:58:43:98:7d:08:bf:25:d2:0c:c8:fa:0a:
3d:86:b9:9b:4b:2b:45:41:a2:b9:4b:5e:77:68:ed:
99:39:de:d8:a0:7a:3d:30:ba:18:6d:95:bf:32:34:
42:ca:82:23:7f:61:a5:e7:a6:16:5d:24:50:c6:56:
78:74:86:0a:5d:2b:55:22:35:5a:6e:f9:5e:df:9c:
71:4e:bb:65:2e:d4:da:1b:cd:4c:7e:85:6b:77:f5:
00:d5:60:e0:8b:9e:e5:41:e4:75:80:54:d7:a6:cf:
d7:ae:32:e9:86:85:a9:e3:29:8b:1e:45:af:c2:4b:
d4:6c:76:3f:a7:43:88:c8:31:f8:7b:5f:ee:b3:af:
1b:6e:b5:0c:06:25:3f:2a:fb:bc:03:5e:0d:cc:14:
c1:5e:5d:82:bc:1a:7d:6c:1b:fd:41:61:d2:9a:ae:
23:2a:86:d7:23:d2:2b:34:bf:39:a8:8d:85:20:3c:
a9:de:4d:50:a5:e6:3e:00:aa:0d:8c:31:4e:44:a9:
fa:78:42:cc:3c:dd:de:76:e8:ed:ee:d5:5a:fe:f8:
8a:cd:8a:cf:7a:a9:99:8d:11:22:45:c1:43:ab:90:
34:1b:ae:e3:fa:cf:30:a0:a0:87:81:17:a4:13:cc:
c3:0c:b7:e4:f7:ac:e3:c4:bc:9a:04:66:e4:18:98:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:64:AE:43:AA:B3:C4:7C:2A:34:D6:7C:EB:5A:9A:23:1F:6B:00:4F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/WmSuQ6qzxHwqNNZ861qaIx9rAE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.183.0/24
45.144.213.0-45.144.214.255
Signature Algorithm: sha256WithRSAEncryption
8f:ab:7c:a3:9b:89:56:13:ad:68:04:21:f6:01:e6:3d:f3:4b:
82:6b:7c:3b:46:58:8c:f2:4b:29:01:45:03:49:b1:c1:95:e0:
59:71:d8:81:94:3f:c9:6b:0b:98:db:8d:08:ee:2a:d1:50:a0:
57:2d:1d:94:5f:b1:97:67:0c:fe:5f:66:38:3f:65:0d:a1:4f:
10:74:dc:17:e8:f0:c3:c0:02:93:17:a6:9f:5c:96:c0:6e:0e:
6d:fc:0d:fc:07:25:89:63:ec:ec:23:3d:7b:5c:2f:90:72:be:
a7:7c:59:2c:e4:5d:44:40:2a:4a:77:f3:96:47:36:9e:b5:9d:
60:8d:7a:4f:a8:6b:03:ea:b1:2e:ac:03:8f:e8:f6:dd:cf:88:
b9:ea:a2:2d:d9:b1:5b:c5:4e:05:10:25:5d:9a:e2:89:17:c9:
57:de:9d:65:5f:ca:9a:f7:78:3a:af:3e:16:38:a3:85:d7:18:
70:7b:94:cc:3e:a0:51:c7:af:3a:f3:76:e8:48:46:78:06:1a:
5e:37:30:47:71:a0:e0:9c:bb:53:9b:3f:32:b8:93:71:1c:d5:
bb:ae:bb:77:21:95:16:cf:35:ca:c4:36:4d:5a:3a:41:75:8d:
ae:40:40:cb:d4:4b:89:a3:40:9f:af:69:7d:eb:53:ea:ea:65:
66:40:64:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIb0H+mKfxsOFYSGrffLc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY0YWU0M2FhYjNjNDdjMmEzNGQ2N2NlYjVhOWEyMzFmNmIwMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4FYQ5h9CL8l0gzI+go9hrmbSytF
QaK5S153aO2ZOd7YoHo9MLoYbZW/MjRCyoIjf2Gl56YWXSRQxlZ4dIYKXStVIjVa
bvle35xxTrtlLtTaG81MfoVrd/UA1WDgi57lQeR1gFTXps/XrjLphoWp4ymLHkWv
wkvUbHY/p0OIyDH4e1/us68bbrUMBiU/Kvu8A14NzBTBXl2CvBp9bBv9QWHSmq4j
KobXI9IrNL85qI2FIDyp3k1QpeY+AKoNjDFORKn6eELMPN3edujt7tVa/viKzYrP
eqmZjREiRcFDq5A0G67j+s8woKCHgRekE8zDDLfk96zjxLyaBGbkGJitkQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFpkrkOqs8R8KjTWfOtamiMfawBPMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvV21TdVE2cXp4SHdxTk5aODYxcWFJeDlyQUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALYq3MAwD
BAAtkNUDBAAtkNYwDQYJKoZIhvcNAQELBQADggEBAI+rfKObiVYTrWgEIfYB5j3z
S4JrfDtGWIzySykBRQNJscGV4Flx2IGUP8lrC5jbjQjuKtFQoFctHZRfsZdnDP5f
Zjg/ZQ2hTxB03Bfo8MPAApMXpp9clsBuDm38DfwHJYlj7OwjPXtcL5Byvqd8WSzk
XURAKkp385ZHNp61nWCNek+oawPqsS6sA4/o9t3PiLnqoi3ZsVvFTgUQJV2a4okX
yVfenWVfypr3eDqvPhY4o4XXGHB7lMw+oFHHrzrzduhIRngGGl43MEdxoOCcu1Ob
PzK4k3Ec1buuu3chlRbPNcrENk1aOkF1ja5AQMvUS4mjQJ+vaX3rU+rqZWZAZB4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:31 2024 by rpki-client on console-fra.rpki-client.org