Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cIG7C7NmU-AYHqqJiHLWCObUiKI.roa
File: cIG7C7NmU-AYHqqJiHLWCObUiKI.roa (raw, json)
Hash identifier: LUCC7sMImWnM5JDgsci+ZL34fim46r4PkpjJc6I49zc=
Subject key identifier: 70:81:BB:0B:B3:66:53:E0:18:1E:AA:89:88:72:D6:08:E6:D4:88:A2
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CF8B32BDD855B2C4BC8748EEC8AC6E265
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cIG7C7NmU-AYHqqJiHLWCObUiKI.roa
Signing time: Thu 11 Jan 2024 13:25:40 +0000
ROA not before: Thu 11 Jan 2024 13:25:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 45.144.213.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 22:36:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:b3:2b:dd:85:5b:2c:4b:c8:74:8e:ec:8a:c6:e2:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 11 13:25:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7081bb0bb36653e0181eaa898872d608e6d488a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:20:7a:8f:07:42:9c:84:99:c4:78:44:05:
91:5a:75:8e:14:53:b2:98:ea:04:ef:22:3f:68:77:
8d:d1:ff:94:07:df:ea:e4:08:5d:3f:a4:cf:d5:6b:
37:51:fb:f9:dd:c1:71:a1:8e:be:94:20:82:64:66:
d0:62:c3:e7:99:4b:92:6a:b1:84:e3:10:0f:ac:2b:
79:15:49:73:b4:d0:1b:b4:0c:2f:6d:85:27:81:57:
27:0c:08:11:1e:2b:6c:96:f9:67:3a:dc:df:cc:aa:
e6:fa:83:85:45:76:c2:99:26:1f:00:c4:6c:c1:2a:
a0:d2:40:e7:db:21:2f:ca:d5:47:02:ab:99:8c:09:
6d:5a:a3:b5:f4:34:99:3d:e6:ce:73:00:ee:3a:b2:
3e:47:d2:c8:9f:7c:fd:02:e9:e8:62:fb:b4:7c:9d:
c8:63:b6:b3:a6:0f:ba:91:73:36:a6:88:30:87:0b:
bc:4a:07:2f:5d:4c:4b:e8:ba:d7:ed:eb:7d:d3:ac:
df:7f:bf:6b:87:b5:99:07:84:13:48:50:d1:7d:69:
c6:51:99:e6:45:51:dd:08:a3:9f:ab:16:c7:af:d1:
be:f2:a3:9d:cb:d6:dc:83:59:2c:a7:62:34:d6:28:
9d:60:45:dd:5f:a5:9b:73:0f:25:60:8d:79:a7:dd:
a2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:81:BB:0B:B3:66:53:E0:18:1E:AA:89:88:72:D6:08:E6:D4:88:A2
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/cIG7C7NmU-AYHqqJiHLWCObUiKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.183.0/24
45.144.213.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:2c:bb:e7:12:78:16:8a:a3:07:3d:6e:0d:a7:db:18:db:c1:
08:48:71:0b:74:5b:ec:05:52:a5:58:44:9d:c6:47:6a:68:ad:
b0:8b:61:2f:ae:c9:12:8c:80:14:42:9d:69:e0:85:52:65:7b:
89:52:8c:ac:5f:4f:fb:35:c9:a4:36:fa:d8:11:5d:28:f2:74:
76:bf:69:0f:90:90:cd:c3:22:b1:0b:ec:da:2c:8c:c1:b7:bc:
1b:6a:a4:e0:57:1d:36:d8:2a:9e:b5:fb:21:f4:4a:14:ef:34:
7b:1d:bb:71:4e:b2:ab:9e:89:01:e1:b4:c8:9d:0d:40:c6:fd:
bf:ae:b6:1c:3c:a1:dc:11:39:f2:09:7a:80:74:5c:3e:7a:b6:
fc:eb:40:cf:68:55:64:b1:27:2c:12:d6:33:b5:2a:dd:2c:15:
9a:a7:2e:5a:7c:62:37:09:95:b5:5f:86:d7:0f:91:b2:a6:32:
99:3c:d9:9e:15:26:ba:32:b8:89:07:0b:70:49:f6:5d:15:d6:
48:a5:19:2a:63:5a:ae:f9:36:b7:3a:12:93:b2:fc:af:a6:fd:
fa:ce:16:76:c1:28:70:12:5f:b6:54:5c:d3:c9:4c:db:96:43:
8a:6e:70:54:ba:a6:04:03:29:cd:81:0e:b6:56:8c:f9:30:99:
52:d9:6f:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz4syvdhVssS8h0juyKxuJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTExMTMyNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgxYmIwYmIzNjY1M2UwMTgxZWFhODk4ODcyZDYwOGU2ZDQ4OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOwgeo8HQpyEmcR4RAWRWnWOFFOy
mOoE7yI/aHeN0f+UB9/q5AhdP6TP1Ws3Ufv53cFxoY6+lCCCZGbQYsPnmUuSarGE
4xAPrCt5FUlztNAbtAwvbYUngVcnDAgRHitslvlnOtzfzKrm+oOFRXbCmSYfAMRs
wSqg0kDn2yEvytVHAquZjAltWqO19DSZPebOcwDuOrI+R9LIn3z9AunoYvu0fJ3I
Y7azpg+6kXM2pogwhwu8SgcvXUxL6LrX7et906zff79rh7WZB4QTSFDRfWnGUZnm
RVHdCKOfqxbHr9G+8qOdy9bcg1ksp2I01iidYEXdX6Wbcw8lYI15p92iaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCBuwuzZlPgGB6qiYhy1gjm1IiiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvY0lHN0M3Tm1VLUFZSHFxSmlITFdDT2JVaUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYq3AwQA
LZDVMA0GCSqGSIb3DQEBCwUAA4IBAQCoLLvnEngWiqMHPW4Np9sY28EISHELdFvs
BVKlWESdxkdqaK2wi2EvrskSjIAUQp1p4IVSZXuJUoysX0/7NcmkNvrYEV0o8nR2
v2kPkJDNwyKxC+zaLIzBt7wbaqTgVx022Cqetfsh9EoU7zR7HbtxTrKrnokB4bTI
nQ1Axv2/rrYcPKHcETnyCXqAdFw+erb860DPaFVksScsEtYztSrdLBWapy5afGI3
CZW1X4bXD5GypjKZPNmeFSa6MriJBwtwSfZdFdZIpRkqY1qu+Ta3OhKTsvyvpv36
zhZ2wShwEl+2VFzTyUzblkOKbnBUuqYEAynNgQ62Voz5MJlS2W+h
-----END CERTIFICATE-----
Generated at Sun Jan 14 03:00:28 2024 by rpki-client on console-fra.rpki-client.org