Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pCEB6w7RZqYjF0qSj0gV81GNzoc.roa
File: pCEB6w7RZqYjF0qSj0gV81GNzoc.roa (raw, json)
Hash identifier: 94XrgBVHAV6E8OvNR/d3PlPNJsEFJlfBEmrtIUjYths=
Subject key identifier: A4:21:01:EB:0E:D1:66:A6:23:17:4A:92:8F:48:15:F3:51:8D:CE:87
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CF4AFF247292FB8EBD85D4EFD200CA09B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pCEB6w7RZqYjF0qSj0gV81GNzoc.roa
Signing time: Wed 10 Jan 2024 18:43:40 +0000
ROA not before: Wed 10 Jan 2024 18:43:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 45.144.213.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 13:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f4:af:f2:47:29:2f:b8:eb:d8:5d:4e:fd:20:0c:a0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 10 18:43:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a42101eb0ed166a623174a928f4815f3518dce87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2c:5a:de:02:81:c9:a9:3e:43:2d:ce:98:96:
31:7b:4c:41:d4:9c:77:ae:66:96:e9:de:2e:69:c9:
28:89:64:1d:24:23:13:45:62:d5:90:2a:38:da:ae:
26:d0:24:6f:89:93:e8:77:cb:09:01:b9:71:1a:42:
1c:c0:e9:36:40:45:e5:1b:cb:87:bd:1f:92:7a:0a:
b1:a7:05:6a:66:e8:a4:2a:df:30:9b:d5:eb:29:36:
54:c4:59:83:19:f7:5b:dc:83:23:4b:f3:67:c0:5e:
b5:28:2d:8a:b7:b0:72:14:0b:66:67:d1:1a:5e:90:
ab:ec:f4:df:8a:48:21:07:83:fd:45:81:db:9c:b7:
6c:c2:77:75:b1:d0:0f:c7:bb:41:72:e3:2d:0f:a4:
7e:c3:2a:7f:13:19:ac:9f:b6:32:fa:37:85:33:a3:
4a:f2:2b:09:60:1b:d0:d7:28:b4:6c:6e:db:01:01:
46:95:8d:73:8a:ce:88:df:8f:18:0b:19:9c:33:96:
60:fa:a8:8a:9f:c6:ad:62:aa:d0:7d:03:d8:86:20:
5a:99:d6:81:5c:dc:18:3e:ee:65:9b:c2:88:33:5e:
3f:2c:76:c9:1e:e4:f1:0a:c0:23:6c:37:df:7b:dc:
eb:93:cb:a6:7e:57:76:37:12:cf:2d:65:a2:c9:a1:
0a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:21:01:EB:0E:D1:66:A6:23:17:4A:92:8F:48:15:F3:51:8D:CE:87
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/pCEB6w7RZqYjF0qSj0gV81GNzoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.183.0/24
45.144.213.0-45.144.214.255
Signature Algorithm: sha256WithRSAEncryption
2f:f8:94:4f:68:9b:7a:8c:3a:58:91:d1:44:f7:ac:12:c1:08:
b9:1d:b8:f2:b7:f1:45:b3:98:11:93:18:36:6c:dd:44:64:a0:
e5:d6:84:c6:bb:30:99:7d:75:b6:cf:62:bf:59:65:89:45:ec:
6e:d5:67:e1:04:1f:50:7a:99:56:5d:43:47:9e:65:12:3b:00:
33:cd:1c:aa:c8:2e:42:32:24:73:b2:82:28:4c:11:df:58:9a:
35:e0:df:1b:8c:ef:2e:a2:85:33:83:a6:fa:b3:fa:ba:b8:0b:
6a:22:15:d9:52:9b:40:93:a9:a5:7b:d6:98:13:57:27:82:7b:
fd:b5:df:d4:7c:a4:19:48:78:1c:7d:77:7c:5b:08:e7:37:86:
51:ce:66:2f:72:49:fa:39:64:40:43:be:fd:99:91:89:d1:1c:
97:e3:f4:69:93:ca:17:b3:22:cb:e5:b7:00:f7:b6:8b:83:0f:
29:ad:a2:17:22:a5:f2:d5:e9:11:e9:5f:53:f5:06:7b:33:a1:
98:c1:d9:11:cf:a1:58:f0:b3:a2:69:60:6b:e0:35:7e:98:18:
1b:57:60:6a:d9:1b:92:46:da:10:b1:63:52:87:fb:0a:29:81:
3e:66:9e:3d:1c:f9:21:4b:90:ad:c0:01:6f:bd:12:45:4b:d2:
7a:f4:0c:00
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYz0r/JHKS+469hdTv0gDKCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTEwMTg0MzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDIxMDFlYjBlZDE2NmE2MjMxNzRhOTI4ZjQ4MTVmMzUxOGRjZTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCxa3gKByak+Qy3OmJYxe0xB1Jx3
rmaW6d4uackoiWQdJCMTRWLVkCo42q4m0CRviZPod8sJAblxGkIcwOk2QEXlG8uH
vR+SegqxpwVqZuikKt8wm9XrKTZUxFmDGfdb3IMjS/NnwF61KC2Kt7ByFAtmZ9Ea
XpCr7PTfikghB4P9RYHbnLdswnd1sdAPx7tBcuMtD6R+wyp/Exmsn7Yy+jeFM6NK
8isJYBvQ1yi0bG7bAQFGlY1zis6I348YCxmcM5Zg+qiKn8atYqrQfQPYhiBamdaB
XNwYPu5lm8KIM14/LHbJHuTxCsAjbDffe9zrk8umfld2NxLPLWWiyaEKpwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKQhAesO0WamIxdKko9IFfNRjc6HMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvcENFQjZ3N1JacVlqRjBxU2owZ1Y4MUdOem9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQALYq3MAwD
BAAtkNUDBAAtkNYwDQYJKoZIhvcNAQELBQADggEBAC/4lE9om3qMOliR0UT3rBLB
CLkduPK38UWzmBGTGDZs3URkoOXWhMa7MJl9dbbPYr9ZZYlF7G7VZ+EEH1B6mVZd
Q0eeZRI7ADPNHKrILkIyJHOygihMEd9YmjXg3xuM7y6ihTODpvqz+rq4C2oiFdlS
m0CTqaV71pgTVyeCe/2139R8pBlIeBx9d3xbCOc3hlHOZi9ySfo5ZEBDvv2ZkYnR
HJfj9GmTyhezIsvltwD3touDDymtohcipfLV6RHpX1P1BnszoZjB2RHPoVjws6Jp
YGvgNX6YGBtXYGrZG5JG2hCxY1KH+wopgT5mnj0c+SFLkK3AAW+9EkVL0nr0DAA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org