Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/HAYcrIN7ajtrDip3iApbhc1YBGY.roa
File: HAYcrIN7ajtrDip3iApbhc1YBGY.roa (raw, json)
Hash identifier: MYxe2npVYSq5akX0XVbvHh3duyd+CM7nWpz4i9Fya8c=
Subject key identifier: 1C:06:1C:AC:83:7B:6A:3B:6B:0E:2A:77:88:0A:5B:85:CD:58:04:66
Certificate issuer: /CN=121a37282dd992d88658160559e048392798c84b
Certificate serial: 018E1E60E407CB2A8992E31E43919E6A874E
Authority key identifier: 12:1A:37:28:2D:D9:92:D8:86:58:16:05:59:E0:48:39:27:98:C8:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eho3KC3ZktiGWBYFWeBIOSeYyEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/HAYcrIN7ajtrDip3iApbhc1YBGY.roa
Signing time: Fri 08 Mar 2024 14:04:10 +0000
ROA not before: Fri 08 Mar 2024 14:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44092
IP address blocks: 45.13.128.0/24 maxlen: 24
45.13.129.0/24 maxlen: 24
45.13.130.0/24 maxlen: 24
45.13.131.0/24 maxlen: 24
185.149.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 08:37:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:60:e4:07:cb:2a:89:92:e3:1e:43:91:9e:6a:87:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=121a37282dd992d88658160559e048392798c84b
Validity
Not Before: Mar 8 14:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c061cac837b6a3b6b0e2a77880a5b85cd580466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e3:ec:c5:3d:ba:2a:16:40:8f:cb:0d:33:98:
32:20:da:3b:d2:f3:e0:c2:8e:a4:bf:16:46:9a:7f:
77:95:3c:20:b2:8c:6e:92:0c:38:68:74:5c:ee:17:
0c:84:42:fa:37:8d:d2:4e:ca:dc:11:83:10:1b:ed:
44:19:a9:70:3c:10:ae:ba:61:d5:e9:c5:3c:f2:82:
33:68:77:3e:8a:3f:b2:03:4d:3e:80:aa:86:28:9b:
8d:b3:90:ce:d6:dc:19:cf:57:69:ca:8f:96:33:f2:
67:3b:9b:f1:c6:90:79:d6:43:33:82:62:c4:15:e5:
9a:59:ef:4f:ec:4a:4e:ee:54:ed:ba:3c:c3:58:b1:
14:c3:6e:d5:13:e7:08:e0:03:f5:aa:02:23:01:c4:
46:1a:82:12:38:18:f5:62:6c:73:87:5d:dc:c6:16:
ae:b5:a9:6a:42:8d:17:a3:19:ca:3f:76:dc:5d:be:
67:59:c9:31:cf:5b:77:68:a4:8c:32:fc:b2:d8:75:
de:ad:0d:4b:74:b3:ae:79:bd:63:5c:56:73:05:22:
31:6e:a1:11:e0:fe:32:9c:42:48:84:9a:b1:0b:37:
49:86:12:ab:60:47:45:66:fc:eb:68:b3:05:a0:fc:
28:20:10:57:1d:98:92:5b:1e:cd:24:f1:36:8c:b6:
a5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:06:1C:AC:83:7B:6A:3B:6B:0E:2A:77:88:0A:5B:85:CD:58:04:66
X509v3 Authority Key Identifier:
keyid:12:1A:37:28:2D:D9:92:D8:86:58:16:05:59:E0:48:39:27:98:C8:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eho3KC3ZktiGWBYFWeBIOSeYyEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/HAYcrIN7ajtrDip3iApbhc1YBGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/fed131-f9d7-41b2-b8bc-082b1f7f0db2/1/Eho3KC3ZktiGWBYFWeBIOSeYyEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.128.0/22
185.149.35.0/24
Signature Algorithm: sha256WithRSAEncryption
17:81:51:c4:72:55:6e:28:fa:ab:06:21:e5:f4:0f:64:12:22:
8b:5e:70:c7:98:56:c6:dc:64:cb:85:cd:70:c3:d2:08:26:43:
e5:24:f6:0e:56:96:d1:6d:a6:97:4e:c7:e0:c3:11:47:1e:78:
d4:d6:dc:5e:19:fc:02:23:77:b2:6e:04:54:66:96:f6:ab:6c:
bd:95:e4:51:d8:5a:39:38:d8:5a:df:f7:26:1e:d7:a2:0a:82:
30:fa:86:01:b5:4f:ee:0e:6c:b6:aa:05:35:7e:b7:34:3e:3c:
b3:66:ce:17:a4:40:8e:92:ef:52:c3:1d:93:9a:4b:a3:9e:92:
31:1a:d9:9d:e2:af:21:f8:4a:89:71:93:04:12:7d:3b:3c:72:
be:d0:3d:0b:b3:90:a7:1a:3b:24:e5:18:5b:11:f5:42:79:b5:
c6:98:4a:0a:b6:7f:1c:33:9b:f4:23:c7:33:b3:ae:5b:b0:a2:
04:48:69:42:7e:2d:56:6c:4a:7c:3e:8b:0d:b4:8a:ec:d2:93:
dd:c4:c1:e0:8a:f3:46:e0:1c:9a:e0:a4:73:9d:3b:07:ec:7b:
4e:39:a2:56:67:1b:69:4a:9c:cc:70:1e:fe:45:1d:36:f1:6a:
5d:5c:56:69:d3:cd:a6:99:b6:7f:bf:e0:bb:92:e3:07:82:0b:
e5:9e:79:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4eYOQHyyqJkuMeQ5GeaodOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMWEzNzI4MmRkOTkyZDg4NjU4MTYwNTU5ZTA0ODM5Mjc5
OGM4NGIwHhcNMjQwMzA4MTQwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzA2MWNhYzgzN2I2YTNiNmIwZTJhNzc4ODBhNWI4NWNkNTgwNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ePsxT26KhZAj8sNM5gyINo70vPg
wo6kvxZGmn93lTwgsoxukgw4aHRc7hcMhEL6N43STsrcEYMQG+1EGalwPBCuumHV
6cU88oIzaHc+ij+yA00+gKqGKJuNs5DO1twZz1dpyo+WM/JnO5vxxpB51kMzgmLE
FeWaWe9P7EpO7lTtujzDWLEUw27VE+cI4AP1qgIjAcRGGoISOBj1Ymxzh13cxhau
talqQo0XoxnKP3bcXb5nWckxz1t3aKSMMvyy2HXerQ1LdLOueb1jXFZzBSIxbqER
4P4ynEJIhJqxCzdJhhKrYEdFZvzraLMFoPwoIBBXHZiSWx7NJPE2jLal0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBwGHKyDe2o7aw4qd4gKW4XNWARmMB8GA1UdIwQY
MBaAFBIaNygt2ZLYhlgWBVngSDknmMhLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhvM0tDM1prdGlHV0JZRldlQklPU2VZeUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mZWQxMzEtZjlkNy00MWIyLWI4YmMt
MDgyYjFmN2YwZGIyLzEvSEFZY3JJTjdhanRyRGlwM2lBcGJoYzFZQkdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mZWQxMzEtZjlkNy00MWIyLWI4YmMtMDgyYjFmN2YwZGIy
LzEvRWhvM0tDM1prdGlHV0JZRldlQklPU2VZeUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQ2AAwQA
uZUjMA0GCSqGSIb3DQEBCwUAA4IBAQAXgVHEclVuKPqrBiHl9A9kEiKLXnDHmFbG
3GTLhc1ww9IIJkPlJPYOVpbRbaaXTsfgwxFHHnjU1txeGfwCI3eybgRUZpb2q2y9
leRR2Fo5ONha3/cmHteiCoIw+oYBtU/uDmy2qgU1frc0PjyzZs4XpECOku9Swx2T
mkujnpIxGtmd4q8h+EqJcZMEEn07PHK+0D0Ls5CnGjsk5RhbEfVCebXGmEoKtn8c
M5v0I8czs65bsKIESGlCfi1WbEp8PosNtIrs0pPdxMHgivNG4Bya4KRznTsH7HtO
OaJWZxtpSpzMcB7+RR028WpdXFZp082mmbZ/v+C7kuMHggvlnnll
-----END CERTIFICATE-----
Generated at Mon Mar 11 12:10:45 2024 by rpki-client on console-ams.rpki-client.org