Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/haHaGLaAiaj--mGWlsTqApRnsTk.roa
File: haHaGLaAiaj--mGWlsTqApRnsTk.roa (raw, json)
Hash identifier: W2VL3AH7ktkFk8aAdOFLf3y+xtITIvObjywWju41FI0=
Subject key identifier: 85:A1:DA:18:B6:80:89:A8:FE:FA:61:96:96:C4:EA:02:94:67:B1:39
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 0186CC8FFA94139BA32EF483F7DE69946D5B
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/haHaGLaAiaj--mGWlsTqApRnsTk.roa
Signing time: Fri 10 Mar 2023 17:27:13 +0000
ROA not before: Fri 10 Mar 2023 17:27:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.140.211.0/24 maxlen: 24
45.140.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 06:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cc:8f:fa:94:13:9b:a3:2e:f4:83:f7:de:69:94:6d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Mar 10 17:27:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85a1da18b68089a8fefa619696c4ea029467b139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:92:3f:c3:7f:02:02:ec:c8:64:d0:ef:14:
78:36:77:db:5c:ef:32:82:f9:25:79:b1:ac:95:39:
a2:3e:1e:86:9a:0e:44:2f:87:b3:ce:c3:4a:de:a4:
3f:bb:8b:fe:ec:35:fe:75:9e:83:de:5d:ca:f3:3a:
39:bf:7b:90:47:dd:4f:d0:af:cc:5d:1d:26:ed:9a:
85:b8:17:4f:c1:ec:36:4b:54:10:05:21:1d:1f:c4:
b6:d0:41:2e:7d:26:e4:30:31:54:7e:98:15:b0:aa:
e6:d0:ba:77:86:8f:29:52:c0:3b:77:40:3e:c8:5d:
48:ab:23:16:a4:31:46:b5:e6:57:6d:60:31:5a:0e:
d4:69:df:67:71:c5:88:10:9f:dc:ec:e5:bc:d8:f2:
f3:8d:c3:99:cc:60:c0:33:dd:4e:c3:a7:77:90:6f:
20:8a:8b:97:fb:83:f4:93:82:70:b3:37:8f:9d:d3:
4a:9c:a2:04:db:ab:6b:88:a9:89:d2:8f:2b:6f:fe:
d0:4e:bb:e8:b5:bb:c9:04:99:c1:b6:de:cd:3c:ef:
b2:71:14:5b:e0:68:1f:df:15:1d:8d:f6:e8:62:7c:
73:a8:8e:e3:dd:3c:96:b8:90:cb:1b:e0:11:89:0e:
49:d0:bb:d8:03:21:8b:c7:74:3f:da:cb:34:d7:ba:
53:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A1:DA:18:B6:80:89:A8:FE:FA:61:96:96:C4:EA:02:94:67:B1:39
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/haHaGLaAiaj--mGWlsTqApRnsTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.209.0/24
45.140.211.0/24
Signature Algorithm: sha256WithRSAEncryption
71:4d:7a:a3:6f:85:e3:14:91:a1:ad:1d:95:e0:1c:9e:87:3c:
b8:7f:69:d5:24:43:0a:d4:cf:4b:63:03:b5:15:03:f6:87:52:
37:95:d0:6d:85:0e:62:cf:7f:4f:ee:61:1d:f9:a7:4f:b0:1b:
ce:8f:a7:bb:82:c8:96:04:f3:6e:9a:2c:ba:c6:fe:19:eb:4d:
99:a1:8e:74:55:d0:81:20:d4:d4:6b:ff:d7:ca:36:f7:94:78:
18:11:e5:ff:ef:28:ed:d2:e4:0a:0b:c4:e2:09:5e:08:f5:72:
ee:48:3a:3c:25:f9:ea:49:67:3d:ce:be:ac:00:a7:30:83:a3:
cb:d7:b7:95:2b:24:27:a7:25:dc:36:d4:2a:02:e8:1c:f1:b5:
14:fe:bd:7a:9b:ba:13:79:a0:5b:d3:a1:49:b2:70:73:5d:15:
ac:2e:53:c7:84:fc:01:cf:4f:ca:14:77:cd:2f:51:f4:f6:dd:
1a:e3:e5:4b:30:6f:13:77:26:db:72:a3:9a:64:77:72:a1:41:
b7:9c:6b:a0:f5:db:1b:be:17:ac:1f:5a:93:ea:57:74:51:5c:
a7:fd:6b:c4:c5:0d:57:2f:68:74:aa:d8:3b:e6:cb:26:c7:6c:
d7:65:01:85:27:4c:ed:7b:97:ce:43:e6:fc:70:aa:35:1e:5c:
8d:6b:33:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbMj/qUE5ujLvSD995plG1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjMwMzEwMTcyNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWExZGExOGI2ODA4OWE4ZmVmYTYxOTY5NmM0ZWEwMjk0NjdiMTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVmSP8N/AgLsyGTQ7xR4NnfbXO8y
gvklebGslTmiPh6Gmg5EL4ezzsNK3qQ/u4v+7DX+dZ6D3l3K8zo5v3uQR91P0K/M
XR0m7ZqFuBdPwew2S1QQBSEdH8S20EEufSbkMDFUfpgVsKrm0Lp3ho8pUsA7d0A+
yF1IqyMWpDFGteZXbWAxWg7Uad9nccWIEJ/c7OW82PLzjcOZzGDAM91Ow6d3kG8g
iouX+4P0k4JwszePndNKnKIE26triKmJ0o8rb/7QTrvotbvJBJnBtt7NPO+ycRRb
4Ggf3xUdjfboYnxzqI7j3TyWuJDLG+ARiQ5J0LvYAyGLx3Q/2ss017pTsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWh2hi2gImo/vphlpbE6gKUZ7E5MB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvaGFIYUdMYUFpYWotLW1HV2xzVHFBcFJuc1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYzRAwQA
LYzTMA0GCSqGSIb3DQEBCwUAA4IBAQBxTXqjb4XjFJGhrR2V4Byehzy4f2nVJEMK
1M9LYwO1FQP2h1I3ldBthQ5iz39P7mEd+adPsBvOj6e7gsiWBPNumiy6xv4Z602Z
oY50VdCBINTUa//Xyjb3lHgYEeX/7yjt0uQKC8TiCV4I9XLuSDo8JfnqSWc9zr6s
AKcwg6PL17eVKyQnpyXcNtQqAugc8bUU/r16m7oTeaBb06FJsnBzXRWsLlPHhPwB
z0/KFHfNL1H09t0a4+VLMG8TdybbcqOaZHdyoUG3nGug9dsbvhesH1qT6ld0UVyn
/WvExQ1XL2h0qtg75ssmx2zXZQGFJ0zte5fOQ+b8cKo1HlyNazOV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:57 2024 by rpki-client on console-ams.rpki-client.org