Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/aDoXa4LxX0PfBS7sO2S_V9CZPF0.roa
File: aDoXa4LxX0PfBS7sO2S_V9CZPF0.roa (raw, json)
Hash identifier: Urz1QbLr/zc70/tF9SVCHPwAoU7pVO8nnkQ6Z5OULPs=
Subject key identifier: 68:3A:17:6B:82:F1:5F:43:DF:05:2E:EC:3B:64:BF:57:D0:99:3C:5D
Certificate issuer: /CN=3de2681dda00702a7597a71257e14f7a725e890e
Certificate serial: 01856C00FDFAAF551AC01A8D73E81E00AAF4
Authority key identifier: 3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/aDoXa4LxX0PfBS7sO2S_V9CZPF0.roa
Signing time: Sun 01 Jan 2023 06:24:42 +0000
ROA not before: Sun 01 Jan 2023 06:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50799
IP address blocks: 145.43.249.0/24 maxlen: 24
145.43.248.0/24 maxlen: 24
145.43.250.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:00:fd:fa:af:55:1a:c0:1a:8d:73:e8:1e:00:aa:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3de2681dda00702a7597a71257e14f7a725e890e
Validity
Not Before: Jan 1 06:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=683a176b82f15f43df052eec3b64bf57d0993c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:54:7f:a9:04:bf:27:cf:11:8a:3f:a0:b5:
e4:ef:f5:12:cf:ca:0f:e3:3b:77:a5:e3:7f:b4:82:
85:10:02:fe:07:fe:7e:91:d6:c8:79:f5:59:af:70:
3f:05:ae:96:4d:4b:d6:15:c3:2b:0b:42:f6:47:7e:
ee:a6:ec:9f:1e:28:2b:fa:48:21:93:42:95:63:83:
51:10:fa:3f:e6:ae:10:a3:4f:e0:7a:d5:9b:2b:dd:
ed:60:46:bd:ba:c8:de:e4:4a:67:1e:de:b7:1e:1b:
8b:1c:c6:2c:8a:d3:7e:7d:e7:ae:bc:92:67:5c:72:
b3:75:97:02:f2:b4:25:b5:d9:15:76:3b:57:6a:ef:
15:c2:7c:38:de:66:d6:55:b8:09:00:dc:ca:81:ea:
e7:70:25:36:c2:95:a1:61:a3:10:99:11:17:d6:6a:
d1:e3:73:52:5d:80:fa:c4:58:39:a1:0d:e7:31:41:
66:2b:bf:cf:45:c4:14:d7:7f:80:95:1b:04:a2:7a:
91:13:5f:e6:fa:b8:cb:d4:6b:27:99:3b:fb:7a:bd:
fe:40:5e:a0:e1:da:d8:e0:d2:d8:5a:d9:5d:7b:45:
35:46:76:13:b6:b4:55:51:b2:ce:f0:cf:85:c5:ed:
e6:7a:d2:47:a6:b4:2b:af:b0:99:e8:ed:a7:dc:21:
65:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3A:17:6B:82:F1:5F:43:DF:05:2E:EC:3B:64:BF:57:D0:99:3C:5D
X509v3 Authority Key Identifier:
keyid:3D:E2:68:1D:DA:00:70:2A:75:97:A7:12:57:E1:4F:7A:72:5E:89:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PeJoHdoAcCp1l6cSV-FPenJeiQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/aDoXa4LxX0PfBS7sO2S_V9CZPF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/36d6e4-8d77-48d5-afb6-e0ac7263db12/1/PeJoHdoAcCp1l6cSV-FPenJeiQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:36:f5:79:66:58:23:43:7a:d9:44:10:0b:fc:72:03:c7:63:
d5:4c:be:4c:2e:e0:61:9a:bd:2c:90:87:51:68:95:cc:04:0b:
93:8c:a4:ff:35:3d:da:9f:2e:07:85:11:36:1d:bc:19:d4:19:
95:ec:41:32:b7:97:e0:ae:59:8d:83:93:75:81:61:d1:78:15:
49:b5:52:b9:03:85:0c:c1:79:9c:cd:09:ee:d5:b9:24:68:e3:
1a:67:4b:b3:fb:b6:b6:79:f2:14:9c:46:94:2d:ed:c2:3a:8e:
58:82:6e:a2:0a:01:ba:3d:4c:33:63:85:c2:3e:a2:a7:7a:27:
77:6b:9e:dd:8e:f5:94:75:c4:25:c8:a3:fa:06:18:1b:8f:ef:
3c:0b:2d:25:ea:53:3b:04:61:82:9c:06:b8:82:fc:03:9c:f6:
30:3f:81:41:69:ab:29:2a:16:e5:0f:29:e7:6a:27:9b:a3:5a:
6a:85:55:d6:07:9b:69:89:c3:57:75:68:da:cc:2e:7c:b3:fb:
d8:a2:fb:cc:f0:1e:97:29:13:26:82:d6:c2:9a:c9:03:29:9f:
35:05:fc:b9:21:4c:00:a0:b6:ab:64:e1:23:5d:63:e4:68:1f:
55:a6:e0:84:0a:76:36:bb:c5:0f:f1:08:bb:ec:fa:ed:ee:98:
6b:b3:33:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsAP36r1UawBqNc+geAKr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZTI2ODFkZGEwMDcwMmE3NTk3YTcxMjU3ZTE0ZjdhNzI1
ZTg5MGUwHhcNMjMwMTAxMDYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNhMTc2YjgyZjE1ZjQzZGYwNTJlZWMzYjY0YmY1N2QwOTkzYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRtUf6kEvyfPEYo/oLXk7/USz8oP
4zt3peN/tIKFEAL+B/5+kdbIefVZr3A/Ba6WTUvWFcMrC0L2R37upuyfHigr+kgh
k0KVY4NREPo/5q4Qo0/getWbK93tYEa9usje5EpnHt63HhuLHMYsitN+feeuvJJn
XHKzdZcC8rQltdkVdjtXau8Vwnw43mbWVbgJANzKgerncCU2wpWhYaMQmREX1mrR
43NSXYD6xFg5oQ3nMUFmK7/PRcQU13+AlRsEonqRE1/m+rjL1GsnmTv7er3+QF6g
4drY4NLYWtlde0U1RnYTtrRVUbLO8M+Fxe3metJHprQrr7CZ6O2n3CFlVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGg6F2uC8V9D3wUu7Dtkv1fQmTxdMB8GA1UdIwQY
MBaAFD3iaB3aAHAqdZenElfhT3pyXokOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYt
ZTBhYzcyNjNkYjEyLzEvYURvWGE0THhYMFBmQlM3c08yU19WOUNaUEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zNmQ2ZTQtOGQ3Ny00OGQ1LWFmYjYtZTBhYzcyNjNkYjEy
LzEvUGVKb0hkb0FjQ3AxbDZjU1YtRlBlbkplaVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkSv4MA0G
CSqGSIb3DQEBCwUAA4IBAQAaNvV5ZlgjQ3rZRBAL/HIDx2PVTL5MLuBhmr0skIdR
aJXMBAuTjKT/NT3any4HhRE2HbwZ1BmV7EEyt5fgrlmNg5N1gWHReBVJtVK5A4UM
wXmczQnu1bkkaOMaZ0uz+7a2efIUnEaULe3COo5Ygm6iCgG6PUwzY4XCPqKneid3
a57djvWUdcQlyKP6Bhgbj+88Cy0l6lM7BGGCnAa4gvwDnPYwP4FBaaspKhblDynn
aiebo1pqhVXWB5tpicNXdWjazC58s/vYovvM8B6XKRMmgtbCmskDKZ81Bfy5IUwA
oLarZOEjXWPkaB9VpuCECnY2u8UP8Qi77Prt7phrszNs
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org